Skill Guide

Instructional design methodologies (ADDIE, SAM, Bloom's Taxonomy) applied to security education

The systematic application of instructional design frameworks-such as the ADDIE and SAM development cycles, and Bloom's Taxonomy for cognitive objectives-to create, structure, and validate effective security awareness and training programs.

This skill transforms security education from a compliance checkbox into a measurable behavioral change initiative, directly reducing human risk and protecting organizational assets. It ensures training investments yield a higher ROI by aligning content with specific cognitive levels and adult learning principles.

1 Careers

1 Categories

9.0 Avg Demand

15% Avg AI Risk

How to Learn Instructional design methodologies (ADDIE, SAM, Bloom's Taxonomy) applied to security education

1. Grasp the core phases of ADDIE (Analysis, Design, Development, Implementation, Evaluation). 2. Understand the iterative nature of the Successive Approximation Model (SAM). 3. Learn the cognitive domains of Bloom's Taxonomy (Remember, Understand, Apply, Analyze, Evaluate, Create) and how to write learning objectives using action verbs from each level.

Apply frameworks to real scenarios: Use ADDIE to conduct a formal Training Needs Analysis (TNA) for a specific role (e.g., developers, finance staff). Design a micro-learning module using SAM's iterative prototyping. Write a full set of learning objectives for a phishing module that moves from 'Identify' (Remember) to 'Evaluate' (justifying a decision) a suspicious email. Avoid the common mistake of jumping straight to development without a proper analysis phase.

Architect enterprise-wide security education ecosystems that integrate with HR onboarding, GRC platforms, and threat intelligence. Use evaluation models (Kirkpatrick's Four Levels) to demonstrate program efficacy to the C-suite with data. Mentor instructional designers on applying these models to complex topics like secure coding practices or cloud misconfiguration, aligning the entire program with business risk tolerances and regulatory frameworks (e.g., NIST CSF, ISO 27001).

Practice Projects

Beginner

Case Study/Exercise

Applying ADDIE to a Phishing Simulation Program

Scenario

Your CISO has tasked you with developing a mandatory annual phishing training module for all employees. Previous modules had low completion rates and no measurable impact on click rates.

How to Execute

1. **Analyze**: Survey a sample of employees and review past phishing simulation data to identify specific knowledge gaps (e.g., urgency triggers, link inspection). 2. **Design**: Define 3-4 SMART learning objectives using Bloom's verbs (e.g., 'Analyze email headers to identify spoofed domains'). 3. **Develop**: Create a 10-minute interactive module with realistic, branching scenarios. 4. **Implement**: Roll out via the LMS, communicating clear purpose. 5. **Evaluate**: Measure pre- and post-training quiz scores and track the next phishing simulation click-rate delta.

Intermediate

Case Study/Exercise

SAM-Based Rapid Development of Secure Coding Training

Scenario

The application security team identifies a recurring vulnerability (e.g., SQL injection) in the codebase. They need targeted, just-in-time training for developers, not a generic course.

How to Execute

1. **Preparation Phase**: Quickly gather the vulnerability data, code examples, and input from lead developers. 2. **Iterative Design Phase**: Using SAM's Savvy Start, create a first prototype: a 5-minute video with a vulnerable code snippet, followed by a secure fix challenge in a sandboxed IDE. 3. **Iterative Development Phase**: Test the prototype with a small group of developers, gather feedback, and refine the code examples and explanations in a second iteration. 4. **Deployment**: Integrate the final module into the CI/CD pipeline documentation or as a pre-merge checklist resource.

Advanced

Case Study/Exercise

Designing a Measurable Security Culture Program Aligned to Business Risk

Scenario

The board requests evidence that the security awareness program reduces risk and supports business objectives, beyond just training completion metrics.

How to Execute

1. **Strategic Analysis**: Map key business processes (e.g., M&A due diligence, customer data handling) to their associated human risks. 2. **Program Architecture**: Using ADDIE's Analysis, design tiered learning paths: mandatory compliance (Remember/Apply), role-based secure practices (Analyze/Evaluate), and leadership security strategy (Create/Evaluate). 3. **Development with Metrics**: Build content and embed assessments that capture Kirkpatrick Level 3 (behavior) and Level 4 (results) data-e.g., linking reduced help-desk security tickets to specific training modules. 4. **Executive Reporting**: Present a dashboard correlating training engagement with qualitative risk reduction metrics (e.g., audit findings, incident response times) to demonstrate business impact.

Tools & Frameworks

Instructional Design Frameworks

ADDIE ModelSuccessive Approximation Model (SAM)Kirkpatrick's Four Levels of Training Evaluation

ADDIE provides a comprehensive, linear structure for large-scale program development. SAM is preferred for agile, iterative projects requiring rapid prototyping and stakeholder feedback. Kirkpatrick's model is essential for designing evaluations that prove program effectiveness to business leadership.

Cognitive & Learning Taxonomies

Bloom's Taxonomy (Revised)Kirkpatrick-Phillips Model (ROI)Merrill's First Principles of Instruction

Bloom's Taxonomy is the definitive tool for structuring learning objectives from basic recall to complex creation. Merrill's Principles guide the design of engaging, problem-centered content. The Kirkpatrick-Phillips extension adds a fifth level (ROI) for formal cost-benefit analysis of training programs.

Authoring & Delivery Tools

Articulate 360 (Rise/Storyline)CamtasiaMoodle/TalentLMS

Articulate is the industry standard for building interactive e-learning modules. Camtasia is used for creating and editing video tutorials and screen captures. A Learning Management System (LMS) like Moodle is critical for deploying content, tracking completions, and assessing learner progress.

Interview Questions

Answer Strategy

The interviewer is testing your ability to select and apply a framework to a specific, high-stakes business problem. Use a hybrid ADDIE/SAM approach. Sample answer: 'I would start with a rapid SAM-style analysis of recent BEC attempts targeting finance, interviewing key personnel. In the iterative design phase, I'd prototype a scenario-based module where learners must verify payment change requests via a separate channel, applying Bloom's 'Analyze' and 'Evaluate' levels. We'd test this with a small finance cohort, refine based on feedback, then roll out. I'd use Kirkpatrick's Levels 1-2 to measure knowledge gain and Level 3 to track behavior change in subsequent simulations.'

Answer Strategy

Tests self-awareness, analytical thinking, and process improvement. Be specific about the failure. Sample answer: 'Early in my career, I developed a module on password security that focused solely on policy recall (Bloom's Remember). Post-training audits showed no change in weak password usage. I learned I had skipped the Analysis phase-the real barrier wasn't knowledge, but convenience. I redesigned the program using the 'Apply' and 'Analyze' levels, incorporating password manager tools and demonstrating how quickly common passwords are cracked. The next phase showed a 40% reduction in policy violations.'