~3-page information policy template on information security awareness and training.
This policy specifies an information security awareness and training program to inform and motivate all workers regarding their information risk, security, privacy and related obligations (e.g. ethics).
Without adequate information security awareness, workers are less likely to recognise or react appropriately to information security threats and incidents and are more likely to place valuable information in danger through ignorance and carelessness.
Whereas ‘awareness’ implies general vigilance and a basic level of understanding about a broad range of information security matters, ‘training’ implies more narrowly-focused and detailed attention to one or more specific topics
Supplied as an MS Word document, readily customised for your organisation's specific situation.
Awareness and training policy
Information security policy template on awareness and training
See also all the other policies: making sure workers are familiar with, understand and comply with them, fulfilling their obligations, is a key objective.