The document outlines the importance of using real-life incidents to reinforce security awareness and training, promoting lessons learned from examples of what not to do. It emphasizes utilizing relevant news stories to serve as reminders of security practices. Additionally, it references various controls related to security awareness and training policies.

2. Categorize
Select
Implement
Assess
Authorize
Monitor

14. 






15. 


19. Use real life examples of
incidents
Use incidents as an
opportunity to teach
“what not to do”
The news has stories
everyday you can use
The best stories are often
those “closest to home”

21. However it serves at the least as a
subconscious reminder
Some people question the
usefulness of these warnings

31. http://iase.disa.mil/Pages/index.aspx

33. Control # Control Name
AT-1 Security Awareness and Training Policy and Procedures
AT-2 Security Awareness Training
AT-3 Role-Based Security Training
AT-4 Security Training Records
AT-5 Withdrawn