Monday, June 11, 2007

Using industry best practices for effective security training

security consultant needed
clipped from

"Improved employee understanding of appropriate behaviors and best practices for enhanced information security reduces security risks and helps ensure compliance with regulations such as Sarbanes-Oxley, HIPAA, the Payment Card Industry Data Security Standards (PCI DSS) and others. But merely providing security training is not enough. Organizations need to know if training programs have been successful in changing behavior.

In order to provide an effective security training program, metrics must be set in place from the start. Measurements help establish a baseline of individual and organizational competencies in enterprise security. Additionally, metrics help identify gaps in current training initiatives that should be remedied and improve the methodology and/or content of training programs. Measuring training effectiveness can also be useful in validating the competency of the training entity itself."
 blog it

1 comment:

Bijoy said...

Cool blog, i just randomly surfed in, but it sure was worth my time, will be back

Deep Regards from the other side of the Moon

Biby Cletus