Employees must be aware of the expectations, responsibilities, and threats and be equipped with the knowledge to identify and resolve security issues in order to adequately protect corporate assets. Policies are powerless if users are not aware and trained on how to comply with them. Use this template to communicate the purpose and expectations of your security policies, while ensuring due diligence and improving awareness, understanding, and compliance.
Risks Addressed by Policy:
- Without such training, users have an increased likelihood of breaching security and have lower individual culpability should they breach security.
- Without this training, “inside” attacks are more likely to occur within the organization.