RE: Security Training for Company's Employee

Hi,
I have been doing this for some time. My experience:
- Don't use technical terms even with IT people.
- Cover the major risks faced by your company (CIA) and your policies.
- Support with material such as a video and leaflets.
For instance, I organized a quiz with a number of IT security mouse pads as
a reward. The audience liked that!
- Don't forget unusual issues such as Privacy policy even if you're not in
an regulated country.
If you need more let me know.
BF

-----Message d'origine-----
De : Syn Ack [mailto:thin.hack@gmail.com] 
Envoyé : lundi 19 septembre 2005 14:35
À : security-basics@securityfocus.com
Objet : Security Training for Company's Employee

Hello listmembers,
I've just began a new job two months ago and I'm currently in charge
of improving the information security level in our company. As part of
this process I've been asked to create a InfoSec training for all the
company employees. I plan to split my training in several classes for
different kind of audience: general, management, sales, technical,
etc. But I never had to make something like this before. Have some of
you any experience about the topic?

Any help/ideas/suggestions on information security training is welcome.

Dominique