The European Network and Information Security Agency, i.e. the EU Agency ENISA’s Guide to best practices in Awareness Raising is one of the Agency’s most highly appreciated reports, according to the Agency’s key stakeholders. Two years later, ENISA is now re-launching an expanded and updated Guide. The Guide is pointing out both key factors for successful awareness raising, as well obstacles, and practical advice on how to overcome them. The new Guide contains four new major improvements: a new visualized process modelling, it identifies Key Performance Indicators for success, presents 6 case studies, as well as provides a new toolbox of 11 templates/samples from across Europe.
The first improvement of the Guide is the new visualisation of the process of organising an Awareness Raising initiative. The guide analyses the key, critical steps necessary to ‘kick-start’, plan, organise and run successful awareness raising initiatives: plan, assess and design, execute, evaluate and adjust. The Guide identifies the key components: defining the goals and objectives of awareness initiatives; defining target groups; developing a communication plan; measuring success, and finally, to adopt a change management approach, as being crucial for success.
The second improvement is the identification of Key Performance Indicators (KPIs); to assess the effectiveness of awareness programmes.
The third improvement is the addition of concrete case studies and experiences from other organisations dealing with different awareness matters.
The fourth improvement is a more complete toolbox of 11 different templates/samples e.g., a 'lessons learned' template, an awareness baseline worksheet, an awareness questionnaire and a target group data capture form.
The Executive Director of ENISA, Andrea Pirotti commented on the Guide:‘Providing information security for the economy of Europe is a huge challenge in itself; awareness raising among select target audiences is an important, first step towards meeting that challenge. Security is, ultimately, dependent on people.’
The review of the Guide has been done in the light of new research and analysis, complemented with feedback from stakeholders across Europe.
The new, updated and expanded Awareness Raising ‘User’s Guide: How to raise information security awareness’ is available at: http://www.enisa.europa.eu/...
The first improvement of the Guide is the new visualisation of the process of organising an Awareness Raising initiative. The guide analyses the key, critical steps necessary to ‘kick-start’, plan, organise and run successful awareness raising initiatives: plan, assess and design, execute, evaluate and adjust. The Guide identifies the key components: defining the goals and objectives of awareness initiatives; defining target groups; developing a communication plan; measuring success, and finally, to adopt a change management approach, as being crucial for success.
The second improvement is the identification of Key Performance Indicators (KPIs); to assess the effectiveness of awareness programmes.
The third improvement is the addition of concrete case studies and experiences from other organisations dealing with different awareness matters.
The fourth improvement is a more complete toolbox of 11 different templates/samples e.g., a 'lessons learned' template, an awareness baseline worksheet, an awareness questionnaire and a target group data capture form.
The Executive Director of ENISA, Andrea Pirotti commented on the Guide:‘Providing information security for the economy of Europe is a huge challenge in itself; awareness raising among select target audiences is an important, first step towards meeting that challenge. Security is, ultimately, dependent on people.’
The review of the Guide has been done in the light of new research and analysis, complemented with feedback from stakeholders across Europe.
The new, updated and expanded Awareness Raising ‘User’s Guide: How to raise information security awareness’ is available at: http://www.enisa.europa.eu/...
