Content library
Cyber security training
Training personnel with a changed role
Personnel security
Cyber security training

Training personnel with a changed role

Start free trial

Task description

Training personnel with a changed role

Training arranged before granting access rights applies not only to new employees but also to those who move to new tasks or roles, especially when the data systems used by the person and the security requirements related to the job role change significantly with the change of job role. The training is arranged before the new job role becomes active.

Requirements connected to the task

13.1.e: Ensure adequate employee security management
CER Directive
14.9: Conduct Role-Specific Security Awareness and Skills Training
CIS 18 controls
6.5: Responsibilities after termination or change of employment
ISO 27001 (2022): Full
7.3: Termination and change of employment
ISO 27001 (2013): Full
7.3.1: Termination or change of employment responsibilities
ISO 27001 (2013): Full
GV.RR-04: Cybersecurity in human resources practices
NIST CSF 2.0
PR.IP-11: Cybersecurity in human resources
NIST Cybersecurity Framework
PR.IP-11: Cybersecurity is included in human resources practices (deprovisioning, personnel screening…).
CyberFundamentals (Belgium)

Other tasks from the same security theme

Task name
Priority
Policy
Other requirements
Staff guidance and training procedure in cyber security
Critical
High
Normal
Low
Cyber security training
103
requirements

Examples of other requirements this task affects

29. Processing under the authority of the controller or processor
GDPR
32. Security of processing
GDPR
7.2.1: Management responsibilities
ISO 27001
7.2.2: Information security awareness, education and training
ISO 27001
4 §: Tiedonhallinnan järjestäminen tiedonhallintayksikössä
TiHL
See all related requirements and other information from tasks own page.
Go to >
Staff guidance and training procedure in cyber security
Top management cyber security training (Poland)
Critical
High
Normal
Low
Cyber security training
1
requirements

Examples of other requirements this task affects

8.e: Szkolenie
NIS2 Poland
See all related requirements and other information from tasks own page.
Go to >
Top management cyber security training (Poland)
Training for support personnel
Critical
High
Normal
Low
Cyber security training
3
requirements

Examples of other requirements this task affects

8.1.2.i: Szkolenie z zakresu cyberbezpieczeństwa
NIS2 Poland
See all related requirements and other information from tasks own page.
Go to >
Training for support personnel
Periodically reviewing training records
Critical
High
Normal
Low
Cyber security training
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Periodically reviewing training records
Regular review of staff training themes
Critical
High
Normal
Low
Cyber security training
3
requirements

Examples of other requirements this task affects

35A.3: Παρακολούθηση της εκπαίδευσης από την ανώτατη διοίκηση
NIS2 Cyprus
See all related requirements and other information from tasks own page.
Go to >
Regular review of staff training themes
Personnel security policy
Critical
High
Normal
Low
Cyber security training
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Personnel security policy
Developing and implementing policies and conducting training
Critical
High
Normal
Low
Cyber security training
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Developing and implementing policies and conducting training
Designate privacy personnel
Critical
High
Normal
Low
Cyber security training
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Designate privacy personnel
Conducting role-specific security awareness and skills training
Critical
High
Normal
Low
Cyber security training
1
requirements

Examples of other requirements this task affects

14.9: Conduct Role-Specific Security Awareness and Skills Training
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Conducting role-specific security awareness and skills training
Training workforce on identifying and reporting of missing security updates
Critical
High
Normal
Low
Cyber security training
1
requirements

Examples of other requirements this task affects

14.7: Train workforce on how to identify and report if their enterprise assets are missing security updates
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Training workforce on identifying and reporting of missing security updates
Training workforce on causes of unintentional data exposure
Critical
High
Normal
Low
Cyber security training
1
requirements

Examples of other requirements this task affects

14.5: Train Workforce Members on Causes of Unintentional Data Exposure
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Training workforce on causes of unintentional data exposure
Establishing and maintaining security awareness training
Critical
High
Normal
Low
Cyber security training
1
requirements

Examples of other requirements this task affects

14.1: Establish and Maintain a Security Awareness Program
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Establishing and maintaining security awareness training
Top management cyber security training
Critical
High
Normal
Low
Cyber security training
24
requirements

Examples of other requirements this task affects

31 § 2°: Formation des cadres supérieurs à la cybersécurité
NIS2 Belgium
14.7.: Kibernetinio saugumo mokymai
NIS2 Lithuania
Art. 23.2: Formazione in materia di sicurezza informatica
NIS2 Italy
14.2: Παρακολούθηση της κατάρτισης από την ανώτατη διοίκηση
NIS2 Greece
18.3: Mandatory training for management
NIS2 Malta
See all related requirements and other information from tasks own page.
Go to >
Top management cyber security training
Arranging specific data protection training for personnel
Critical
High
Normal
Low
Cyber security training
1
requirements

Examples of other requirements this task affects

9.7.2: Employee data protection training
TISAX
See all related requirements and other information from tasks own page.
Go to >
Arranging specific data protection training for personnel
Ensuring coverage of relevant topics on personnel training and guidance processes
Critical
High
Normal
Low
Cyber security training
10
requirements

Examples of other requirements this task affects

2.1.3: Staff training
TISAX
14.3: Train Workforce Members on Authentication Best Practices
CIS 18
13.1.f: Raise awareness
CER
Article 34.2: Conduct cybersecurity education and training
CSL (China)
See all related requirements and other information from tasks own page.
Go to >
Ensuring coverage of relevant topics on personnel training and guidance processes
Maintaining a log of cyber security trainings
Critical
High
Normal
Low
Cyber security training
66
requirements

