Security Basics mailing list archives
Annual Security Awareness program
From: Nick Duda <nduda () VistaPrint com>
Date: Tue, 17 Mar 2009 12:56:07 -0400
While some will argue about its true effectiveness, we have an obligation under PCI DSS 12.6.1b , "Do employees attend security awareness training upon hire and at least annually?". We have a program in place for new hires, they sit through about a 1 hour session with a member of the InfoSec team, where we go over a PPT with common security related issues. We are now required to have annual training for all employees. My question is, How do companies with hundred/thousands of employees perform this to meet PCI DSS requirements? I've heard about online programs, but this just seems like a waste of time (but may satisfy PCI DSS). The floor is open for discussion and recommendation on how an annual awareness session can be held for hundreds+ employees. Thanks in advance. Regards, Nick Duda Manager, Information Security GIAC GSEC | GCIH ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Find the source of cybercrime! Almost every crime today involves a computer or mobile device. Learn how to become a Computer Forensics Examiner in InfoSec Institute's hands-on Computer Forensics Course. Up to three industry recognized certs available, online computer forensics training available. http://www.infosecinstitute.com/courses/computer_forensics_training.html ------------------------------------------------------------------------
Current thread:
- Annual Security Awareness program Nick Duda (Mar 17)
- RE: Annual Security Awareness program Corey Bobb (Mar 17)
- RE: Annual Security Awareness program G Michael Runnels (Mar 19)
- <Possible follow-ups>
- Re: Annual Security Awareness program vupadhyaya (Mar 19)
- Re: RE: Annual Security Awareness program viveksilla (Mar 19)
- RE: RE: Annual Security Awareness program Jason Hurst (Mar 19)
- Re: RE: Annual Security Awareness program Meenal Mukadam (Mar 24)
- RE: RE: Annual Security Awareness program Jason Hurst (Mar 19)