Security Awareness Training

On this page

• Purpose & scope
• Key controls
• Operating procedures
• Evidence & ownership

Purpose & scope

This policy guides how AiVRIC designs, operates, and validates Security Awareness Training across production, corporate, and partner environments.

It applies to employees, contractors, vendors, and any system interacting with AiVRIC data or services.

Key controls

• Provide onboarding security training to all new hires.
• Deliver annual refresher training and targeted modules for high-risk roles.
• Run phishing simulations and measure improvement.
• Track completion and escalate overdue training.

Operating procedures

• Assign required courses by role; monitor completion via LMS.
• Send reminders before due dates; involve managers for overdue items.
• Review simulation outcomes and adjust content to emerging threats.

Evidence & ownership

Owner: Security & Compliance. Review cadence: annually or after material changes.

Evidence: Collected via AiVRIC audit logs, ticketing systems, monitoring dashboards, and vendor records as appropriate to this policy area.

Contact: [email protected]