Purpose
To provide É«ÖÐÉ« with guidance in developing and implementing the appropriate protective safeguards to support the confidentiality, integrity, and availability of É«ÖÐÉ« assets and information.
Policy
É«ÖÐÉ« faculty, staff, students, and appropriate third-parties are provided information security awareness education. É«ÖÐÉ« faculty and staff are adequately trained to perform their information security-related duties and responsibilities consistent with related policies, procedures, legal requirements, regulations, and agreements. To accomplish this, É«ÖÐÉ« has implemented an information security awareness program that discusses common security shortcomings that can be strengthened through individual action. É«ÖÐÉ« reviews the information security awareness program annually and appropriate updates are applied based on the findings of the annual reviews. É«ÖÐÉ« requires faculty and staff to verify annually that they have completed their information security awareness training and are aware of their data security responsibilities and É«ÖÐɫ’s information security policies.
Summary
- É«ÖÐÉ« administers general security training that is used to enhance information security awareness for faculty, staff and students.
- Training may include the following: posters, email advisories, log-on screen messages, classroom training or E-Learning
- É«ÖÐÉ« offers role-based training to authorized users with privileged rights to minimize administrative privileges and utilization of administrative accounts only when required.
- Physical and information security personnel are given specific training based upon the needs of their roles
Training and Awareness Policy Details [pdf]