Awareness And Training

Introduction

The most effective control in the Information Security Management System is human awareness and knowledge of risks and threats and how to control them.

This is easy to achieve, using awareness programs that are well designed and share the message to end users in a simple jargon-free language.

Once the message is delivered, it is important to monitor, track and assess the effectiveness of the awareness program by measuring the response of users (recipients who have participated in the sessions) to potential incidents.

Our Awareness programs are designed and delivered in the spirit of sharing knowledge and not to provide “training” which is the main reason why awareness programs fail.

We will provide you with

  • Customized program which will include
    • Requirements of your Information Policies and the compliance expectations from end users.
    • Risks / threats in your line of business.
    • Share cases of security incidents in similar business.
    • Good practices and common-sense actions that will help lower the risk.
  • Security Technology and Controls based training for the operations and functional team members.
  • Security awareness for senior management and Board members.
  • Awareness training for BCP/DR etc

Our end-to-end Awareness Program will provide you with an annual calendar of events / sessions based on ISO27001 or any other standard / framework. We can train your team members who can then take up the awareness sessions to ensure continuous development and management of the program.

The session can be delivered as in-person program or in virtual mode via our hosted LMS.