The information security awareness and training policy is to ensure all employees of the organization and, where relevant, contractors receive appropriate awareness education and training and regular updates in organizational policies and procedures, as relevant for their job function. New starters, in role employees, training plans, competency register and assessment and acceptance are covered in this policy.
Contents Extract
Document Version Control
Document Contents Page
Purpose
Scope
Information Security Awareness and Training Policy
Principle
Information Security Awareness and Training Topics
New Starters
In Role Employees
Training and Competency Register
Training and Awareness Plan
Assessment and Acceptance
Policy Compliance
Compliance Measurement
Exceptions
Non-Compliance
Continual Improvement