Courses fit very easily into a long term security program. To help you get started with planning your program, we've listed a few tips to help you pair Courses and Assessments:

• If you're creating an overall security program, we recommend starting off by setting up assessments first. Consider target vulnerabilities and training level you would like your assessment to cover
  
  
• Once you’ve created an assessment, you can then base your course structure on the vulnerabilities it covers. Each vulnerability could then be set up as a separate module in your course, giving your developers enough time to learn and absorb all the important content for each vulnerability
  
  
• Consider setting a deadline for the assessment. This will help you manage your security program goals and progress by ensuring that assessments are completed by a certain time, allowing you to move onto other aspects of your program. 
  
  Note: We don't recommend setting a deadline for a course as it should be considered easily and readily accessible for use as free-training before assessments or other program checkpoints
  
  
• If you're not sure what difficulty level to choose for a course or assessment, or if you're not sure what your developers' security awareness skill level is, we recommend providing an equal mix of easy and medium-level challenges to help you gauge where everyone is at

A good tip to follow is to think about what focus you would like your course to cover.

To find out what focus options you can choose from, check out 'How to create a Course'.