Monthly Archives: March 2010

Awareness, Training, and the Four-Stage Learning Model

Posted on March 31, 2010 by Steve Addison

In some guidance documents (e.g., NIST SP800-16), you’ll find a distinction drawn between “awareness” and “training” even though most of us use the words together when talking about education of end-users. There’s actually a good theoretical basis for differentiating between … Continue reading

Posted in Education | 1 Comment

10 Laws to Mention in Your Acceptable Use Training

Posted on March 18, 2010 by Steve Addison

If you’re developing an “Acceptable Use of IT Resources” training course (or even developing the policy itself), this blog post from TechRepublic is a very useful reference. It discusses 10 of the laws that apply to computer users (in the … Continue reading

Posted in Information Security | Leave a comment