CISM - Information Security Program - Section 3.9
Develop and manage an information security awareness and training programme for all personnel.
Develop and manage a security awareness training programme that covers all personnel and uses techniques such as phishing simulation to reinforce learning. Measure the programme's impact on behaviour and use results to drive culture change and continuous improvement.
Security awarenessTraining programmePhishing simulationCulture change
More in this domain
Back to all Information Security Program objectives, or the CISM cert hub.
Examworthy is not affiliated with or endorsed by ISACA. Original, blueprint-aligned practice material only.