Section 76: initial and annual instruction
Initial cybersecurity instruction must be organised no later than one month after a user account is registered. Refresher instruction must be carried out at least once per calendar year.
For Latvian companies subject to the National Cybersecurity Law, employee training is not only good practice. Regulation No. 397 sections 76-80 require instruction, current materials, records, and knowledge assessment.
Initial cybersecurity instruction must be organised no later than one month after a user account is registered. Refresher instruction must be carried out at least once per calendar year.
Content should be reviewed at least once per year or when circumstances change, for example when new cyber threats appear. Materials must be available to employees.
The company must keep records of instruction and assess employee knowledge and training effectiveness. That is why the core Vairogs product is the manager report.
Vairogs Skola is not a state certification service and does not replace occupational safety instruction. It is a practical cybersecurity instruction and knowledge-assessment record system.