Purpose: To educate management and employees on basic security principles, draw attention to information security issues, and increase their understanding of the weaknesses and threats that affect the security of information and information systems in the organization.