Definition: Awareness training, as it relates to information security, is essential. Home computer users, as well as all employees of a business, must be made alert to all of the threats that are faced when working online. In addition, employees must be familiar with any policies or procedures that are in existence to help mitigate vulnerabilities and threats. Formal classes or on-line instruction should be offered in organizations on how to function within the adopted security policies of an information infrastructure. Employees can then be held accountable for applying the appropriate safeguards.
Part of the hiring process could likely be mandatory information system security training.
Its Relevance: An employer (or individual computer user) must have general knowledge on establishing and maintaining information assurance. To ignore the implementation of what is known as ‘security best practices’ would be negligent. Failure to provide instruction on how to protect an information infrastructure would be reckless and possibly illegal.