Purpose
To provide ÑÇÖÞAV with guidance in developing and implementing the appropriate protective safeguards to support the confidentiality, integrity, and availability of ÑÇÖÞAV assets and information.
Policy
ÑÇÖÞAV faculty, staff, students, and appropriate third-parties are provided information security awareness education. ÑÇÖÞAV faculty and staff are adequately trained to perform their information security-related duties and responsibilities consistent with related policies, procedures, legal requirements, regulations, and agreements. To accomplish this, ÑÇÖÞAV has implemented an information security awareness program that discusses common security shortcomings that can be strengthened through individual action. ÑÇÖÞAV reviews the information security awareness program annually and appropriate updates are applied based on the findings of the annual reviews. ÑÇÖÞAV requires faculty and staff to verify annually that they have completed their information security awareness training and are aware of their data security responsibilities and ÑÇÖÞAV’s information security policies.
Summary
- ÑÇÖÞAV administers general security training that is used to enhance information security awareness for faculty, staff and students.
- Training may include the following: posters, email advisories, log-on screen messages, classroom training or E-Learning
- ÑÇÖÞAV offers role-based training to authorized users with privileged rights to minimize administrative privileges and utilization of administrative accounts only when required.
- Physical and information security personnel are given specific training based upon the needs of their roles
Training and Awareness Policy Details [pdf]