Training and awareness plan
I need help from your expert to know how to deal with the following chart and what is relaly expected in term of competencies and knowledge, as well as the related training.
Can you please provide me with some support?
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
To fill in the training and awareness plan you first need to do is identify which gaps of incompetence you have (i.e., which knowledge, or skills your employees need to have). Some examples are:
- Use of passwords
- Backup operation
- Software installation and patching
- Performing of internal audit
Second, you need to define the method to be applied: training sessions, workshops, newsletters? What will work best for your company? On which frequency to perform them (e.g., weekly, monthly, annually?)
After that, you need to evaluate if these gaps can be fulfilled by internal personnel, or if you will need external support.
Once you have these answers, you can start defining your training and awareness plan.
These articles will provide you with a further explanation about awareness:
- 8 Security Practices to Use in Your Employee Training and Awareness Program https://advisera.com/27001academy/blog/2015/03/02/8-security-practices-to-use-in-your-employee-training-and-awareness-program/
- How to perform training & awareness for ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/05/19/how-to-perform-training-awareness-for-iso-27001-and-iso-22301/
This material will also help you regarding awareness:
- Free Security Awareness Training: https://advisera.com/training/awareness-session/security-awareness-training/ - this is a series of 25 videos that cover various topics related to security
Comment as guest or Sign in
Oct 17, 2022