Creating Effective User Awareness Training
Course Content
Creating Effective User Awareness Training is based on two key principles:
In conclusion, Creating Effective User Awareness Training is focused on the design, development and deployment of security education that meets your risk management objectives. There are just too many approaches to creating awareness that are either not fit for purpose or just plain sneaky in their approach.
Instructed by
I then progressed into project management implementing trading and trade processing systems for several financial institutions based in London.
I’m resident in the UK in the city of Ely, just outside of Cambridge. I’m married to Diane and we have two grown up daughters, Philippa and Lauren and a grandson, George.
I have been an information technology specialist for over 40 years. Following my award of an HNC in computer science from the University of East London, I began my career in computing in the newly emerging IT audit function for a major US bank, developing interrogation software to support both financial and IT infrastructure audits.
I then progressed into project management implementing trading and trade processing systems for several financial institutions based in London.
Having gained practical IT experience I transitioned into the emerging field of Information systems security and audit during which time I qualified as a certified information systems auditor (CISA). I held several positions in this role including Head of IT Audit for a major bank based in Bahrain. On my return to the UK I joined one of the UK’s largest banks heading their global IT audit function for their treasury, corporate banking and asset management division.
It was at this time, as IT was rapidly becoming an increasingly significant part of the operating fabric of all organisations and the experiences I had gained in evaluating the return on investment in information technology that I turned my attention to understanding how to successfully achieve strategic and competitive advantage from information technology investments. With the support of my current employer I was able to analyse the results many strategic IT investments and approaches in many different types of organisations. This culminated in my book “Infopreneurs – the hidden people behind strategic information systems”. My own personal takeaway from this experience was that people drive everything – technology is an enabler, but it’s the ideas and commitment of people that ultimately make technology deliver on its promise. Regardless of what area of IT you look at – including information security – it’s people that make it work and their efforts are facilitated by management processes that are focused on understanding what has to happen to deliver value, providing the environment to facilitate it and being able to provide assurance that the objectives have been met.
These principles have guided me throughout my time as an independent consultant and have been applied throughout many and varied assignments relating to the design and development of business continuity/resilience frameworks, information security management, information technology audit frameworks.
