Awareness and Training
Op12.07-10 Awareness and Training
Policy statement
Information Security Awareness training is recommended for all University employees, students, and contractors.
All University information systems users should be made aware of:
- Expectations of them regarding information security.
- The information security policies and standards of record, including government regulations, and where to locate them.
- Their accountability for appropriate security, acceptable use, access and retention of any specific information records entrusted to them.
- Their obligation to report suspected or known incidents and assist in investigations relating to information mismanagement, misuse, or compromise.
- The implications of failure to abide by information security policy, including the potential risks and costs to Missouri State University.
- Any regulatory requirements that may apply to them, such as HIPAA, PCI-DSS, GLBA, etc.
The Information Security Officer will:
- Facilitate Information Security Awareness training for University employees, students, and contractors.
- Implement, maintain, and provide ongoing Information Security Awareness training using various delivery venues.