CRISC - Information Technology and Security - Section 4.7

Deliver information security awareness training that changes risk-relevant behaviour.

Design and deliver information security awareness training that achieves measurable behaviour change rather than mere compliance tick-box completion. Use techniques such as phishing simulation to test and reinforce awareness, and track improvements in risk-relevant behaviour over time.

Examworthy is not affiliated with or endorsed by ISACA. Original, blueprint-aligned practice material only.