Answer:
B. False
Explanation:
The Code of Federal Regulations (C.F.R.) also called the administrative law refers to the codes of conducts that governs and sets the boundaries for administrative agencies in the United States.
The C.F.R. code stipulates that every individual who wants to access the Federal Information System be exposed to a certain basic level of security awareness before doing so. However, the C.F.R. does not stipulate that all users undergo broad training in system/application life cycle management, security planning and system/application security management, risk management, and contingency planning.
According to the C.F.R. code, training is made available to individuals based on their roles and responsibilities; Executives receive a basic security training, Program managers receive management training as well as basic security training, Chief Information Officers & other security-oriented personnels are the ones that receive broad training in system/application life cycle management, security planning and system/application security management, risk management, and contingency planning.
The C.F.R. code also stipulates that new employees be introduced & acquainted with security training depending on their roles/positions before granting them access to the systems, that current employees be refreshed often with security training and to make security training available to employees when there is any significant change in the agency's information system procedure or if an employee is given a new role that demands additional training.