google 4.9 (34 reviews)
Cyber security service for you
Schedule a Demo

ISO 27001 security awareness training

Turn employees into your strongest firewall with short, recurring security awareness games. Recommended by ISO 27001 implementers and auditors.

Start free trial

No payment information needed.

Schedule personal demo
A Guardey challenge

Train security awareness regularly

The ISO 27001 standard emphasizes the importance of promoting awareness of information security. Guardey trains your team to recognize and report cyber threats with weekly, 3-minute micro-challenges.

Custom content dashboard

Provide role-specific training content

Ensure that each employee understands their role and responsibilities regarding your information security policy. Add custom role-specific content to Guardey to ensure everybody is taught the exact information they need.

Guardey's insights dashboard

Prove compliance during audits

ISO 27001 auditors look for evidence of the implementation of training programs and how you measure learning progress. Guardey’s in-depth analytics and weekly reports give you all the insights you need to prove compliance.

Killian from Fendix

We help organizations to safely organize their data and comply with the ISO 27001 directive. To get certified, you need to invest in the security awareness of your employees.

With Guardey, security awareness training becomes affordable and you don’t need to invest any time in setting it up.

That’s why we advise our clients to use Guardey instead of doing all the heavy lifting of setting up their own training.

Killian Houthuijzen
Information security consultant at Fendix

How EyeOn put ISO 27001 compliance on auto-pilot

“Being ISO 27001 certified comes with many responsibilities for our employees. This means we have to make our staff aware of cyber threats and be able to show that we’re doing enough to do so. That's why we use Guardey.”

Dan Roozemond

Data science lead
View Case Study
Inexto logo

“The uptick in training participation has been fantastic. Employees have even set up their own little Guardey competitions internally. So we have the company-wide leaderboard, but the teams themselves are now even having their little competitions in Microsoft Teams group chats. Guardey has brought out the competitive nature in them.”

Jonathan Farrell

Jonathan Farrell

Information and Quality Assurance Manager
View Case Study

What is the ISO27001 standard?

ISO 27001 is an international standard for information security management. It guides organizations in establishing, implementing, and improving security practices, ensuring the protection of information assets, and demonstrating commitment to managing risks.

What does ISO27001 say about security awareness training?

The importance of security awareness is emphasized in four clauses of the ISO 27001 standard:

  • Clause 7.2 – Competence: The standard requires organizations to determine the necessary competence of employees involved in information security.
  • Clause 7.3 – Awareness: Organizations need to make sure that employees are aware of the information security policy, objectives, and their roles and responsibilities in achieving these objectives.
  • Clause 8.2 – Communication: ISO 27001 emphasizes the importance of internal communication regarding the information security management system, including promoting awareness of information security.
  • Clause 8.2.2 – Information Security Awareness, Education, and Training: Organizations need to ensure that personnel are aware of the information security policy and are competent in the areas of their work that relate to information security.

What do ISO27001 auditors look for in a security awareness program?

Auditors often look for the following:

  • Documentation: Have you documented your security policy, objectives, roles, and specific requirements related to security awareness and training?
  • Communication: Can you prove that your employees are aware of your security policy, objectives, and their specific roles in achieving them?
  • Training programs: Can you provide evidence that your organization has implemented security awareness training programs?
  • Monitoring and measurement: Can you show that you are monitoring and measuring the effectiveness of your program?

What are the benefits of gamification in a security awareness program?

Traditional security awareness training can often be dry and boring. With gamification, the complex subject matter is transformed into an engaging and memorable experience.

By integrating game elements such as challenges, quizzes and rewards, it incentivizes users to actively learn. This makes the training more enjoyable and fosters a sense of competition and achievement. This combination drives better retention and application of cyber security knowledge.

Which security awareness topics are covered in Guardey?

Guardey covers a wide array of topics to train users about all currently relevant cyber threats, put together in collaboration with ethical hackers and educationalists. The topics covered include phishing, remote work, password security, CEO fraud, ransomware, smishing, and much more.

How much time do the weekly challenges take?

Guardey’s weekly challenges take about 3 minutes to complete.

In which languages is Guardey available?

Guardey is available in English, Dutch, Italian, French, Spanish, German, Polish, Swedish and Danish.