Security Posture Best Practices

Security Awareness Trainings

  • Updated

Regular security and privacy awareness training helps employees stay informed about their company's security practices. A thorough security training program requires employees to complete training at least annually to provide your organization with updated best practices and information. Vanta helps you manage a dynamic security program with yearly recurring training options. Since employees may have different security requirements, Vanta enables you to assign security and privacy training based on the topics required for various employee groups. To assign the training to relevant employees, you can create a group or leverage an existing one and assign the training to that group. 

Enabling Vanta Security Training

  • From the left-hand navigation panel, select People
  • Select Checklists and click on a Checklist

Screenshot 2024-06-10 at 12.27.24 PM.png

  • Enable the security training you require of your employees by toggling the switch to on


  • Vanta's training is a pre-established training program for your employees to use
  • Custom training allows you to link to a security training program outside of Vanta
    • If you have integrated with a Security Training platform established with Vanta, this will be automatically selected, and Vanta's training will be greyed out
    • If you are using a Security training platform, not established with Vanta, you will need to select custom training and copy and paste the URL. Please note that this will only take the employee to the training site. It is recommended to create a custom task so that the Admin can prompt employees to prove that they completed the training (i.e., uploading a screenshot, etc.)
  • Your employees will need to visit to complete their security tasks. Once you are ready, you can enable Vanta's automated reminders to notify them automatically
  • As an Admin, you can see an employee's progress by opening the People page, selecting the person, and viewing their completed tasks and default requirements


  • By default, this is an annually recurring task for employees. The training anniversary date is based on the employee's last security training
  • Security Awareness training in the second year and any after that will be added to the employee task list

Custom Tasks for Custom Security Training

  • When creating checklists, you can create a custom task
  • From here, you can provide the task name and the instructions. Include the link to the security training here
  • From here, you can require your employees to upload proof of completion, ie, screenshots or signed documents


Re-completing the training before the annual due date

  • If you need certain users to redo their Security Awareness Training before the annual due date, they can revisit the training by going to
  • After they complete the training and hit submit, a new entry will be created in their profile on the People page, indicating the most recent completion date
    • However, it is not possible to uncheck the task that has already been marked as completed