Security Awareness Training, Information Technology

Title: Security Awareness Training, Information Technology
Policy Owner: Information Security Office
Applies to: Students, Employees, Users
Campus Applicability:  Storrs and Regionals
Effective Date: May 16, 2012
For More Information, Contact Chief Information Security Officer
Contact Information: (860) 486-8255
Official Website:


This policy is available in the Information Security Policy Manual.

The University Information Security Office (ISO) maintains an Information Security Awareness Training (ISAT) program that supports the University employees’ and students’ needs for regular training, supporting reference materials, and reminders to enable them to appropriately protect University information technology resources.

Data Stewards are responsible for ensuring that any user requesting access to Confidential Data has completed the ISAT program before allowing access to that data.

The ISO will provide periodic Information Security reminders and updates, posted on the University Information Security website and using email lists, where appropriate.

Users with access to Confidential Data that is protected under Federal Regulations (e.g., HIPAA, etc.) or by industry standards (e.g., PCI-DSS) must complete the ISAT program annually.

Departments shall maintain appropriate documentation of attendance/completion of the ISAT training where data security training is required by applicable regulatory or industry standards.

Policy Created: May 16, 2012.