|Title:||Security Awareness Training, Information Technology|
|Policy Owner:||Information Security Office|
|Applies to:||Students, Employees, Users|
|Campus Applicability:||Storrs and Regionals|
|Effective Date:||May 16, 2012|
|For More Information, Contact||Chief Information Security Officer|
|Contact Information:||(860) 486-8255|
This policy is available in the Information Security Policy Manual.
The University Information Security Office (ISO) maintains an Information Security Awareness Training (ISAT) program that supports the University employees’ and students’ needs for regular training, supporting reference materials, and reminders to enable them to appropriately protect University information technology resources.
Data Stewards are responsible for ensuring that any user requesting access to Confidential Data has completed the ISAT program before allowing access to that data.
The ISO will provide periodic Information Security reminders and updates, posted on the University Information Security website and using email lists, where appropriate.
Users with access to Confidential Data that is protected under Federal Regulations (e.g., HIPAA, etc.) or by industry standards (e.g., PCI-DSS) must complete the ISAT program annually.
Departments shall maintain appropriate documentation of attendance/completion of the ISAT training where data security training is required by applicable regulatory or industry standards.
Policy Created: May 16, 2012.