Awareness and Training

Op12.07-10 Awareness and Training

Policy statement

Information Security Awareness training is recommended for all University employees, students, and contractors.

All University information systems users should be made aware of:

  • Expectations of them regarding information security.
  • The information security policies and standards of record, including government regulations, and where to locate them.
  • Their accountability for appropriate security, acceptable use, access and retention of any specific information records entrusted to them.
  • Their obligation to report suspected or known incidents and assist in investigations relating to information mismanagement, misuse, or compromise.
  • The implications of failure to abide by information security policy, including the potential risks and costs to Missouri State University.
  • Any regulatory requirements that may apply to them, such as HIPAA, PCI-DSS, GLBA, etc.

The Information Security Officer will:

  1. Facilitate Information Security Awareness training for University employees, students, and contractors.
  2. Implement, maintain, and provide ongoing Information Security Awareness training using various delivery venues.