Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Mandatory Security Training in Higher Education

From: Jim Dillon <Jim.Dillon () CUSYS EDU>
Date: Thu, 19 Oct 2006 09:13:44 -0600
I do believe the intent is to have the policy require the training based
on data classification policy.  We are still awaiting the final policy
with our breath held tightly in anticipation.  Time has a way of pecking
away at the solid rock of planning.

Jim

*****************************************
Jim Dillon, CISA, CISSP
IT Audit Manager, CU Internal Audit
jim.dillon () cusys edu
303-492-9734
*****************************************
 
 

-----Original Message-----
From: Tracy Mitrano [mailto:tbm3 () CORNELL EDU] 
Sent: Thursday, October 19, 2006 7:49 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Mandatory Security Training in Higher Education

Do you guys have policies that would prompt people to training in  
order to accomplish compliance?  I always think of policy first as  
education and only as a last resort enforcement, but it does function  
nicely as the median point between the two and is often effectuated  
by training of custodians and local support providers especially.

Tracy
Previous By Date Next
Previous By Thread Next

Current thread: