Which of the following is the BEST method for ensuring that security procedures and guidelines
are known and understood?
A.
Periodic focus group meetings
B.
Periodic compliance reviews
C.
Computer-based certification training (CBT)
D.
Employee’s signed acknowledgement
Explanation:
Using computer-based training (CBT) presentations with end-of-section reviews provides feedback
on how well users understand what has been presented. Periodic compliance reviews are a good
tool to identify problem areas but do not ensure that procedures are known or understood. Eocus
groups may or may not provide meaningful detail. Although a signed employee acknowledgement
is good, it does not indicate whether the material has been read and/or understood.