Purpose
To provide Â鶹´«Ã½ with guidance in developing and implementing the appropriate protective safeguards to support the confidentiality, integrity, and availability of Â鶹´«Ã½ assets and information.
Policy
Â鶹´«Ã½ faculty, staff, students, and appropriate third-parties are provided information security awareness education. Â鶹´«Ã½ faculty and staff are adequately trained to perform their information security-related duties and responsibilities consistent with related policies, procedures, legal requirements, regulations, and agreements. To accomplish this, Â鶹´«Ã½ has implemented an information security awareness program that discusses common security shortcomings that can be strengthened through individual action. Â鶹´«Ã½ reviews the information security awareness program annually and appropriate updates are applied based on the findings of the annual reviews. Â鶹´«Ã½ requires faculty and staff to verify annually that they have completed their information security awareness training and are aware of their data security responsibilities and Â鶹´«Ã½â€™s information security policies.
Summary
- Â鶹´«Ã½ administers general security training that is used to enhance information security awareness for faculty, staff and students.
- Training may include the following: posters, email advisories, log-on screen messages, classroom training or E-Learning
- Â鶹´«Ã½ offers role-based training to authorized users with privileged rights to minimize administrative privileges and utilization of administrative accounts only when required.
- Physical and information security personnel are given specific training based upon the needs of their roles
Training and Awareness Policy Details [pdf]