Why do I need an Awareness Training program?

A common challenge of organizations is trying to justify funding for an awareness training program.  The sections below provide some insight into the benefits of a well developed awareness training program.  We pride ourselves on delivering quality training with clear goals.  Contact us for more information.

Compliance Requirements

Security Awareness training is mandatory for all employees with access to a corporate IT network under many laws and regulations. There are many challenges to training every employee in Security Awareness. We can help ensure that every employee has had the opportunity to learn and engage in quality Security Awareness training.

PCI DSS

12.6 - Make all employees aware of the importance of cardholder information security. Educate employees (for example, through posters, letters, memos, meetings and

promotions).

Require employees to acknowledge in writing that they have read and understood the company’s security policy and procedures.


ISO/IEC 27001 & 27002

ISO 27002 8.2.2 - All employees of the organization and, where relevant, contractors and third party users should receive appropriate awareness training and regular updates in organizational policies and procedures, as relevant for their job function.


Sarbanes-Oxley (SOX)

404(a).(a).(1) - The Commission shall prescribe rules requiring each annual report required by section 13(a) or 15(d) of the Securities Exchange Act of 1934 (15 U.S.C 78m or 78o(d)) to contain an internal control report which shall – state the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting.


US State Privacy Laws

Many states in the United States have unique privacy laws.  Most of these laws require awareness training programs.

Data Breaches

Most organizations are required to protect certain types of data, such as PCI, Personally Identifiable Information (PII), employee health information, etc.  For a list of data breaches in your industry, go to Privacy Rights.

        Privacy Policy        Terms of Use     Contact Us

Awareness Tips - SANS.com

Home       Awareness Training       Consulting Services       Governance       In The News!                             Contact Us