Resources: Planning Your Awareness Program


Once you've gained the necessary internal support, the next step is deciding how to develop, deploy, and maintain an effective awareness campaign. These resources are developed for the community and unless otherwise stated are distributed under the Creative Commons BY-NC-SA 4.0 license. Please send any feedback on how to improve these resources to

Securing The Human

This presentation takes you step-by-step through how to build a high-impact awareness program that ensures your organization is not only compliant, but secure by changing human behavior. Topics include building your steering committee, identifying who you are targeting in your program, what you want to communicate, and how you want to do it. In addition, we cover key topics such as updating your program and which metrics best measure its effectiveness.

Security Awareness Planning Kit

This package provides the resources you need to plan, build and maintain a high-impact awareness program. Materials include policy templates, awareness surveys, compliance requirements, draft execution plan, and email templates. The materials are based on SANS MGT433 two-day course, Securing The Human, to include all the labs handed out in the class

Phishing Planning Kit

This package provides step-by-step instructions on how to plan an effective phishing program that your employees like. Learn from the lessons of others on how to ensure your phishing program is a success.

Awareness Program Communication Examples

Examples of different types of emails that may be used in communicating and coordinating your security awareness program.

MGT433: Building High-Impact Awareness Programs

This two day class covers how to plan, build, deploy and maintain a high-impact security awareness program. The course covers everything from strategic planning and execution to budgeting, metrics and reporting. In addition, during the class you will develop your own customized awareness program and execution plan which you can use the day you get back to the office. You can attend this class at SANS events, take it online through OnDemand, or attend virtually through Simulcast. Learn more and sign up here.