We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

User Awareness Training

pma111
pma111 asked
on
Medium Priority
340 Views
Last Modified: 2012-05-07
Hi all, we have just revised our security awareness training programme. In our organisation (small setup) as part of a new starters we give them basic IT security awareness training, i.e. password good practice, awareness for social engineering, shoulder surfing etc.

We have got a 3rd party external audit coming in soon and I wonder what sort of things they will pick us up on. Have you had similar audits, i..e them auditing you that you are training your staff properly. What sort of things did they ask, recommend, highlight in there testing and findings?

In terms of documentation our training programme is documented, we record users attendance etc, we dont allow exceptions i.e. a corporate director still has to have it etc. Anything we are likely to have to do in addition to satisfy the external auditors?
Comment
Watch Question

Commented:
Documentation, awareness, and auditing were key elements in our inspection which was held just a few weeks ago.

If you have a policy of not allowing wireless devices or cell phones in the building, do you actively seek those devices?  If company policy doesn't allow you to surf ebay at work, can you tell who is surfing ebay?  

What types of things do you audit, and do people actually look at the audits?

Proper markings (to the letter) of any regulation you have.  Are portable hard drives encrypted or allowed?

Do you have documented procedures for minor incidents and major disasters?  If you found somebody stealing computer hardware, do the other employees know what to do and who to contact?  Do your employees know where that documentation is?

Author

Commented:
Thanks kjanicke, what documentation did they ask you specific to training, was it training records or lots more? Regards
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION

Author

Commented:
Thanks ever so much, some good advice. Cheers

Commented:
Thanks
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.