Radack, S.
(1998),
Training for Information Technology Security: Evaluating the Effectiveness of Results-Based Learning, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=151647
(Accessed October 16, 2025)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Training for Information Technology Security: Evaluating the Effectiveness of Results-Based Learning
Published
Author(s)
Abstract
This bulletin discusses the techniques that organizations should use to measure the effectiveness of their IT security training programs and the extent to which the programs are useful to the organization and are wise expenditures of training resources. Evaluations of IT security training should start with planning for the collection of evaluation data. Evaluations should take place at many levels and should include the views of the students for each learning activity. The material in this bulletin was excerpted from NIST Special Publication 800-16, Information Technology Security Training Requirements: A Role- and Performance-Based Model. The training requirements were developed by the Federal Computer Security Program Managers Forum and by the Federal Information Systems Security Educator s Association (FISSEA).Citation
ITL Bulletin -
NIST Pub Series
Pub Type
NIST Pubs
Download Paper
Keywords
evaluation planning, evaluations, information technology security, information technology security training, results-based training, role training, security training, training effectiveness
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact [email protected].
Created June 23, 1998, Updated February 19, 2017