Reporting and Monitoring
Monitoring and reporting on the completion and effectiveness of security training is important, ensuring that employees are aware of the security needs of a company and are actively engaged in any required actions. Before you can do this, however, there needs to be a plan in place that will help you create and assess the training program itself, ensuring that it meets its intended goals. I have developed a framework that should be adopted to get the greatest benefits when delivering the training.
As shown in Figure 28.1, it starts with goals and needs, moves on to the development of the training, and then the delivery and feedback, and finally, data from the monitoring phase can be fed back into the goals and needs to refine the training.
Figure 28.1: A security awareness practices framework
As you can see in Figure 28.1, this framework consists of the following stages:
- Goals/Needs: For a new training course...