SECURITY POLICY & STANDARTS


Educating users can be a formal or informal process. Formal methods are those that communicate policies in a formal training environment, such as a classroom or computer-based training (CBT). The advantage of formal training is that you know who’s taking the training, and you can measure, to some extent, its effectiveness.

Answer the following question(s):

  1. 1.Assume you are tasked with developing a user training program on security awareness and security policy implementation. What type(s) of training would you offer? Formal, informal, or both? Written? Online?
  2. 2.What is an advantage and disadvantage of each type of training you noted for question 1?
  3. 3. Is one type of training better than all of the others? Why or why not?