Abstract
An effective information security program cannot be implemented without implementing an employee awareness and training program to address policy, procedures, and tools. Learning consists of three key elements:
-
1. Awareness, which is used to stimulate, motivate, and remind the audience what is expected of them
-
2. Training, the process that teaches a skill or the use of a required tool
-
3. Education, the specialized, indepth schooling required to support the tools or as a career development process