Do you have awareness materials which I can use for end users. Also is there anything separate for creating awareness for IT team. What should be included in the IT team training?
Answer:
Regarding to the users, you can use our presentation Why ISO 27001 Awareness presentation. You can find it in our section of free downloads here : https://advisera.com/27001academy/free-downloads/
Regarding to the IT team, it is more complex because there are many security controls related to technology in the standard, and there are different (firewalls, control access, vulnerabilities). Generally IT people has knowledge enough to implement technological controls, but also it is necessary that they are aware in information security, so my recommendation for you is that use the first presentation for this people too. If not, if your IT team is junior, maybe will be necessary some technical certifications like MCSA, LPI, CEH, etc.
Comment as guest or Sign in
Jan 12, 2016