STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 5 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← All Controls

AT-1

Awareness and TrainingRev 5

Policy and Procedures

CCI Identifiers (15)

CCI-000100Develop and document an organization level, mission/business process-level, or system-level awareness and training policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance.CCI-000101Disseminate an organization level, mission/business process-level, or system-level awareness and training policy to organization-defined personnel or roles.CCI-000102Review and update the current security awareness and training policy in accordance with organization-defined frequency.CCI-000103Develop and document procedures to facilitate the implementation of the awareness and training policy and associated awareness and training controls.CCI-000104Disseminate organization-level; mission/business process-level; or system-level awareness and training procedures to organization-defined personnel or roles.CCI-000105Review and update the current security awareness and training procedures in accordance with an organization-defined frequency.CCI-001564Defines the frequency of security awareness and training policy reviews and updates.CCI-001565Defines the frequency of security awareness and training procedure reviews and updates.CCI-002048Defines the personnel or roles to whom the awareness and training policy is disseminated.CCI-002049Defines the personnel or roles to whom the organization-level; mission/business process-level; system-level awareness and training procedures are disseminated.CCI-003761Develop and document an organization level, mission/business process-level, or system-level awareness and training policy that is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines.CCI-003762Designate an organization-defined official to manage the development and documentation of the awareness and training policy.CCI-003763Designate an organization-defined official to manage the dissemination of the awareness and training policy.CCI-003764Designate an organization-defined official to manage the development and documentation of the awareness and training procedures.CCI-003765Designate an organization-defined official to manage the dissemination of the awareness and training procedures.

Linked STIG Checks (1)

Across 1 STIGs. Click to expand.