Policy & Compliance
Brief
One of the primary challenges was that reading a written policy document often made it difficult for learners to visualise how these policies should be applied in the workplace. This lack of practical understanding led to a series of minor incidents, highlighting the need for a new solution and approach.
Traditional policy documents, while comprehensive, can be dry and abstract, making it hard for employees to engage with the material and see its relevance to their daily tasks. This disconnect between policy and practice can result in employees not fully adhering to the guidelines, thereby increasing the risk of security breaches and other issues.
To address this, the company recognised the need for a new and innovative approach to train its employees on established policies and procedures related to security. The goal was to create a learning experience that would not only convey the necessary information but also demonstrate its practical application in real-world scenarios. This approach aimed to bridge the gap between theoretical knowledge and practical implementation, ensuring that employees could see the direct impact of their actions and decisions.
A scenario-based course was identified as a suitable solution. By incorporating scenario-based learning and interactive elements, the new training course sought to make the policies more relatable and easier to understand. This approach would not only bring the scenarios to life but also include branching options, allowing employees to make choices and see the consequences of their decisions in a controlled environment, ultimately reducing the occurrence of incidents and enhancing overall workplace security.
The training aim was to provide comprehensive security education that was both practical and engaging, ultimately enhancing the overall security posture of the company.
Audience
The aim was to design a training solution that all new employees could complete within their first week of joining the company. This course needed to be engaging and relevant to a diverse audience, encompassing employees of all ages and career levels, from entry-level positions to senior management.
The course was designed to be interactive and visually appealing, incorporating multimedia elements such as videos, animations, and quizzes to maintain engagement. By using real-life scenarios and practical examples, the training aimed to make the content relatable and easy to grasp, helping employees understand how to apply the policies and procedures in their daily work.
Solution
From the initial discussions, it was evident that a video scenario-based e-learning course would provide the greatest chance of success in reducing or, ideally, eliminating future incidents. This approach was chosen for its ability to engage learners through realistic scenarios, allowing them to visualise and practice applying the policies in real-life situations.
Eight key areas of risk were identified for the training course:
Handling Credit/Debit Cards: Ensuring employees understand the importance of secure transactions and protecting customer information. This includes recognising fraudulent activities and following proper procedures to safeguard payment data.
Dealing with Lost Property: Teaching employees the correct procedures for handling and reporting lost items to prevent security breaches. This involves logging lost property, securing it appropriately, and following up with the rightful owners.
Password Security: Emphasising the importance of creating strong passwords and protecting login credentials to safeguard company data. Employees are trained on best practices for password management and the risks associated with weak passwords.
Managing Confidential Information: Educating employees on how to handle sensitive information securely and comply with data protection regulations. This includes understanding what constitutes confidential information and the protocols for sharing and storing it.
Physical Security: Highlighting the measures needed to maintain a secure physical environment, including access control and surveillance. Employees learn about the importance of securing entry points, monitoring visitor access, and responding to physical security threats.
Cybersecurity Awareness: Raising awareness about common cyber threats and how to avoid them, such as phishing and malware. The training covers identifying suspicious emails, safe browsing practices, and the importance of software updates.
Incident Reporting: Instructing employees on the proper channels and procedures for reporting security incidents promptly. This ensures that any potential threats are addressed quickly and effectively, minimising the impact on the organisation.
Customer Interaction: Training employees on how to handle security-related situations with customers, ensuring both safety and customer satisfaction. This includes managing difficult situations, maintaining professionalism, and protecting customer data.
By focusing on these areas, the training course aimed to provide comprehensive security education that was both practical and engaging. The use of video scenarios allowed employees to see the direct consequences of their actions and decisions, reinforcing the importance of following security protocols.
The course was designed to be interactive, with branching scenarios that required employees to make choices and see the outcomes of those choices. This approach not only made the training more engaging but also helped employees internalise the lessons and apply them in their daily work.
Overall, the solution was tailored to meet the diverse needs of the workforce, ensuring that all employees, regardless of their role or experience level, could benefit from the training and contribute to a safer and more secure workplace.
Evaluation
Since the launch of the e-learning course, there has been a significant impact on the company’s security posture. Notably, there has been an 80% reduction in security-related incidents involving new employees. This substantial decrease highlights the effectiveness of the training in equipping employees with the necessary knowledge and skills to handle security issues appropriately.
The scenario-based approach, combined with interactive video content, has proven to be highly engaging and effective in helping employees understand and apply security policies in real-life situations. By allowing employees to make choices and see the consequences of their actions, the training has reinforced the importance of following security protocols and best practices.
Feedback from employees has been overwhelmingly positive. Many have reported feeling more confident and prepared to handle security-related tasks and incidents. The training has not only improved their understanding of security procedures but also increased their overall awareness and vigilance.
Overall, the success of the e-learning course demonstrates the value of innovative and interactive training solutions in achieving significant improvements in workplace security.
Tools
Articulate Storyline
Camtasia
Audacity
FlatIcon.com