Following the compliance guideline provided by NIST SP 800-16 that outlines safety and training requirements is another way to increase employee awareness. This type of training and compliance emphasizes roles rather than fixed content while providing flexibility, adaptability and longevity. Furthermore, it is also advantageous to vary the training method for different users. For example general user training, managerial user training and technical user training which can be classified by job category or job functions. According to the Management of Information Security textbook by Whitman and Mattord, there are seven methodological steps to implement