2.6. Training
يسري تنفيذه من تاريخ 4/7/2021The maintenance and implementation of an effective SCP requires that all relevant employees and management understand requirements and obligations, policies and procedures, internal control mechanisms, and threats, risks, and vulnerabilities. A robust training program is an integral component of an effective SCP. A training program should:
| • | Be of a scope and nature proportionate to the LFI’s overall risk profile; | |||
| • | Be specific to the role carried out by the employee, with tailored training for employees engaged in sensitive roles; | |||
| • | Provide training to all appropriate employees and personnel upon onboarding in a timely manner and at least annually thereafter; | |||
| • | Hold employees accountable for training through assessments; | |||
| • | Include measures to take immediate and effective action to provide corrective training or other corrective actions to relevant personnel upon learning of a confirmed negative risk assessment result or audit finding, or other deficiency pertaining to the SPC. | |||