Starting With A Premise, Ending With A Process
Organizations have been slowly coming to the understanding that information security awareness programs are essential to the success of their overall security program. Awareness programs have been deployed slowly; not because of management reluctance, but often because of budgetary restraints, lack of a security infrastructure, a misunderstanding of program goals, and uncertainty of the message that needs to be distributed. Here is how one manufacturing organization used ETaware methodology to pursue a comprehensive awareness program that complements the security goals of the organization and is customized to their unique business requirements.

Information security in international manufacturing organizations is often decentralized - security may be handled by a large group in regional megacenters, or by a factory manager at a remote location. Geographic, cultural, regulatory, labor, and business unit differences may abound. These were the challenges facing one organization - it recognized that they need a program because of internal and external governance regulations, but it wasn't sure how to go about it. The ETSec methodology helped the organization determine why it needed strong awareness programs and how to successfully develop and deploy these awareness programs internationally with style and relevance.