Security Awareness Training Completion Audit

Audit template to verify that all staff have completed required onboarding and annual security awareness training, and that completion records are retained as audit evidence.

Audit Scope and Employee Population

• Audit period documented
  Record the start and end dates for the training compliance audit.
• Employee population roster matches active staff list
  Confirm the roster used for the audit matches the active employee population for the site, department, or business unit.
• Onboarding and annual training requirements identified for the population
  Confirm the applicable onboarding and annual security awareness training requirements were identified for the reviewed population.
• Exceptions list reviewed and documented
  Confirm any approved exceptions, leaves of absence, new hires, or terminations were reviewed and documented.
• Inspector notes
  Capture any scope limitations, sampling notes, or audit assumptions.

Onboarding Training Completion

• Onboarding security awareness training assigned to all new hires
  Confirm onboarding security awareness training was assigned to each new hire in scope.
• Onboarding training completion recorded for each new hire
  Confirm completion records exist for each new hire reviewed.
• Onboarding training completed within required timeframe
  Enter the number of days from hire date to onboarding training completion for the sampled employee or average sample result.
• Training content covers security awareness fundamentals
  Confirm the onboarding module includes topics such as phishing, password hygiene, data handling, and reporting suspicious activity.
• New hire completion evidence retained
  Confirm completion evidence is retained in the learning system, HR file, or compliance repository.

Annual Training Completion

• Annual security awareness training assigned to all staff
  Confirm annual training was assigned to all staff in scope for the current cycle.
• Annual training completion rate
  Enter the percentage of staff who completed annual security awareness training.
• Overdue employees identified and tracked
  Confirm any overdue employees are identified by name or employee ID in the corrective action log.
• Annual training completion dates verified
  Confirm completion dates were checked against the current annual cycle and are within the required period.
• Refresher or remedial training assigned for non-completions
  Confirm remedial training or follow-up assignments were issued for employees who missed the deadline.

Training Records and Evidence Retention

• Completion records include employee identifier, course title, and completion date
  Confirm each record contains the minimum fields needed to prove completion.
• Records are retrievable within a reasonable time
  Confirm training records can be retrieved promptly from the LMS, HRIS, or document repository during an audit.
• Retention period defined and followed
  Confirm a retention period exists for training records and the organization is following it.
• Evidence package available
  Attach screenshots, exports, reports, or other evidence showing training completion and record retention.
• Recordkeeping gaps documented
  Confirm any missing, duplicate, or inconsistent records were documented as deficiencies.

Corrective Actions and Sign-Off

• Deficiencies documented with owner and due date
  Confirm each deficiency has an assigned owner and due date for remediation.
• Corrective action plan initiated
  Confirm a corrective action plan has been initiated for any non-conformance identified during the audit.
• Inspector signature
  Inspector signs to confirm the audit review is complete and evidence has been reviewed.