Content library
Cyber security training
Structured periodic update of cybersecurity training programs
Personnel security
Cyber security training

Structured periodic update of cybersecurity training programs

Start free trial

Task description

Structured periodic update of cybersecurity training programs

The organization must establish a structured process for periodically reviewing, updating, and re-implementing its cybersecurity education and training programs to ensure they remain aligned with current roles, regulatory requirements, threats, and technological developments.

  • Define a scheduled review interval for all cybersecurity training programs.
  • Evaluate whether updates are required based on changes in applicable policies, legal or regulatory requirements.
  • Assess whether changes in assigned roles and responsibilities require updates to role-specific training content.
  • Review known and emerging threats to determine whether additional awareness or technical training is required.
  • Consider technological developments, including new systems, tools, architectures, or digital practices, when updating training materials.
  • Document review outcomes and decisions regarding updates or confirmations of adequacy.
  • Ensure updated training programs are implemented and communicated to relevant personnel.

This ensures that cybersecurity training remains current, role-appropriate, threat-informed, and aligned with regulatory and technological developments.

Requirements connected to the task

No items found.

Other tasks from the same security theme

Task name
Priority
Policy
Other requirements
Staff guidance and training procedure in cyber security
Critical
High
Normal
Low
Cyber security training
128
requirements

Examples of other requirements this task affects

29. Processing under the authority of the controller or processor
GDPR
32. Security of processing
GDPR
7.2.1: Management responsibilities
ISO 27001
7.2.2: Information security awareness, education and training
ISO 27001
4 §: Tiedonhallinnan järjestäminen tiedonhallintayksikössä
TiHL
See all related requirements and other information from tasks own page.
Go to >
Staff guidance and training procedure in cyber security
AI management system awareness and training
Critical
High
Normal
Low
Cyber security training
2
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
AI management system awareness and training
Structured periodic update of cybersecurity training programs
Critical
High
Normal
Low
Cyber security training
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Structured periodic update of cybersecurity training programs
Defining required personnel competences BCMS
Critical
High
Normal
Low
Cyber security training
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Defining required personnel competences BCMS
Top management cyber security training (Poland)
Critical
High
Normal
Low
Cyber security training
1
requirements

Examples of other requirements this task affects

8e: Szkolenie
NIS2 Poland
See all related requirements and other information from tasks own page.
Go to >
Top management cyber security training (Poland)
Training for support personnel
Critical
High
Normal
Low
Cyber security training
5
requirements

Examples of other requirements this task affects

8.1.2.i: Szkolenie z zakresu cyberbezpieczeństwa
NIS2 Poland
B6.b: Cyber security training
CAF 4.0
62: Kvalifikuota sistemos priežiūra ir palaikymas
NIS2 Guide Lithuania
See all related requirements and other information from tasks own page.
Go to >
Training for support personnel
Periodically reviewing training records
Critical
High
Normal
Low
Cyber security training
2
requirements

Examples of other requirements this task affects

52: Kibernetinio saugumo higiena ir mokymai
NIS2 Guide Lithuania
See all related requirements and other information from tasks own page.
Go to >
Periodically reviewing training records
Regular review of staff training themes
Critical
High
Normal
Low
Cyber security training
6
requirements

Examples of other requirements this task affects

35A.(3): Παρακολούθηση της εκπαίδευσης από την ανώτατη διοίκηση
NIS2 Cyprus
§ 26: Årlige awareness-tiltag
Energisektor beredskabsbekendtgørelse
8.2: Security training
NIS2 Guide
See all related requirements and other information from tasks own page.
Go to >
Regular review of staff training themes
Personnel security policy
Critical
High
Normal
Low
Cyber security training
3
requirements

Examples of other requirements this task affects

Člen 22.2.2: Preverjanje integritete kadrov
NIS2 Slovenia
See all related requirements and other information from tasks own page.
Go to >
Personnel security policy
Developing and implementing policies and conducting training
Critical
High
Normal
Low
Cyber security training
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Developing and implementing policies and conducting training
Designate privacy personnel
Critical
High
Normal
Low
Cyber security training
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Designate privacy personnel
Conducting role-specific security awareness and skills training
Critical
High
Normal
Low
Cyber security training
4
requirements

