Sample Ongoing Security Awareness Standard:

From HORSE - Holistic Operational Readiness Security Evaluation.
Revision as of 17:10, 23 January 2014 by Mdpeters (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Sample Employee Ongoing Security Awareness Standard

This Employee Ongoing Security Awareness Standard builds on the objectives established in the Security Awareness Policy, and provides specific instructions and requirements for providing ongoing security awareness education and training for Company employees.

Objectives

  1. General
    1. All Company employees should receive the appropriate Information Security awareness training on an annual basis.
    2. Effective combinations of the following security awareness materials and techniques should be used to promote and reinforce Company information security objectives:
      1. Electronic mail reminders
      2. Logon banners with security message of the day
      3. Security awareness contests
      4. Security Posters
      5. Company newsletter
      6. Booklets and handouts
    3. All Company employees should be made aware of the certain security-related issues as they occur including but not limited to:
      1. Virus alerts, hoaxes, and approved Company responses
      2. Social engineering techniques
      3. Security topics of interests
    4. Asset Owners, Asset Custodian, Information Technology personnel, and Information Security staff should receive ongoing security training that covers emerging risks to sensitive Company information assets and the latest security trends.


Document Examples

Use these samples as a guide for your policy development. Fully customizable versions are available from The Policy Machine.