Sunteți pe pagina 1din 9

| 


 |
    
! " 

|#$
|"%&'&|()*+" $ ,("($
%-%-'
!.
‡ SP 800-16 Rev 1 updated the original document
from 1998
‡ addresses the "awareness training" and "role-
based training" needs outlined in both the
FISMA act of 2002 and the OPM mandate 5
CFR, Part 930.
‡ companion document to NIST Special
Publication 800-50, ï 
 



    

  .
 
‡ Information security professionals,
‡ instructional design specialists.
,

‡ It is critical to both national security and business


interests to protect the information stored in digital format
‡ In order to do this employees who use these systems
must be trained to use information systems both
efficiently and securely
‡ The goals of Special Publication 800-16 are to provide
information security professionals and instructional
design specialists guidelines for implementing
awareness training for an organization and specialized
role-based training programs for users of its information
systems.
" 
‡ NIST 800-16 introduces a ³Learning
Continuum´ model of information security
training.
‡ Basic Security Awareness
‡ Awareness Training (Basics and Literacy)
‡ / 
‡ Education
‡ Professional Development.
"# 
‡ Information security training matrices
ADDIE
‡ ADDIE instructional design method:
‡ Analysis,
‡ Design,
‡ Development,
‡ Implementation,
‡ and Evaluation.
( 
‡ Formative evaluation
‡ Summative evaluation
‡ Changes to program
)
‡ To insure the confidentiality, integrity, and availability of
information, every user of information systems must
know their specific responsibilities and be properly
motivated to carry out these responsibilities.
‡ The motivation comes from awareness of the issues,
and the knowledge and education of each individual¶s
responsibilities needs to come from a role-based
information security training program.
‡ This NIST document helps agencies and organizations
follow the ADDIE model to fill in the gaps of knowledge
that its employees are missing.
‡ Not only is it critical to the continual success of an
organization, it is the law that training be put in place to
protect information in their possession.