Examples of other requirements this task affects

7.2.2: Information security awareness, education and training
ISO 27001
T11: Turvallisuuskoulutus ja -tietoisuus
Katakri
6.1: Tietojärjestelmien käyttäjiltä vaadittava koulutus ja kokemus
Omavalvontasuunnitelma
PR.AT-1: Awareness
NIST
HAL-13: Koulutukset
Julkri
See all related requirements and other information from tasks own page.
Go to >
Maintaining a log of cyber security trainings
Incorporating real-life security incidents in staff training
Critical
High
Normal
Low
Cyber security training
2
requirements

Examples of other requirements this task affects

4.4.4: Communicate and share findings with relevant stakeholders
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Incorporating real-life security incidents in staff training
Training the use of security systems and reporting of malware attacks
Critical
High
Normal
Low
Cyber security training
5
requirements

Examples of other requirements this task affects

12.2: Protection from malware
ISO 27001
7.2.2: Information security awareness, education and training
ISO 27001
12.2.1: Controls against malware
ISO 27001
8.7: Protection against malware
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Training the use of security systems and reporting of malware attacks
Training personnel with a changed role
Critical
High
Normal
Low
Cyber security training
10
requirements

Examples of other requirements this task affects

7.3: Termination and change of employment
ISO 27001
7.3.1: Termination or change of employment responsibilities
ISO 27001
PR.IP-11: Cybersecurity in human resources
NIST
6.5: Responsibilities after termination or change of employment
ISO 27001
PR.IP-11: Cybersecurity is included in human resources practices (deprovisioning, personnel screening…).
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Training personnel with a changed role
Regular unit-based cyber security communication
Critical
High
Normal
Low
Cyber security training
7
requirements

Examples of other requirements this task affects

7.2.2: Information security awareness, education and training
ISO 27001
CC2.2: Internal communication of information
SOC 2
PR.AT-1: All users are informed and trained.
CyberFundamentals
4.4.4: Communicate and share findings with relevant stakeholders
NSM ICT-SP
PR.AT-02: Individuals in specialized roles
NIST 2.0
See all related requirements and other information from tasks own page.
Go to >
Regular unit-based cyber security communication
Evaluating the efficiency of arranged training
Critical
High
Normal
Low
Cyber security training
28
requirements

Examples of other requirements this task affects

7.2.2: Information security awareness, education and training
ISO 27001
6.3: Information security awareness, education and training
ISO 27001
21.2.f: Assessing effectiveness of security measures
NIS2
9.1 §: Toimien vaikuttavuuden arviointi
Kyberturvallisuuslaki
30 § 3.6°: L'efficacité des mesures de gestion des risques
NIS2 Belgium
See all related requirements and other information from tasks own page.
Go to >
Evaluating the efficiency of arranged training
Arranging training and guidance during orientation (or before granting access rights)
Critical
High
Normal
Low
Cyber security training
45
requirements

Examples of other requirements this task affects

7.3.1: Termination or change of employment responsibilities
ISO 27001
9.2.2: User access provisioning
ISO 27001
4 §: Tiedonhallinnan järjestäminen tiedonhallintayksikössä
TiHL
PR.IP-11: Cybersecurity in human resources
NIST
5.18: Access rights
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Arranging training and guidance during orientation (or before granting access rights)
Reminding personnel about their cyber security responsibilities
Critical
High
Normal
Low
Cyber security training
28
requirements

Examples of other requirements this task affects

21.2.g: Cyber hygiene practices and training
NIS2
2.1.3: Staff training
TISAX
9.11 §: Perustason tietoturvakäytännöt ja henkilöstön vastuu
Kyberturvallisuuslaki
30 § 3.7°: Les pratiques et la formation en matière d'hygiène cybernétique
NIS2 Belgium
Članak 30.1.g: Kibernetičke higijene i osposobljavanje o kibernetičkoj sigurnosti
NIS2 Croatia
See all related requirements and other information from tasks own page.
Go to >
Reminding personnel about their cyber security responsibilities

Never duplicate effort. Do it once - improve compliance across frameworks.

Reach multi-framework compliance in the simplest possible way
Security frameworks tend to share the same core requirements - like risk management, backup, malware, personnel awareness or access management.
Cyberday maps all frameworks’ requirements into shared tasks - one single plan that improves all frameworks’ compliance.
Do it once - we automatically apply it to all current and future frameworks.
Start free trial
Get to know Cyberday
Start your free trial
Cyberday is your all-in-one solution for building a secure and compliant organization. Whether you're setting up a cyber security plan, evaluating policies, implementing tasks, or generating automated reports, Cyberday simplifies the entire process.
With AI-driven insights and a user-friendly interface, it's easier than ever to stay ahead of compliance requirements and focus on continuous improvement.
Clear framework compliance plans
Activate relevant frameworks and turn them into actionable policies tailored to your needs.
Credible reports to proof your compliance
Use guided tasks to ensure secure implementations and create professional reports with just a few clicks.
AI-powered improvement suggestions
Focus on the most impactful improvements in your compliance with help from Cyberday AI.
Effortless compliance improvement
Widest framework library in EU
Extensive support

Start your compliance journey

Use in MS Teams or use your browser with Slack integration.
Risk free trial. No credit card required. Stop at any time.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementPrivacy managementVendor assessments
Resources
AcademyWebinarsBlogHelp articlesVideo coursesContent libraryGuidesNewsletterLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security