We know and understand just how overwhelmed most security awareness professionals are. That is why we designed the Security Awareness Planning Kit as a free resource for you. This Planning Kit enables you to quickly mature your Security Awareness Program using resources developed and proven by the SANS Security Awareness Community. Instead of reinventing the wheel, save time using resources that others have successfully leveraged in real security awareness programs. These materials can be used if you are just starting to build a new awareness program, or those highly experienced looking to improve an existing awareness program.
How to Use this Planning Kit
The planning kit consists of the top seven consistently requested resources to help mature programs. Do not feel compelled to use everything, instead simply leverage the resources most useful for you. The materials are listed in the order that people would most likely use them for building a new security awareness program. For more established or mature awareness programs select the specific resources you need.
- Security Awareness Maturity Model Poster: The Security Awareness Maturity Model is a key part of planning and communicating your awareness program. Both the model and a detailed breakdown of each stage is provided in this poster providing you a strategic overview of where to start. Leadership knows and understand maturity models, so this can be not only a powerful planning tool but one for communicating to leadership what you are doing and why.
- Example Project Charter: Project Charters are the first step in planning any large-scale project or initiative. This covers the key elements of a Project Charter for a new Security Awareness Program. If you are working with a PMO (Project Management Office) this may be one of your first required steps.
- Example Project Plan: This is a detailed example of what a complete Project Plan can look like for a comprehensive Security Awareness Program. This template walks you through step-by-step all the key elements, what should be covered and why with complete examples. A plan is key to gaining not only leadership support but helping ensure your program complies with standards and regulations and can pass any audits.
- Presentation: Slide deck to help you gain leadership’s support for your security awareness program. It provides an overview of what a security awareness program is and the problems it solves.
- Metrics Matrix: This interactive matrix identifies and documents numerous ways to measure security behaviors, culture and strategic impact of your security awareness program.
- Phishing Planning Guide: Phishing simulations are often a big part of any Security Awareness Program. This strategic guide walks you through the key elements of planning a successful phishing program.
- SANS Security Awareness Report: This annual data driven report enables you to benchmark your program against other organizations and prioritize your resources and initiatives.