Video: Assessing Security Awareness Training Programs

In this lesson, Nick Palazzolo, CPA, takes an in-depth look at how to effectively assess security awareness training programs in a company setting. Nick emphasizes the importance of verifying whether these programs comprehensively cover current cybersecurity threats, such as phishing and ransomware, and assess the relevance and engagement of training formats, including webinars and e-learning modules. He also discusses the critical aspects of evaluating training frequency, the updating process, and how vital it is to gather feedback to ensure continuous improvement. Through hands-on examples, Nick shows how to observe live sessions and analyze training effectiveness by examining incident data and behavioral impacts. This lesson provides practical strategies for ensuring that a company's security training is robust, engaging, and up-to-date, significantly contributing to reducing cybersecurity risks in the workplace.

"Examprep.ai helped me pass all 4 CPA exams on the first try. I highly recommend. I especially like the feedback and ratings the software provides so I know where to focus my time."

Daniel H., CPA

"I can't recommend ExamPrep.ai enough. Nick's lessons turned concepts I struggled with into strengths. I was able to pass FAR right before other exams expired!"

Andrew K, CPA

"I just want to say thank you for the great lesson videos. I couldn't stay awake through lectures of another course. After watching all your FAR lessons I was finally able to pass!"

Alyssa M., CPA Candidate

Video Transcript

Instructor: Nick Palazzolo

Nick Palazzolo is head instructor of ExamPrep.ai CPA Review. Nick's teaching style is engaging & upbeat, combining practical Big 4 tax & assurance expertise with years of 1-on-1 coaching. His lessons are concise and emphasize what you need to know to pass. Whether you're a recent grad or working full-time, we’re confident you can conquer your CPA exams with Nick’s review.

Cite this lesson

Link to this page

[[ citeExample ]]

Copy to clipboard

Copy URL to clipboard

Copy HTML to clipboard

All right, we're diving into assessing security awareness training programs. What are we going to do here? Well, we want to make sure that the security awareness training program is effective. Now, I mean, generally, you work for any company and they've got, you know, some company that sets up some sort of overall general training program, you know, where you get onboarded to the company and you sit through a bunch of training videos. Oh, what is this? What's an example of a phishing email? Does this link look suspicious? So overall, that's kind of what we're envisioning when we're thinking about this. But we are, when we're assessing the security awareness training program, we want to examine the actual training materials for comprehensiveness and relevance. Usually, again, it's going to be some sort of login. I think, you know, one I used was know before, like essentially know before you use the system. Yeah, again, kind of those are service organizations themselves, right? They kind of are outsourced security training for your employees. You want to check if the materials cover current cybersecurity threats like phishing, ransomware, social engineering. Those are the very common ones because that's what you're going to be doing generally, experiencing or possibly being threatened by as just a auditor, tax preparer, consultant, associate. You're going to be getting emails and there might be suspicious links, seemingly maybe from the client, but someone trying to hack into your system. You also want to evaluate the training methods. So webinars, e-learning platforms, in-person sessions, you want to observe these live training sessions and access an e-learning module to gauge the engagement and interactivity. Now, you know, obviously people kind of blow through these trainings because the job's demanding and it's time to get back to

Unlock the full video transcript and subtitles support with a free account!

Get more from this lesson

Create an account 7-day free trial. No credit card required.

Security

Module: 3 Concepts, 30 Videos

Threats and Attacks - Overview

0:45

Introduction to Threats and Attacks

3:57

Threat Agents

9:08

Types of Attacks