Information Security Awareness Training and Support
After the policies are written, there must be communication among the writers, management, and everyone in the organization so that all understand the policies and impact. In this final step of the planning process, the planning for training should be considered. It is reasonable to mandate that training be required for anyone with access to company computers and networks. Human Resources should have complete records, including information on training courses required and taken as well as all signed documents showing acceptance of defined corporate policies.
Management should not only set aside time for training; they should encourage it. One company I was involved with mandated training ...
Get Writing Information Security Policies now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
