This control applies to the university CISO and or designees who are responsible for Texas A&M University cybersecurity incident response.

The university Chief Information Security Officer shall ensure annual cybersecurity incident response training is available to staff in their cybersecurity incident response roles and responsibilities:

• 1.1

  When staff assumes a cybersecurity incident response role or responsibility; or

• 1.2

  As may be required by significant information resource configuration changes.