IT security training is necessary in all organizations, regardless of size, industry, or complexity. Every organization faces IT security risks; it is the degree of training required for the organization's end users that varies. Evaluating the organization and its end users is a key step in determining what training the organization requires. This report will help you achieve the following:
- A better understanding of end users and their IT security training needs.
- An outline of the organization's IT security training goals.
- IT security topics to cover and the delivery method(s) to use.
- End-user testing best practices.
IT security training should be kept simple; the least sophisticated end users in the organization must understand and relate to the instruction. Info-Tech studies show that informal and computer-based training are the most successful at improving end-user security performance. Consider building these methods into your training program.