Contents
- Basic Security Awareness Training
- Training Content (Aligned with Article 13(6) DORA)
- Secure Handling of Information and ICT Assets
- Password Hygiene & Strong Authentication
- Phishing, Social Engineering & Impersonation Awareness
- Safe Use of Email, Internet & Collaboration Tools
- Secure Remote Work & Mobile Work Environments
- Understanding the Core Security Principles
- Incident, Anomaly & Suspicious Behaviour Reporting
- Training Formats
- Documentation, Evidence & Compliance
- Why Choose This Training?
Basic Security Awareness Training
Mandatory ICT Security Training for All Employees
The Basic Security Awareness Training provides the fundamental skills and behavioural competencies required for every employee under the Digital Operational Resilience Act (DORA). As mandated by Article 13(6) DORA, all staff must undergo periodic, documented ICT security awareness training to prevent, detect and respond to ICT security risks.
This training strengthens your organisation’s ICT risk posture, supports regulatory compliance and reduces human-factor vulnerabilities across all business units.
We deliver the programme in four formats:
- Seminar
- Training
- Webinar
- E-Learning (SCORM)
Purpose of Basic Security Awareness Training
Under DORA, employees at all levels must be equipped to recognise threats, take secure actions and report incidents promptly. The Basic Security Awareness Training forms the foundation of an organisation-wide security culture and directly supports:
- preventative ICT controls (Article 9)
- detection and early escalation of ICT incidents (Articles 10 and 17)
- secure execution of operational processes, including remote work
- oversight requirements of the management body (Article 5(2)(g))
- digital operational resilience across critical and important functions
This programme ensures every staff member meets the baseline competence level required by DORA.
Training Content (Aligned with Article 13(6) DORA)
The curriculum covers the essential ICT security topics required for all employees, including:
Secure Handling of Information and ICT Assets
- correct classification and handling of information
- safe storage, processing and transmission
- avoiding data leakage and misuse
Password Hygiene & Strong Authentication
- secure password creation
- multi-factor authentication principles
- safe use of credentials
Phishing, Social Engineering & Impersonation Awareness
- recognising suspicious emails, messages and links
- identifying pretexting, impersonation and psychological manipulation
- how to react and where to report attempted attacks
Safe Use of Email, Internet & Collaboration Tools
- secure behaviour in daily work
- avoiding malicious downloads
- safe file-sharing practices
Secure Remote Work & Mobile Work Environments
- secure Wi-Fi and device use
- protecting confidential information on the move
Understanding the Core Security Principles
- confidentiality, integrity, availability and authenticity (CIAA)
- why human-factor risk is a systemic vulnerability under DORA
Incident, Anomaly & Suspicious Behaviour Reporting
- internal reporting channels
- what must be escalated under Article 23 RTS RMF
- employee responsibilities in detection and early warning
Training Formats
Seminar
Interactive, high-quality classroom training ideal for individual participants or small teams. Includes real-world examples, case studies and practical exercises.
In-House Training
Delivered directly on your premises, tailored to your internal policies, ICT environment and threat landscape. Ideal for larger teams or organisation-wide rollouts.
Webinar
Instructor-led online training with interactive elements, ideal for distributed workforces and international teams.
E-Learning
Self-paced online modules you can deploy in your Learning Management System. Includes assessments, automated tracking, user analytics, certificates and versioning.
All formats fully comply with the documentation and audit requirements of DORA.
Documentation, Evidence & Compliance
To meet supervisory expectations and internal audit standards, each participant receives:
- a certificate of completion,
- assessment results,
- timestamped training records,
- digitally tracked progress (for E-Learning),
- versioned training materials for evidence production.
These artefacts directly support compliance under Article 13(6) DORA and the oversight responsibilities of the management body under Article 5(2)(g).
Why Choose This Training?
- Fully DORA-aligned curriculum
- Suitable for all employees across the organisation
- Available in four flexible delivery formats
- Audit-ready documentation
- Designed to reduce human-factor risk across business operations
- Supports incident detection, reporting and organisational resilience