Users completed awareness training in the last 12 months
Description
The percentage of users who have completed security awareness training in the last 12 months, ensuring that employees are equipped with the latest knowledge to identify and mitigate cyber threats, which is critical for reducing organizational vulnerabilities and enhancing overall security posture.
| Attribute |
Value |
| Metric id |
us_awareness |
| Category |
User Security |
| SLO |
80.00% - 90.00% |
| Weight |
0.4 |
| Type |
 |
References
| Framework |
Ref |
Domain |
Control |
| ISO 27001:2022 |
A.6.3 |
6 People controls |
Information security awareness, education and training |
| CIS 8.1 |
14.2 |
Security Awareness and Skills Training |
Train Workforce Members to Recognize Social Engineering Attacks |
| CIS 8.1 |
14.3 |
Security Awareness and Skills Training |
Train Workforce Members on Authentication Best Practices |
| CIS 8.1 |
14.4 |
Security Awareness and Skills Training |
Train Workforce on Data Handling Best Practices |
| CIS 8.1 |
14.5 |
Security Awareness and Skills Training |
Train Workforce Members on Causes of Unintentional Data Exposure |
| CIS 8.1 |
14.6 |
Security Awareness and Skills Training |
Train Workforce Members on Recognizing and Reporting Security Incidents |
| CIS 8.1 |
14.7 |
Security Awareness and Skills Training |
Train Workforce on How to Identify and Report if Their Enterprise Assets are Missing Security Updates |
| CIS 8.1 |
14.8 |
Security Awareness and Skills Training |
Train Workforce on the Dangers of Connecting to and Transmitting Enterprise Data Over Insecure Networks |
| NIST CSF v2.0 |
PR.AT-01 |
Awareness and Training (PR.AT) |
PR.AT-01: Personnel are provided with awareness and training so that they possess the knowledge and skills to perform general tasks with cybersecurity risks in mind |
Code
SELECT
users.profile.login AS resource,
'user' AS resource_type,
CASE
WHEN training.user.email IS NOT NULL THEN 1
ELSE 0
END AS compliance,
users.profile.login AS detail
FROM
{{ ref('okta_users') }} AS users
LEFT JOIN
{{ ref('knowbe4_enrollments') }} AS training
ON
users.profile.login = training.user.email and
datediff('day',cast(training.completion_date as date),current_date())
<= 365
WHERE
users.status = 'ACTIVE';