Information Security Awareness Programme

A proven method to re-engage your organisation in reducing information security risk

Want to know more?

Employee Information Security Risk

Technology “fortification”, implementing security policy, and implementing controls only go so far in mitigating the risk of data breaches, reputational damage and financial loss. PWC's The Global State of Information Security® Survey 2016 found that employees and business partners are cited as the most common source of security breach.

The Information Security Forum's Threat Horizon 2018 makes several gloomy predictions:

  • The organisation's ability to protect will be progressively compromised.

  • Board expectations will quickly accelerate beyond their information security functions' ability to deliver.

  • A major incident will reveal this misalignment and create substantial business impact.

Move From Awareness To Engagement

Baxter Thompson Associates can help reduce security risk and improve compliance by applying a tried a tested approach built on solid business partnering techniques:

  • A common language
  • Shared interests and goals
  • Listening and learning as well as training and instructing

We leverage Infosec's technology and process capabilities and deliver the missing ingredient: Business Partnering!


Build Credibility

Show you're listening

Demonstrate change

Set clear expectations

Build Trust:

Reassure Executives

Manage people as people

Deliver Results:

Improve compliance

Reduce security risk

Target risks effectively 

Plan for the Future

Adopt a proven approach

Gain confidence in delivery

The Proposal: Information Security Engagement Programme

A proven method to re-engage your organisation in reducing information security risk

What you'll get:

  • Clear articulation of issues to create a compelling case for change to all audiences
  • A series of workshops to help realise the shared opportunity between stakeholders
  • Establish a programme for training, communication and engagement management
  • Organisational change facilitation and coaching that looks at communication styles, attitudes, behaviours and beliefs

Case Study

More detail on the approach and the rationale

View in Slideshare

Watch the Video

Financial Services


At the ESRM conference in April 2015, Baxter Thompson Associates shared their views on applying BRM principles to Information Security - specifically User Awareness. In this document, we describe how we advocated implementing a new approach to working with stakeholders to improve compliance and reduce risk on security controls information security for a major financial services provider.


Contact Us