5.2 Task Statements: Design
5.2.1 Develop the security awareness and training policy for the IT security training and awareness program.
5.2.2 Define the goals and objectives of the IT security awareness and training program.
5.2.3 Work with appropriate security SMEs to ensure completeness and accuracy of the security training and awareness program.
5.2.4 Establish a tracking and reporting strategy for IT security training and awareness