Skip to main content

AT - Awareness and Training

(AT-1) Security Awareness and Training Policy and Procedures

Security awareness training policy should address purpose, scope, roles, responsibilities, management commitment, and compliance related to secure use of information systems.

(AT-2) Security Awareness and Training

Understanding the importance of information security, individual responsibilities, and accountability are paramount to achieving university security goals. This can be accomplished with a combination of general information, security awareness training, and targeted training. The security awareness and training information needs to be ongoing and updated as needed.

(AT-3) Role-Based Security Training

The University shall provide role-based information security training to staff with information security responsibilities.

(AT-4) Security Training Records

The University maintains records of information security training and monitors them for compliance.