NIST CSF: PR.AT-2 Subcategory

From NIST's Cyber Security Framework (version 1):

Privileged users understand their roles and responsibilities

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

CSF Mapped to SP800-53 Controls

Generated from NIST's SP800-53/CSF Crosswalk mappings.

Search:

Node
AT-3: Role-based Training
PM-13: Security and Privacy Workforce

Showing 1 to 2 of 2 entries

Related ISO 27001 Controls

Annex A controls from ISO 27001 (2013) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.

Information security roles and responsibilities (6.1.1)
ISO 27001:2013
Information security, awareness, education, and training (7.2.2)
ISO 27001:2013

Related ISA/IEC 62443 Controls

Clauses and controls from IEC 62443 (62443-2-1 and 62443-3-3) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.

Provide training for support personnel (4.3.2.4.3)
ISA/IEC 62443-2-1:2009
Provide procedure and facility training (4.3.2.4.2)
ISA/IEC 62443-2-1:2009

CSF Mapped to the NCSC CAF

Cyber Assessment Framework mappings generated from UK Cabinet Office data.

Search:

Control ID	Name	Description
B6.a	Cyber Security Culture	You develop and pursue a positive cyber security culture.
A4.a	Supply Chain	The organisation understands and manages security risks to networks and information systems supporting the operation of essential functions that arise as a result of dependencies on external suppliers. This includes ensuring that appropriate measures are employed where third party services are used.
B6.b	Cyber Security Training	The people who support the operation of your essential function are appropriately trained in cyber security. A range of approaches to cyber security training, awareness and communications are employed.
A1.b	Roles and Responsibilities	Your organisation has established roles and responsibilities for the security of networks and information systems at all levels, with clear and well-understood channels for communicating and escalating risks.

Showing 1 to 4 of 4 entries

NIST CSF: PR.AT-2 Subcategory

Cyber Threat Graph Context

CSF Mapped to SP800-53 Controls

Related ISO 27001 Controls

Information security roles and responsibilities (6.1.1)

Information security, awareness, education, and training (7.2.2)

Related ISA/IEC 62443 Controls

Provide training for support personnel (4.3.2.4.3)

Provide procedure and facility training (4.3.2.4.2)

CSF Mapped to the NCSC CAF