People

Awareness & Training

Describe the baseline security awareness, onboarding, and role-specific training expectations for Helixiora.

Last reviewed 17 March 2026 In ISMS 1 min read

Security controls are only reliable if the people expected to operate them understand what good looks like.

Baseline awareness

All personnel should receive:

onboarding guidance on the most important security responsibilities
periodic refreshers on reporting, access, data handling, and common threats
targeted updates when the threat landscape or control environment changes materially

Role-specific training

Define extra expectations for roles with elevated impact, such as:

administrators and engineers
incident responders
people who approve supplier or risk decisions

Evidence

Keep a simple training record that shows:

who completed required training
when it was completed
which content or module was used