Need a Security Awareness Training Policy?

October is National Cyber Security Awareness month and it’s when we tend to notice an uptick in downloads of our security awareness training policy template. If your workplace is in need of one, please check it out.

Many regulations and standards indicate that organizations should be conducting security awareness and training including, but not limited to, PCI DSS, HIPAA, FINRA, RMF, NIST CyberSecurity Framework, and ISO 27001 to name a few. A formal policy provides two important things: 1) mandatory training requirement expectations and 2) evidence to clients and stakeholders that your organization is serious about protecting its information.

seurity awareness and training policy

Our training policy template is in Word format and was built to closely match the requirements of NIST SP 800-53r4 security controls on Awareness and Training. Download it, customize it, and implement it! (Remember, though, don’t put anything into a policy that you don’t intend to or can’t implement.)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s