Training Overview Program Success Indicators

Program Success Indicators

CIO’s, program officials, and IT security program managers should be primary advocates for continuous improvement and for supporting an organization’s security awareness, training, and education program.

It is critical that everyone be capable and willing to carry out their assigned security roles in the organization.

In security one is only as strong as the weakest link. Securing an organization’s information and infrastructure is a team effort.

Listed below are some key indicators to gauge the support for, and acceptance of, the program.

Sufficient funding to implement the agreed-upon strategy.

  • Appropriate organizational placement to enable those with key responsibilities (CIO, program officials, and IT security program manager) to effectively implement the strategy.
  • Support for broad distribution (e.g., web, e-mail, posters) and posting of security awareness items.
  • Executive/senior level messages to staff regarding security (e.g., staff meetings, broadcasts to all users by organization head).
  • Use of metrics (e.g., to indicate a decline in security incidents or violations, indicate that the gap between existing awareness and training coverage and identified needs is shrinking, the percentage of users being exposed to awareness material is increasing, the percentage of users with significant security responsibilities being appropriately trained is increasing).
  • Managers do not use their status in the organization to avoid security controls that are consistently adhered to by the rank and file.
  • Level of attendance at mandatory security forums/briefings.
  • Recognition of security contributions (e.g., awards, contests).
  • Motivation demonstrated by those playing key roles in managing/coordinating the security program.
  • 20.jpg
  • 22.jpg
  • 2.jpg
  • 32.jpg
  • 26.jpg
  • middle kingdom.png
  • 19.jpg
  • tengasco.png
  • 1.jpg
  • 23.jpg