+ORP.3.A4 Designing and Planning an Information Security Awareness and Training Program (S)

1. Overview

ORP.3.A4 Designing and Planning an Information Security Awareness and Training Program (S)

Awareness and training programs for information security SHOULD be designed for the appropriate target groups. A requirements analysis should be carried out for this purpose. Training measures SHOULD be able to focus on the specific requirements and different backgrounds.
A target-group-oriented awareness and training program SHOULD be created on the topic of information security. This training program SHOULD provide employees with all the information and skills necessary to implement the security rules and safeguards applicable within the organisation in question. It SHOULD be checked and updated regularly.

Summary	Standard

1.1 References

1.2 Identified Requirements

1.2 Related Regulation

2. Identified Requirements

Requirements
Source	Requirement

3. Related Regulations

Regulations
Source	Regulation

ITGC -
Bundesamt für Sicherheiter in der Informationstechnik - IT-Grundschutzkompendium Stand 2022