Guides
- NIST SP 800-16 – Information Technology Security Training Requirements: A Role–and Performance–Based Model
- NIST SP 800-50 – Building an Information Technology Security Awareness and Training Program
- SANS Institute – Developing an Integrated Security Training, Awareness, and Education Program
Example Tools
- SANS Cyber Security Training
- National Initiative for Cybersecurity Careers and Studies – Education and Training Catalog
Sample Policy & Procedures
- Environmental Protection Agency – Information Procedure – CIO 2150-P-02.2 – Information Security – Awareness and Training Procedures
- United States Department of the Interior – Role-Based Security Training (RBST) Standard v2.6.0
- Virginia State University – Policy 6530 – Security Awareness and Training Policy
Vendor Documentation
- SANS Institute – Compliance Training and Securing the Human
- U.S. Department of Health & Human Services Security Awareness Training