Security training for a client

We are doing a security audit/pen test for a client right now. As the security guy I am heavily engaged in the process. At a later point, I am going to have to hold a training session for the employees on security. Is there a standard or any guidelines for this type of stuff? I am aware of some pretty cool standards for the technical side but I've never really heard of anything like that on educating users. I have a rough idea of what it should consist of but I really want to do a good job so if you guys know of a framework I can follow when piecing this together, that would be great.

I'm thinking of doing a cool power point presentation and getting them in a room to talk about not clicking on pdf.exe files and etc. :D It is my understanding that this is how people usually do it?
Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.


Sign In or Register to comment.