Security Awareness Training

Compliance-grade security awareness training.

Five role-based courses including PCI DSS 4.0.1 Awareness (Req 12.6), phishing, acceptable use, IR procedures and privileged-access security. Auto-issued PDF certificates and audit-ready evidence.

Book a 30-minute scoping callGet a fixed-fee proposal
An open book with a pen resting between pages and a notebook on a dark wooden desk, illustrating structured learning

What we mean by training

Security awareness training is the structured work of giving staff the knowledge and habits to handle security threats, handle data, and report concerns. Done well, it changes behaviour and produces audit evidence. Done badly, it produces attendance metrics that prove nothing changed.

Our training programme is delivered through our compliance platform — the same platform as the phishing simulation. Five seeded compliance training courses, ten course categories, five content formats, multilingual support, and an audit-ready evidence export structured for PCI DSS Requirement 12.6 submission. Aligned to NCSC engagement & training guidance.

Key facts

Seeded courses
5
Categories
10
Default pass mark
80%
PCI DSS req
12.6

What the platform does

Four headline capabilities. The list is verifiable against the platform behaviour, not editorial framing.

5 seeded courses

PCI DSS 4.0.1 Awareness, Phishing Awareness, Acceptable Use, Incident Response Procedures, Privileged Access Security.

Auto-issued PDF certificates

Format CF-CERT-YYYYMMDD-XXXXX, branded with your org logo and signatory, stored in S3. Issued on completion.

New-hire & failure auto-assignment

New employees automatically assigned mandatory role-based training on account creation. Failed phishing simulations auto-assign remediation training.

Audit-ready evidence export

ZIP with completion CSV plus certificate inventory for PCI DSS audit submission. Same export your QSA will accept.

How a programme runs

Five stages from scoping through audit-ready export.

  1. 1

    Scoping call

    30 minutes, free

    Course mix, role mapping, recertification interval, language coverage. We talk through which courses are mandatory, which are role-specific, and how the platform fits with your existing onboarding.

  2. 2

    Programme setup

    1 week

    User roster (CSV import or new-hire trigger), course assignment rules, recertification rules, organisational branding for certificates.

  3. 3

    Course delivery

    Per learner

    Five seeded courses; SCORM, Video, Document, Interactive, and Scenario-Based content formats; multilingual translation support for courses, modules, and quiz questions.

  4. 4

    Completion tracking

    Continuous

    Module-level progress tracking, pass-threshold enforcement, configurable retake limits, waiver workflow with audit trail. Assignments lifecycle from ASSIGNED → IN_PROGRESS → COMPLETED.

  5. 5

    Audit-ready export

    On demand

    ZIP with completion CSV plus certificate inventory for PCI DSS Requirement 12.6 audit submission. Combined with phishing-simulation evidence in a single audit pack.

The seeded course library

Five compliance training courses available in the platform from day one. Custom courses can be authored against any of the ten supported categories.

PCI DSS 4.0.1 Security Awareness

45 min

Mapped to PCI DSS Requirement 12.6. Four modules covering cardholder data environment basics, common threats, secure handling practice, and incident reporting. Ten quiz questions; default 80% pass mark.

Phishing Awareness Training

30 min

Three modules covering phishing recognition, reporting procedures, and behavioural patterns. Designed to integrate with the phishing simulation platform — assigned automatically on simulation failure.

Acceptable Use of Technology

20 min

Two modules covering device, account, and data acceptable-use practice. Suitable as the role-agnostic baseline for all staff. Often paired with policy acknowledgement on completion.

Incident Response Procedures

25 min

Three modules covering recognition, escalation, and end-user response in security incidents. Aligned to NIST SP 800-61r3 phasing and the IR retainer service for organisations that have one.

Privileged Access Security

35 min

Three modules covering privileged-access risk, just-in-time access patterns, and audit-trail behaviour. Aimed at administrators, engineers, and any role with elevated permissions.

Why 1 Sequence Cyber

Built into our compliance platform

Training is delivered through the same platform as the phishing simulation module. Failed simulations automatically assign remediation training; certificate completion data flows into a single audit-evidence pack. No bouncing between vendors.

NCSC-aligned, behaviour-led

Programme design aligned to the NCSC engagement-and-training guidance — people-centred messaging, positive culture, no fear-based content. The training is structured to change behaviour, not to tick a compliance box and produce attendance metrics.

Frequently asked questions

Related services: phishing simulation · PCI DSS · SMB security assessment.

Ready to roll out a training programme?

Tell us your headcount, your sector, and your compliance drivers. We’ll come back with a fixed-fee proposal within 48 hours.

Book a 30-minute scoping callGet a fixed-fee proposal

Back to all services.