An organization’s IT security policy requires annual security awareness training for all employees. Which of the following would provide the BEST evidence of the training’s effectiveness?
A. Results of a social engineering test
B. Interviews with employees
C. Decreased calls to the incident response team
D. Surveys completed by randomly selected employees
A. Results of a social engineering test
B. Interviews with employees
C. Decreased calls to the incident response team
D. Surveys completed by randomly selected employees