Security Awareness Metrics

Security Awareness Metrics

Metrics give you the ability to track and measure the impact of your security awareness program. This can be used to improve your training, demonstrate return on investment, or compare your human risk to other organizations in your industry. All resources here are free, developed by the community for the community. Please send any feedback on how to improve these resources to community@securingthehuman.org.

Metrics Matrix

This spreadsheet identifies and documents different options for measuring your security awareness program. It includes metrics for both measuring impact (change in behavior) and for tracking compliance.

Measuring Human Risk - Survey

This twenty-five question survey will help you determine the human risk in your organization. Each question and its respective answers have different levels of risk associated with them. Depending on how your employees respond, you can add up the answers and determine a quantitative value of your human risk.

Phishing Assessments Planning Package

Phishing assessments are not only a simple and effective way to measure the impact of your awareness program, but a very powerful way to reinforce key training concepts. This package helps you step by step plan, build and implement a successful phishing assessment program, including several templates. This package was developed in partnership with various community members actively involved in establishing their own security awareness programs.

 
Advantages of the SANS Securing The Human Program Include:
  • Go beyond compliance and focus on changing behaviors.
  • Training mapped against the 20 Critical Controls framework.
  • Create your own program by choosing from over 30 different training modules.
  • Meets mandated compliance requirements.
  • Fully SCORM compliant, host on the SANS VLE or your own LMS.
  • All content is updated twice annually.
  • Offered in over 20 different languages.
Latest Blog Posts

Guest Post - Go Beyond ‘Check-the-Box’ Compliance

May 13, 2013 - 1:13 PM

Editor's Note:This guest blog post is from John Andrew at Honeywell. How do we persuade folks who are resistant to ‘Security Awareness’ efforts? Great question! I was fortunate to pick up a rare last minute opening - to go on a 3 day backpacking & camping trip at Cumberland Island National Forest on the coast of Georgia. The backcountry orientation by the National Forest Service was great.  One of the first things they brought to our attention was an old ‘Smokey  [...] More

A New OUCH!

May 09, 2013 - 2:21 PM

Earlier this week we released the latest edition of the OUCH! security awareness newsletter, "Passwords / Passphrases".  We explain in simple terms how you can create strong passwords using passhrases, and some simple steps to using the [...] More

Request Free Trial
Contact Us
(301) 654-SANS(7267)
Mon - Fri | 9am-8pm EST/EDT
info@securingthehuman.org