The first improvement of the Guide is the new visualisation of the process of organising an Awareness Raising initiative. The guide analyses the key, critical steps necessary to ‘kick-start’, plan, organise and run successful awareness raising initiatives: plan, assess and design, execute, evaluate and adjust. The Guide identifies the key components: defining the goals and objectives of awareness initiatives; defining target groups; developing a communication plan; measuring success, and finally, to adopt a change management approach, as being crucial for success.
The second improvement is the identification of Key Performance Indicators (KPIs); to assess the effectiveness of awareness programmes.
The third improvement is the addition of concrete case studies and experiences from other organisations dealing with different awareness matters.
The fourth improvement is a more complete toolbox of 11 different templates/samples e.g., a 'lessons learned' template, an awareness baseline worksheet, an awareness questionnaire and a target group data capture form.
The Executive Director of ENISA, Andrea Pirotti commented on the Guide:‘Providing information security for the economy of Europe is a huge challenge in itself; awareness raising among select target audiences is an important, first step towards meeting that challenge. Security is, ultimately, dependent on people.’
The review of the Guide has been done in the light of new research and analysis, complemented with feedback from stakeholders across Europe.
The new, updated and expanded Awareness Raising ‘User’s Guide: How to raise information security awareness’ is available at: http://www.enisa.europa.eu/...