Federal Pub Provides IT Security Training Approach (NIST SP 800-16)

The cool thing about the National Institutes of Standards and Technology publication (NIST SP 800-16) is that it not only informs about how to approach information technology security training, but could actually be used as a guideline for all types of training approaches and in helping to determine needs. We assume that federal cutbacks and austerity measures due to the economic downturn has brought out the merits and methodology or purpose of this publication; to get smart about IT Security/training of same. While the original publication date was in 1998, the usefulness of this 14 year old tool is more relevant than ever and is the classic example of why this blog was started.  "If it works, use it!"
Here is a reconstructed version of the pub's "Framework" table that highlights the proposed methodology and rationale for the desired outcomes of IT security measures.

Framework For Information Technology Security Training*
	Awareness	Training	Education
Attribute:	What	How	Why
Level:	Information	Knowledge	Insight
Learning Objective:	Recognition, Retention	Skill	Understanding
Example Teaching Method:	Media: video, newsletters, posters	Practical Instruction: -lecture and/or demo -case study -hands on instruction	Theoretical Instruction: -Seminar & Instruction -Reading & Study -Research
Test Measure:	True/False, Multiple choice (Identify learning)	Problem solving: e.g. recognition, resolution (apply learning)	Essay (interpret learning)
Impact Timeframe:	Short-term	Intermediate	Long-term

*Reference NIST SP 800-16, April 1998, Information Technology Security Training Requirements: A Role and Performance Base Training Model, p 18.