Security Implementation
Identity Management and Security Awareness Training Plan Strategy
all departments.
Duration and frequency: three sessions of one hour each. Technology developments that are used in permanently updating the company's security features must be communicated to employees. Update training sessions of two hours must be performed every three months in order to keep up with technology improvements.
The training program must inform employees on the company's security guidelines. The administrative, technical, or physical safeguards intended to protect the personal information of clients and employees must be communicated and explained to all department members. In addition to this, the company must identify current attitudes towards information security that employees have (Winkler & Manke, 2013). The training material will be structured in accordance with these attitudes.
Trainer selection:
In this case, the question is whether to select an in-house or an outside trainer. An outside trainer could have more experience on security awareness and better training skills. However, the in-house trainer knows best the company's current situation and needs.
Training material:
It is important to hand out printed material to employees. This material refers to internal security rules and guidelines, contact information in case they have a security issue, and the documentation of the training program.
Management involvement:
It is necessary that the company's CEO and department managers offer their full support for developing a successful training plan strategy (Gerzon, 2011). This is because if managers do not offer their support employees might think the training program is not important. In addition to attending the training sessions, the department managers must ensure that their subordinates have all the resources for applying the security guidelines and principles.
Current state assessment:
In order to develop a successful training strategy, it is important to evaluate the current situation of the company. Current state assessment allows to establish measurable objectives that mu be met.
Performance measures
Performance related to security of information must be defined and connected to the training plan. A system of rewards and punishments must also be established in order to motivate employees into following information security guidelines.
Implementation
You’re 80% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.