Question 1 of 100% Complete
Risk Domain: Phishing Training
Do employees receive recurring, simulation-based phishing training (at least quarterly)?
Theoretical training is easily forgotten. Regular simulations build muscle memory for spotting actual malicious emails.
Yes, quarterly automated simulations and training
Infrequent training (e.g. only during onboarding)
No phishing training is conducted