A measure of the effectiveness of a program for users and management includes: * Reduced internal and external audit findings or auditing findings with minimal negative impact. * Enhanced day-to-day security practices from the user community (work area walk-throughs indicate voluntary compliance with guidelines such as passwords not taped to terminals, sensitive information not left on desktop, use of screen saver passwords, etc.). * A reduction in the number of help desk calls and security incidents. * Users voluntarily reporting security incidents. * Voluntary participation in security programs. * Positive feedback after security training (including classroom and CBT?s). High "retention-to-presentation" ratio of material by participants. * Provide a forum for informational exchanges between user community, management and security function. * Reduced company liability for negligence and breach of fiduciary responsibility. * Brand recognition of security function. (Users being able to discern between physical/corporate security and logical security mission.)
Dig deeper on Security Awareness Training and Internal Threats-Information
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.