Search Results

SecAware toolkits: high-quality content (templates) and professional services to bring your ISO27k (ISO/IEC 27001) Information Security Management System rapidly up to a certifiable standard Implementing or running an ISO 27001 I nformation S ecurity M anagement S ystem? Looking to protect and exploit valuable information? Sec Aware delivers top-quality information security policies and awareness materials, plus information risk and security management consulting. Save time and effort with our ISMS toolkits , a wealth of pragmatic business-focused content to guide you swiftly through ISMS certification into continual improvement. . About Shop Specials

An extraordinary range of information risks and security controls About the awareness topics There are lots of aspects relevant to information risk and security, meaning plenty of areas for your ISMS and awareness and training program to cover. Rather than confusing people by attempting to cover everything at once, we recommend focusing on specific areas, one at a time. Pick a topic, introduce it, explain and expand on it, bring it to life and make it real. Educate and motivate your audiences , giving them them the chance to soak it up, discuss it among themselves and take it in ... before moving on to the next topic. Lather, rinse, repeat. Start the sequence and launch your awareness program with the Sec Aware I nformation Security 101 module , bringing everybody quickly up to speed on the basics. After that, it's up to you what topics to cover, when and how. We offer materials on a deliberately wide range of information risk, security and related topics. In addition to the obvious areas such as phishing, passwords and viruses, we're not afraid to delve into the concepts and principles of information risk management, incident management, business continuity management and more. The Sec Aware materials confidently tackle difficult issues such as hacking, insider threats, cybersecurity and Internet security, and take on sensitive topics such as BYOD and privacy. Focusing on each topic individually means scratching beneath the surface, describing the issues and explaining the concerns. People are more willing to behave securely and uphold the controls if they understand why they are needed and what they are intended to achieve. We recommend regularising security awareness activities, with periodic updates ("refresher training") several times a year. This is a dynamic field so don't leave it too long between updates: new threats are emerging, new vulnerabilities are discovered and the organization's use and dependence on information is constantly evolving. As your existing content becomes out of date, it loses its relevance, interest, impact and value. Don't let it go stale like a moldy old loaf. Keep it fresh. Keep it Sec Aware.

Straightforward answers to rhetorical questions about IsecT and SecAware, our products and services portfolio