Our organization has defined procedures for maintaining staff's cyber security awareness.These may include e.g. the following things:
Training should focus on the most relevant security aspects for each job role and include often enough the basics, which concern all employees:
The organization must operate, maintain, and continuously develop a security management system.
The boundaries and scope, contents, role, cumulative implementation information and other necessary descriptive information related to the management system must be clearly documented.