a table that relates role categories relative to IT systems—Manage,Acquire, Design and Implement, Operate, Review and Evaluate, and Use (with a seventh category, “other” included to provide extensibility) with three training content categories—Laws and Regulations, Security Program, and System Life Cycle Security.
Source(s):
NIST SP 800-16