Security-Awareness Training

The management’s directives pertaining to security are captured in the security policy, and the standards, procedures, and guidelines are developed to support these directives. However, these directives will not be effective if no one knows about them and how the company expects them to be implemented. For security to be successful and effective, senior management on down to the rest of the staff must be fully aware of the importance of enterprise and information security. All employees should understand the underlying significance of security and the specific security-related requirements expected of them.

The controls and procedures of a security program should reflect the nature of the data being processed. A company ...

Get CISSP Certification All-in-One Exam Guide, Fourth Edition, 4th Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.