Meet your compliance training requirements
We made it easy to match security awareness training to your requirements and track compliance over time.
Demo Infosec IQ today!
Train for industry threats & requirements
-
Healthcare
Deliver HIPAA compliance training and help employees keep PHI secure with training built for healthcare professionals.
Preview content -
Financial services
Train employees on PCI DSS, GLBA and SOX requirements and prepare them for the most common attacks facing the financial services industry.
Preview content -
Technology
Educate your IT and engineering team with CPNI and OWASP training and keep your technology, systems and data secure.
Preview content -
Education
Prepare educators and staff with FERPA training and content tailored to schools.
Preview content -
Retail
Teach employees how to protect cardholder data, account records and more while fulfilling PCI compliance requirements for security awareness training.
Preview content -
Government & military
Educate government employees, military members and contractors with training on CJIS, FAR Code of Conduct, DFARs and more.
Preview content -
Manufacturing & construction
Keep manufacturing plants and construction sites cyber secure with training on NIST compliance, federal manufacturing standards and more.
Preview content
Prepare every employee with role-based training
Do you have role-based training requirements? With role-based training, you can help your payroll department identify financial threats, teach executives to recognize whaling attacks and reinforce secure coding practices with your engineering team.
Frequently asked questions
- What is compliance training for cybersecurity?
-
Compliance training is employee education required by legislation or regulations. Compliance training may also refer to education mandated or recommended via industry standards, frameworks or internal policies. Although some compliance mandates specify training topics or types, many include general requirements (e.g., provide annual security awareness training for all employees).
-
- My organization is required to provide security awareness training for every employee. Does Infosec IQ cover this requirement?
-
Yes. The Infosec IQ security awareness and simulated phishing platform includes everything you need to deliver — and document — security awareness training for all employees and prove compliance.
-
- How can I achieve NIST Cybersecurity Framework compliance for security awareness training?
-
The NIST Cybersecurity Framework is a voluntary set of standards, guidelines and best practices to help organizations manage cybersecurity-related risk. The Framework outlines five core functions used to help organizations organize basic cybersecurity activities: Identify, Protect, Detect, Respond and Recover. The Protect function identifies security awareness training as a key component to an effective cybersecurity program.
To align with NIST recommendations, organizations should ensure “personnel and partners are provided cybersecurity awareness education and are trained to perform their cybersecurity-related duties and responsibilities consistent with related policies, procedures, and agreements.”
NIST provides guidance on security awareness and training topics in its special publications and encourages organizations to train employees on phishing, social engineering, password security, safe web browsing, physical security and more.
All Infosec IQ security awareness training content is mapped to the NIST Cybersecurity Framework and special publication recommendations to make it easy for any organization to build an effective employee training program into their cybersecurity strategy.
-
- How can I fulfil mandatory security awareness training while keeping my training program fun and engaging?
-
Mandatory security awareness training doesn’t have to be boring. The most effective security awareness training blends training topics and best practices with relevant scenarios, engaging storytelling and relatable characters. This allows you to keep employees engaged and inspire behavior change while accounting for compliance requirements.
-
Select training by standards & regulations
Standards & regulations
Infosec IQ training modules
C-TPAT
Customs-Trade Partnership Against Terrorism
CCPA
California Consumer Privacy Act
CJIS
Criminal Justice Information Services
COPPA
Children’s Online Privacy Protection Act
CPNI
Customer Proprietary Network Information
EFTA
Electronic Funds Transfer Act
FACTA
Fair and Accurate Credit Transactions Act
FAR | DFARS
Federal Acquisition Regulation
Defense Federal Acquisition Regulation Supplement
FCPA
Foreign Corrupt Practices Act
FERPA
Family Educational Rights and Privacy Act
FINRA
Financial Industry Regulatory Authority
GDPR
General Data Protection Regulation
GLBA
Gramm–Leach–Bliley Act
HIPAA | HITECH
Health Insurance Portability and Accountability Act
Health Information Technology for Economic and Clinical Health Act
IRC 6103
Internal Revenue Code 6103
ISO 27001
Information Security Management Standard
NIST 800-171
National Institute of Standards and Technology Special Publication 800-171
PCI DSS
Payment Card Industry Data Security Standard
PIPEDA
Personal Information Protection and Electronic Documents Act
Privacy Act of 1974
SOC2
Service Organization Controls 2
SOX
Sarbanes–Oxley Act
SSA 1106
Social Security Act Section 1106
Cybersecurity Culture — Quantified
See the data on the most overlooked variable in security and learn how to measure your organization's cybersecurity culture.
