+ORP.3.A8 Measurement and Evaluation of Training Success [Human Resources Department] (S)

1. Overview

ORP.3.A8 Measurement and Evaluation of Training Success [Human Resources Department] (S)

The success of information security training SHOULD be measured and evaluated according to the target groups at hand in order to determine the extent to which the objectives set out in awareness and training programs on information security are achieved. The measurements SHOULD consider both quantitative and qualitative aspects of awareness and training programs for information security. The results SHOULD be used appropriately to improve the respective awareness and training program.
The Chief Information Security Officer SHOULD exchange information regularly with the Human Resources Department and the other contacts relevant to security (data protection, health and safety, fire prevention, etc) on the effectiveness of training and further development activities.

Summary	Standard

1.1 References

1.2 Identified Requirements

1.2 Related Regulation

2. Identified Requirements

Requirements
Source	Requirement

3. Related Regulations

Regulations
Source	Regulation

ITGC -
Bundesamt für Sicherheiter in der Informationstechnik - IT-Grundschutzkompendium Stand 2022