Security awareness and training module for January
Background and scope
January’s NoticeBored module concerns the ISO/IEC 27000-series information
The ISO27k standards promote good practices for information risk and security
management. ISO/IEC 27001 specifies a coherent suite of management processes to identify, evaluate and treat the organization’s information risks systematically.
The standards are designed to apply to all sorts of organization, meaning that they
are generic and need to be interpreted and applied appropriately in the specific business context of any single organization.
Helping your people understand and make the most of the ISO27k standards is the main purpose of this awareness and training module.
Use January’s NoticeBored module to:
Introduces and promotes the ISO27k standards, providing general overview, context and background information on the 50+ published standards;
Explains and expands upon ISO27k’s systematic approach to managing information risks and security controls;
Lays out the business case for adopting and making the most of the ISO27k standards, elaborating on the benefits and the costs.
What are your organization’s learning objectives in relation to ISO27k? Depending
on where you are on the journey from initial recognition through implementation and certification to ongoing operation of an ISO27k ISMS, different aspects of the
awareness content may be relevant and of interest to your colleagues. Even if you are neither considering nor using ISO27k, your business partners,
stakeholders, customers and prospects may well be using ISO27k, and some of them may expect your organization to comply. So what does that mean, in practice? Find out in January’s module.
The content is designed to appeal to three parallel audiences encompassing the entire organization. The topic, and hence the awareness content, is
relevant virtually everyone in the organization.
As well as customizing the NoticeBored materials to suit your awareness program’s branding and objectives, feel free to blend-in additional content from
other sources, including your own policies and procedures. Use the materials in the company newsletters and magazines, publish them on your intranet Security Zone, and use them in awareness events. As always, the train-the-trainer guide offers tips on making the most of the module.
Buy and download the new module today through our eShop www.SecAware.com