Institution level cyber security awareness

Government institution must plan for and conduct regular internal cyber security awareness for end users at 3 times per year in partnership with RISA.