Expert Advice Community

Guest

Training and awareness plan

  Quote
Guest
Guest user Created:   Oct 17, 2022 Last commented:   Oct 17, 2022

Training and awareness plan

I need help from your expert to know how to deal with the following chart and what is relaly expected in term of competencies and knowledge, as well as the related training.
https://i.imgur.com/YAbZCbE.png

Can you please provide me with some support?
 

Assign topic to the user

ISO 27001 RISK TREATMENT PLAN

Determine responsibilities for the implementation of controls.

ISO 27001 RISK TREATMENT PLAN

Determine responsibilities for the implementation of controls.

Expert
Rhand Leal Oct 17, 2022

To fill in the training and awareness plan you first need to do is identify which gaps of incompetence you have (i.e., which knowledge, or skills your employees need to have). Some examples are:

  • Use of passwords
  • Backup operation
  • Software installation and patching
  • Performing of internal audit

Second, you need to define the method to be applied: training sessions, workshops, newsletters? What will work best for your company? On which frequency to perform them (e.g., weekly, monthly, annually?)

After that, you need to evaluate if these gaps can be fulfilled by internal personnel, or if you will need external support.

Once you have these answers, you can start defining your training and awareness plan.

These articles will provide you with a further explanation about awareness:

This material will also help you regarding awareness:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Oct 17, 2022

Oct 17, 2022