GV.AT-P: Awareness And Training
Description
The organization’s workforce and third parties engaged in data processing are provided privacy awareness education and are trained to perform their privacy-related duties and responsibilities consistent with related policies, processes, procedures, and agreements and organizational privacy values.
Framework Subcategories
GV.AT-P1: The workforce is informed and trained on its roles and responsibilities
[csf.tools Note: Subcategories do not have detailed descriptions.]
GV.AT-P2: Senior executives understand their roles and responsibilities
[csf.tools Note: Subcategories do not have detailed descriptions.] Note: This Privacy Framework Subcategory is identical to the Cybersecurity Framework Subcategory.
GV.AT-P3: Privacy personnel understand their roles and responsibilities
[csf.tools Note: Subcategories do not have detailed descriptions.]
GV.AT-P4: Third parties (e.g., service providers, customers, partners) understand their roles and responsibilities
[csf.tools Note: Subcategories do not have detailed descriptions.]