Examples of other requirements this task affects

14.9: Conduct Role-Specific Security Awareness and Skills Training
CIS 18
Člen 20.5: Usposabljanje skrbnikov sistemov
NIS2 Slovenia
§ 26: Årlige awareness-tiltag
Energisektor beredskabsbekendtgørelse
See all related requirements and other information from tasks own page.
Go to >
Conducting role-specific security awareness and skills training
Training workforce on identifying and reporting of missing security updates
Critical
High
Normal
Low
Cyber security training
1
requirements

Examples of other requirements this task affects

14.7: Train workforce on how to identify and report if their enterprise assets are missing security updates
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Training workforce on identifying and reporting of missing security updates
Training workforce on causes of unintentional data exposure
Critical
High
Normal
Low
Cyber security training
1
requirements

Examples of other requirements this task affects

14.5: Train Workforce Members on Causes of Unintentional Data Exposure
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Training workforce on causes of unintentional data exposure
Establishing and maintaining security awareness training
Critical
High
Normal
Low
Cyber security training
3
requirements

Examples of other requirements this task affects

14.1: Establish and Maintain a Security Awareness Program
CIS 18
B6.a: Cyber security culture
CAF 4.0
See all related requirements and other information from tasks own page.
Go to >
Establishing and maintaining security awareness training
Top management cyber security training
Critical
High
Normal
Low
Cyber security training
29
requirements

Examples of other requirements this task affects

31 § 2°: Formation des cadres supérieurs à la cybersécurité
NIS2 Belgium
14.7.: Kibernetinio saugumo mokymai
NIS2 Lithuania
Art. 23.2: Formazione in materia di sicurezza informatica
NIS2 Italy
14.2: Παρακολούθηση της κατάρτισης από την ανώτατη διοίκηση
NIS2 Greece
18.3: Mandatory training for management
NIS2 Malta
See all related requirements and other information from tasks own page.
Go to >
Top management cyber security training
Arranging specific data protection training for personnel
Critical
High
Normal
Low
Cyber security training
3
requirements

Examples of other requirements this task affects

9.7.2: Employee data protection training
TISAX
Člen 20.5: Usposabljanje skrbnikov sistemov
NIS2 Slovenia
See all related requirements and other information from tasks own page.
Go to >
Arranging specific data protection training for personnel
Ensuring coverage of relevant topics on personnel training and guidance processes
Critical
High
Normal
Low
Cyber security training
19
requirements

Examples of other requirements this task affects

2.1.3: Staff training
TISAX
14.3: Train Workforce Members on Authentication Best Practices
CIS 18
13.1.f: Raise awareness
CER
Article 34.2: Conduct cybersecurity education and training
CSL (China)
Člen 20.5: Usposabljanje skrbnikov sistemov
NIS2 Slovenia
See all related requirements and other information from tasks own page.
Go to >
Ensuring coverage of relevant topics on personnel training and guidance processes
Maintaining a log of cyber security trainings
Critical
High
Normal
Low
Cyber security training
80
requirements

Examples of other requirements this task affects

7.2.2: Information security awareness, education and training
ISO 27001
T11: Turvallisuuskoulutus ja -tietoisuus
Katakri
6.1: Tietojärjestelmien käyttäjiltä vaadittava koulutus ja kokemus
Omavalvontasuunnitelma
PR.AT-1: Awareness
NIST
HAL-13: Koulutukset
Julkri
See all related requirements and other information from tasks own page.
Go to >
Maintaining a log of cyber security trainings
Incorporating real-life security incidents in staff training
Critical
High
Normal
Low
Cyber security training
3
requirements

Examples of other requirements this task affects

4.4.4: Communicate and share findings with relevant stakeholders
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Incorporating real-life security incidents in staff training
Training the use of security systems and reporting of malware attacks
Critical
High
Normal
Low
Cyber security training
7
requirements

Examples of other requirements this task affects

12.2: Protection from malware
ISO 27001
7.2.2: Information security awareness, education and training
ISO 27001
12.2.1: Controls against malware
ISO 27001
8.7: Protection against malware
ISO 27001
8.7: Bescherming tegen malware
NEN 7510
See all related requirements and other information from tasks own page.
Go to >
Training the use of security systems and reporting of malware attacks
Training personnel with a changed role
Critical
High
Normal
Low
Cyber security training
13
requirements

