Last month we discussed the first step in planning your awareness program, building your security awareness Steering Committe (SC). This will be the foundation for your program and help ensure long term success. This is where every new program should start. However one of the common questions I'm asked is what next, what do you and your committee do? Simple, you need a plan. Draft a plan together, have management review that plan, and once you get approval execute it. However, before you can start putting that plan together you and the steering committee need to first decide the scope of your program. Specifically.
- Determine your program goals.
- Determine your awareness policy
- Time limitations