What should be the contents of an Information Security Training Program?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

mobi_khan

Thread Starter
Joined
May 13, 2008
Messages
48
Hi,


I am planning to give some awareness and training program in my company. I would like to know how to develop a security training programs for the employees specially the executives. Actually I am not able to select the boundaries and the limits that should be addressed in the training program i.e. the topic and their relevant depth.



So can anyone help me in this regard about the material that should be included in the training program and its depth and breadth? If anyone can provide/share some real documentation/presentation I will really appreciate it.
 
Joined
Dec 8, 2006
Messages
4,469
Hi,


I am planning to give some awareness and training program in my company. I would like to know how to develop a security training programs for the employees specially the executives. Actually I am not able to select the boundaries and the limits that should be addressed in the training program i.e. the topic and their relevant depth.



So can anyone help me in this regard about the material that should be included in the training program and its depth and breadth? If anyone can provide/share some real documentation/presentation I will really appreciate it.
How did this fall into your lap?
Did you tell them you had the credentials?
 

mobi_khan

Thread Starter
Joined
May 13, 2008
Messages
48
Well actually I am working as an Information Security Lead in the comapny and I have deployed and configured many software for security control but since these were technical that’s why I did not face much trouble for deploying these security controls, but giving training to executives and employees is a different thing. I mean I do not know how many areas I should cover and what should be the depth of those topics? How much technical those training program should be?

So far I have configured the following

1. Password Protection and Password Policy

2. Clear Desk and Clear Screen Policy

3.How to share any folder and assign rights

4.How to report the information security incidents

5. Eamil and internet use

6. Viruses and malicious software

But I am not sure whether it is enough or should I go further?
 
Joined
Dec 8, 2006
Messages
4,469
Well actually I am working as an Information Security Lead in the comapny and I have deployed and configured many software for security control but since these were technical that’s why I did not face much trouble for deploying these security controls, but giving training to executives and employees is a different thing. I mean I do not know how many areas I should cover and what should be the depth of those topics? How much technical those training program should be?

So far I have configured the following

1. Password Protection and Password Policy

2. Clear Desk and Clear Screen Policy

3.How to share any folder and assign rights

4.How to report the information security incidents

5. Eamil and internet use

6. Viruses and malicious software

But I am not sure whether it is enough or should I go further?
Keep it simple. But you always need to consider the audience. You do not want to insult their intelligence. You have a better idea of their expertise/knowledge of computers than I/we do.

Have a look at some of these for ideas:
http://www.google.ca/search?q=Infor...s=org.mozilla:en-US:official&client=firefox-a
 

1002richards

Retired Trusted Advisor
Joined
Jan 29, 2006
Messages
5,333
Who has sponsored the training? What are they expecting you to deliver? (Is what you are planning what the sponsor wants?!)
How much delivery time do you need, how much have the 'students' been allocated?
Has a Training Needs analysis been completed? What training gaps have been identified?
Are you working solo or with a co-trainer? If the latter have they delivered this type of training before?
Bearing in mind that you'll need to devote considerable time in preparing the course, materials, powerpoint etc etc and agreeing what exact company policy you'll be delivering - has anyone costed the benefits of buying in the training from an external specialist provider?
What venue will you use? Will there be accomodation or equipment hire charges?
These are important areas to address.

Yes, I've some experience in devising, delivering, etc etc but not IT related - though many of the areas to consider are generic to all training.

Richard.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top