CRISC Certified in Risk and Information Systems Control – Question715

Management has required information security awareness training to reduce the risk associated with credential compromise. What is the BEST way to assess the effectiveness of the training?

A.
Conduct social engineering testing.
B. Perform a vulnerability assessment.
C. Audit security awareness training materials.
D. Administer an end-of-training quiz.

Correct Answer: A