Awareness and Training
Members of the University community will be made aware of the Information Security policies and standards of record and will be provided training where necessary.
All University computer users will be made aware of:
- Expectations of them regarding information security.
- The information security policies and standards of record, including government regulations, and where to locate them.
- Their accountability for appropriate security, acceptable use, access and retention of any specific information records entrusted to them.
- Their obligation to report suspected or known incidents and assist in investigations relating to information mismanagement, misuse, or compromise.
- The implications of failure to abide by information security policy, including the potential risks and costs to Missouri State University.
- Any regulatory requirements that may apply to them, such as HIPAA, PCI-DSS, GLBA, etc.
Reason or Purpose for Policy
Information security policies can only be effective when those bound by them are aware of the provisions.
Entities Affected by this Policy
All entities contained in or under the direction of the Missouri State University system.
Line of Authority
- Responsible Administrator and Office: Chief Information Officer (CIO)
- Contact Person in that Office: Information Security Officer (ISO)