Assessing a training program

NIST Special Publication 800-16 recommends four ways to evaluate the effectiveness of a cybersecurity training program

The National Institute of Standards and Technology's Special Publication 800-16 recommends four ways to evaluate the effectiveness of a cybersecurity training program.

Level 1: End-of-Course Evaluations (Student Satisfaction). Those evaluations obtain instant feedback from students who use forms that rate the training facility, instructor and presentation method, among other factors.

Level 2: Behavior Objective Testing (Learning and Teaching Effectiveness). This level seeks to measure the degree to which a training activity transfers information to the student — for example, by administering tests before and after the training.

Level 3: Job Transfer Skills (Student Performance Effectiveness). An evaluator polls supervisors 30 days to 60 days after training to see whether employees are meeting the behavioral objectives of the program.

Level 4: Organizational Benefit (Training Program Effectiveness). This level seeks to quantify the value of the resulting security improvements in relation to the cost of the training.

About the Author

John Moore is a freelance writer based in Syracuse, N.Y.

Featured

  • IT Modernization
    Eisenhower Executive Office Building (Image: Wikimedia Commons)

    OMB's user guide to the MGT Act

    The Office of Management and Budget is working on a rules-of-the-road document to cover how agencies can seek and use funds under the MGT Act.

  • global network (Pushish Images/Shutterstock.com)

    As others see us -- a few surprises

    A recent dinner with civil servants from Asia delivered some interesting insights, Steve Kelman writes.

  • FCW Perspectives
    cloud (Singkham/Shutterstock.com)

    A smarter approach to cloud

    Advances in cloud technology are shifting the focus toward choosing the right tool for the job and crafting solutions that truly modernize systems.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.