[Entity-specific] [MDR-M.77c] >55 training sessions on cybersecurity

[Entity-specific] [MDR-M.77c] 0 noteworthy cybersecurity incidents

Metrics Definitions and Methodology

[MDR-M.77b] The measurement of all metrics below is validated by an external body during the yearly ISO 27K audit assessments to evaluate the effectiveness of the implemented ISMS operations.

[Entity-specific] [MDR-M.77a,77c] The number of training sessions on cybersecurity refers to the number of training sessions, e-learning programs, and email phishing awareness campaigns conducted, and to the number of MyNews and blog articles released. These vary in frequency depending on the training subject – from monthly (e.g., for new hires) to annually (mandatory e-learning).

[Entity-specific] [MDR-M.77a, 77c] The number of noteworthy cybersecurity incidents refers to incidents defined by given legal conditions (from the Network and Information Systems Directive) which OMV, as a critical infrastructure provider, is obliged to report.

Topics filter

Results