Determine if cybersecurity workforce management policies and procedures comply with legal and organizational requirements