Examples of other requirements this task affects

7.3: Termination and change of employment
ISO 27001
7.3.1: Termination or change of employment responsibilities
ISO 27001
PR.IP-11: Cybersecurity in human resources
NIST
6.5: Responsibilities after termination or change of employment
ISO 27001
PR.IP-11: Cybersecurity is included in human resources practices (deprovisioning, personnel screening…).
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Training personnel with a changed role
Regular unit-based cyber security communication
Critical
High
Normal
Low
Cyber security training
10
requirements

Examples of other requirements this task affects

7.2.2: Information security awareness, education and training
ISO 27001
CC2.2: Internal communication of information
SOC 2
PR.AT-1: All users are informed and trained.
CyberFundamentals
4.4.4: Communicate and share findings with relevant stakeholders
NSM ICT-SP
PR.AT-02: Individuals in specialized roles
NIST 2.0
See all related requirements and other information from tasks own page.
Go to >
Regular unit-based cyber security communication
Evaluating the efficiency of arranged training
Critical
High
Normal
Low
Cyber security training
36
requirements

Examples of other requirements this task affects

7.2.2: Information security awareness, education and training
ISO 27001
6.3: Information security awareness, education and training
ISO 27001
21.2.f: Assessing effectiveness of security measures
NIS2
9.1 §: Toimien vaikuttavuuden arviointi
Kyberturvallisuuslaki
30 § 3.6°: L'efficacité des mesures de gestion des risques
NIS2 Belgium
See all related requirements and other information from tasks own page.
Go to >
Evaluating the efficiency of arranged training
Arranging training and guidance during orientation (or before granting access rights)
Critical
High
Normal
Low
Cyber security training
58
requirements

Examples of other requirements this task affects

7.3.1: Termination or change of employment responsibilities
ISO 27001
9.2.2: User access provisioning
ISO 27001
4 §: Tiedonhallinnan järjestäminen tiedonhallintayksikössä
TiHL
PR.IP-11: Cybersecurity in human resources
NIST
5.18: Access rights
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Arranging training and guidance during orientation (or before granting access rights)
Reminding personnel about their cyber security responsibilities
Critical
High
Normal
Low
Cyber security training
38
requirements

Examples of other requirements this task affects

21.2.g: Cyber hygiene practices and training
NIS2
2.1.3: Staff training
TISAX
9.11 §: Perustason tietoturvakäytännöt ja henkilöstön vastuu
Kyberturvallisuuslaki
30 § 3.7°: Les pratiques et la formation en matière d'hygiène cybernétique
NIS2 Belgium
Članak 30.1.g: Kibernetičke higijene i osposobljavanje o kibernetičkoj sigurnosti
NIS2 Croatia
See all related requirements and other information from tasks own page.
Go to >
Reminding personnel about their cyber security responsibilities

Never duplicate effort. Do it once - improve compliance across frameworks.

Reach multi-framework compliance in the simplest possible way
Security frameworks tend to share the same core requirements - like risk management, backup, malware, personnel awareness or access management.
Cyberday maps all frameworks’ requirements into shared tasks - one single plan that improves all frameworks’ compliance.
Do it once - we automatically apply it to all current and future frameworks.
Start free trial
Get to know Cyberday
Start your free trial
Cyberday is your all-in-one solution for building a secure and compliant organization. Whether you're setting up a cyber security plan, evaluating policies, implementing tasks, or generating automated reports, Cyberday simplifies the entire process.
With AI-driven insights and a user-friendly interface, it's easier than ever to stay ahead of compliance requirements and focus on continuous improvement.
Clear framework compliance plans
Activate relevant frameworks and turn them into actionable policies tailored to your needs.
Credible reports to proof your compliance
Use guided tasks to ensure secure implementations and create professional reports with just a few clicks.
AI-powered improvement suggestions
Focus on the most impactful improvements in your compliance with help from Cyberday AI.
Effortless compliance improvement
Widest framework library in EU
Extensive support

Get your compliance
foundation in minutes.

Learn what an AI-powered ISMS looks like in practice.
Start a free trial and see your compliance work launch in minutes.

Start free trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templatesTrust center
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementPrivacy managementVendor assessmentsInternal audits
Resources
AcademyWebinarsBlogHelp articlesVideo coursesTrust centerContent libraryGuidesNewsletterLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security
No items found.