Evidence of InfoSec Awareness Training
I would like to know what kind of evidence is acceptable for the InfoSec Awareness Training, is a report of all employees who completed the training enough?
Assign topic to the user
ISO 27001 does not prescribe a format to document evidence of InfoSec Awareness Training, so organizations can adopt the format that best fits their needs (e.g., certificates, attendance lists, exam results, etc.).
This article will provide you with a further explanation of competence evidence for ISO 27001:
- How to perform training & awareness for ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/05/19/how-to-perform-training-awareness-for-iso-27001-and-iso-22301/
For an example of a document that can be used as evidence, please take a look at this template: Training and Awareness Plan https://advisera.com/27001academy/documentation/training-and-awareness-plan/
This material may also help you regarding InfoSec Awareness Training:
- Free Security Awareness Training: https://training.advisera.com/awareness-session/security-awareness-training/ - this is a series of 25 videos that cover various topics related to security.
Comment as guest or Sign in
Aug 09, 2022