EU: ENISA’s new users' guide on how to raise information security awareness - 2008 Edition

Published on: 01/08/2008
Last update: 28/08/2008
Description (short summary):
This publication presents an analysis of the main processes to prepare and implement information security awareness programmes in public and private organisations. Each process is analysed and time-related actions and dependencies are identified.

The process modelling presented provides a basis for "kick-starting" the scoping and planning activities and tasks, as well as the execution and assessment of any programme. This paper contains key performance indicators, case studies, template and samples.

The Guide also points out obstacles to success and provides practical advice on how to overcome them during the planning and implementation phases of programmes. In addition, it describes main factors for success of any information security initiative.

With this new guide, ENISA hopes for this new guide to provide a valuable tool to prepare and implement awareness programmes in public and private organisations.

Original URL:

Number of pages:

ISBN Number: 978-92-9204-006-2

Description of license: © European Network and Information Security Agency (ENISA), 2008.

Nature of documentation: Guide


Type of document


media2209.pdf 1.43 MB