- For
each sample security awareness training policy that you reviewed in the
step above, discuss the policy’s main components. You should focus on
the need for a security awareness program and its key elements.2. - Policy Statement
Define your policy verbiage.
3. Purpose/Objectives.
Define
the policy’s purpose as well as its objectives.
4. Scope
Define
whom this policy covers and its scope. What elements, IT assets, or
organization-owned assets are within this policy’s scope?
5.Standards
Does
the policy statement point to any hardware, software, or configuration
standards? If so, list them here and explain the relationship of this policy to
these standards.
6.Procedures
Explain
how you intend to implement this policy for the entire organization.
7.Guidelines
Explain
any roadblocks or implementation issues that you must overcome in this section
and how you will surmount them per defined guidelines. Any disputes or gaps in
the definition and separation of duties responsibility may need to be addressed
in this section.
8. Identify three
security awareness training software providers.
9.Identify 10
questions that you would include in your RFI.
0 comments