Skip to content
Browse docs

Cybersecurity Education — FedRAMP KSI Domain

Generated from the official FedRAMP/docs GitHub repo. Source path: FRMR.documentation.json on main at blob 5c6bfee74029. FRMR version: 0.9.43-beta · upstream last_updated: 2026-04-08. The official FedRAMP/rules repo exists, but grclanker still treats FedRAMP/docs as the active source until structured rules land there.

Cybersecurity Education

Domain code: CED · Domain ID: KSI-CED · Web slug: cybersecurity-education

Theme

A secure cloud service provider will educate their employees on cybersecurity measures, testing them persistently to ensure their knowledge is satisfactory.

Indicators

KSI-CED-DET (formerly KSI-CED-03) — Reviewing Development and Engineering Training

Persistently review the effectiveness of role-specific training given to development and engineering staff that covers best practices for delivering secure software.

Mapped Rev5 controls: cp-3, ir-2, ps-6

Terms: Persistently

Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes.

KSI-CED-RGT (formerly KSI-CED-01) — Reviewing General Training

Persistently review the effectiveness of training given to all employees on policies, procedures, and security-related topics.

Mapped Rev5 controls: at-2, at-2.2, at-2.3, at-3.5, at-4, ir-2.3

Terms: Persistently

Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes.

KSI-CED-RRT (formerly KSI-CED-04) — Reviewing Response and Recovery Training

Persistently review the effectiveness of role-specific training given to staff involved with incident response or disaster recovery.

Terms: Incident, Persistently, Vulnerability Response

Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes.

KSI-CED-RST (formerly KSI-CED-02) — Reviewing Role-Specific Training

Persistently review the effectiveness of role-specific training given to employees in high risk roles, including at least roles with privileged access.

Mapped Rev5 controls: at-2, at-2.3, at-3, sr-11.1

Terms: Persistently

Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes.

URL copied to clipboard