Implementation
The list of recommended tasks are in the attached pdfs in both a summary and detailed form. These outline ASAP, the Automated Security Awareness Program. Ultimately, these are recommended steps to take so your organization is successful in the program adoption. This What is ASAP? video gives a brief description, as well as Automated Security Awareness Program (ASAP). We have already worked through the questionnaire, marking most items as "needed" which adds the most options into the implementation list.
KMSAT Tutorial Videos - Main page for the Getting Started tutorial videos
User Management - How to import and manage users. They mention Active Directory Integration, which is possible for some libraries, but there is one drawback. This is worth discussing in a meeting.
User Management
Training - Focuses on developing Training Campaigns. While Security Awareness is a primary reason we are working with this system, it should not be overlooked that they also have some EDI, Ethics, Harassment, Remote Work, etc. topics. It is even possible to add your own content to the library. Everything you find a use for just increases the service's value.
Training Campaigns
Phishing - Focuses on developing Phishing Campaigns. We encourage members to continuously (but not excessively) test their staff's awareness by using Phishing Campaigns. It is important for staff to know that these tests are not about trapping or embarrassing them, but instead it is about giving them a regular reminder to remain vigilant. These test are also useful in identifying staff that struggle to see the red flags of a phishing email, and guiding them towards training that helps them to improve.
Phishing Campaigns