Information Security Awareness Training
Course Outline


Module 1 – Information security risks

Participants successfully completing this module should be able to:

  • explain what information security means.
  • define the four aspects of information security.
  • understand their role in supporting information security.

Section 1.1 – Welcome

Provides a brief orientation to the topics covered in the module.

Section 1.2 – What is information security?

Introduces the concept of information security in practical terms with reference to the everyday workplace environment.

Section 1.3 – Why is information security important?

Gives an overview of the importance of information security awareness.

Section 1.4 – Consequences of security breaches

Provides examples of some of the negative outcomes that can result from information security breaches.

Section 1.5 – The essential role you play

Highlights the importance of everyone in the workplace doing their part to support information security policies and procedures.

Section 1.6 – Summary

Briefly summarises the topics covered in the module.

Section 1.7 – Assessment

Provides a concise online assessment comprising multiple choice questions to evaluate participants’ understanding of key concepts of the module.


Module 2 – Physical security

The first aspect of information security covered in the course is physical security. Participants successfully completing this module should be able to:

  • define what is meant by physical security.
  • give examples of physical security measures in the workplace.
  • list some good work habits that help maintain physical security.

Section 2.1 – Welcome

Provides a brief orientation to the topics covered in the module.

Section 2.2 – Physical security in the workplace

Explains what is meant by physical security with examples relevant to the workplace environment.

Section 2.3 – Security-conscious work habits

Highlights the importance of developing good work habits that help to maintain physical security.

Section 2.4 – Physical security outside the workplace

Outlines some of the information security risks that can be encountered when working outside the workplace, for example working from home or travelling to other locations.

Section 2.5 – Risks of carrying electronic devices

Explains some of the particular risks that are associated with carrying electronic devices such as smartphones.

Section 2.6 – Summary

Briefly summarises the topics covered in the module.

Section 2.7 – Assessment

Provides a concise online assessment comprising multiple choice questions to evaluate participants’ understanding of key concepts of the module.


Module 3 – Computer and network security

The second aspect of information security covered in the course is computer and network security. Participants successfully completing this module should be able to:

  • recognise the importance of complying with computer and network policies.
  • list some examples of the risks posed by computers and networks.
  • explain the meaning of technical terms such as ‘virus’, ‘malware’, ‘encryption’ and ‘firewall’.
  • understand the importance of reporting and responding to security incidents quickly.

Section 3.1 – Welcome

Provides a brief orientation to the topics covered in the module.

Section 3.2 – Your computer and network policies

Emphasises the importance of following the proper workplace policies and procedures, even if the reasons for them are not understood.

Section 3.3 – Understanding information technologies

Gives a non-technical explanation of key terms related to computers and computer networks.

Section 3.4 – Reporting incidents or concerns

Highlights the importance of reporting computer and network security issues and responding quickly.

Section 3.5 – Summary

Briefly summarises the topics covered in the module.

Section 3.6 – Assessment

Provides a concise online assessment comprising multiple choice questions to evaluate participants’ understanding of key concepts of the module.


Module 4 – Communications security

The third aspect of information security covered in the course is communications security. Participants successfully completing this module should be able to:

  • recognize what is meant by communications security.
  • explain some of the particular risks associated with email.
  • put into practice some tips to avoid communications security breaches.

Section 4.1 – Welcome

Provides a brief orientation to the topics covered in the module.

Section 4.2 – Communications security

Introduces the concept of communications security with examples of what it covers.

Section 4.3 – The risks of email

Highlights the risks that can be posed by email use, such as malicious attachments, misleading links, and phishing attacks.

Section 4.4 – Communicating outside the workplace

Looks at some information security risks to be aware of when communicating outside the workplace (for example, working from home or in public places).

Section 4.5 – Summary

Briefly summarises the topics covered in the module.

Section 4.6 – Assessment

Provides a concise online assessment comprising multiple choice questions to evaluate participants’ understanding of key concepts of the module.


Module 5 – Personnel security

The fourth aspect of information security covered in the course is personnel security. Participants successfully completing this module should be able to:

  • explain what is meant by personnel security.
  • list the main areas of risk associated with personnel security.
  • understand what social engineering is, and recognise the threat is can pose.
  • be aware of the risk that deliberate acts by personnel can cause security breaches.

Section 5.1 – Welcome

Provides a brief orientation to the topics covered in the module.

Section 5.2 – What is personnel security

Introduces the concept of personnel security and outlines four main areas of risk associated with it.

Section 5.3 – Social engineering

Explains the concept of social engineering and how it can be used to breach information security.

Section 5.4 – Security procedures

Makes the point that a significant proportion of security breaches are caused by personnel failing to follow correct procedures.

Section 5.5 – Deliberate acts

Highlights the fact that there is a risk posed by personnel deliberately acting in ways that breach security, and that everyone should be alert to this risk.

Section 5.6 – Summary

Briefly summarises the topics covered in the module.

Section 5.7 – Assessment

Provides a concise online assessment comprising multiple choice questions to evaluate participants’ understanding of key concepts of the module.


Download PDFDownload PDF Version:
Information Security Awareness Training Course Outline