Educause Security Discussion mailing list archives
Re: Mandatory information security awareness training
From: "Banks, Teresa E - (tbanks)" <tbanks () EMAIL ARIZONA EDU>
Date: Thu, 18 Apr 2013 15:00:51 +0000
All three state universities in Arizona (University of Arizona, Arizona State, and Northern Arizona University) have mandatory all-employee awareness. We developed our own, and presented on it at the Educause Security Professionals Conference in 2011. You can find our training at http://security.arizona.edu/infosecessentials. We wanted to make sure we didn't just cover what auditors required of us - we wanted to help our users understand the WIIFM (What's in it for me). The program has been very successful. We are in the process of updating it now. If you have questions, please don't hesitate to contact Kelley Bogart (520-626-8232, bogartk () email arizona edu) or me. Best, Teresa E. Banks Manager, Information Security & Compliance Programs University of Arizona Information Security <mailto:tbanks () email arizona edu> tbanks () email arizona edu Phone: 520.621.8476 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Self, Dennis Sent: Friday, April 12, 2013 2:05 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Mandatory information security awareness training Beth, We have the requirement (not policy yet, but administration agreement) but not everyone has taken it. The training, Securing the Human from SANS Institute, has been available for approaching two years. Dennis Self, CISSP Director, IT Security & Compliance Technology Services Samford University (205) 726-2692 From: "Chancellor, Beth C." <ChancellorB () MISSOURI EDU> Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> Date: Friday, April 12, 2013 2:59 PM To: <SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Mandatory information security awareness training I need to identify institutions that have mandatory information security awareness training for all employees. MU has required training for certain segments of our employee population but not for all. Please reply to me if you have already have such a policy that covers everyone. Thanks, Beth Beth Chancellor chancellorb () missouri edu MEd, CISSP Associate CIO & Chief Information Security Officer University of Missouri (573) 882-3503
Attachment:
smime.p7s
Description:
Current thread:
- Mandatory information security awareness training Chancellor, Beth C. (Apr 12)
- Re: Mandatory information security awareness training David Curry (Apr 12)
- Re: Mandatory information security awareness training Flynn, Gary - flynngn (Apr 12)
- default reply-to address of SECURITY list Flynn, Gary - flynngn (Apr 12)
- Re: default reply-to address of SECURITY list Valdis Kletnieks (Apr 15)
- Re: Mandatory information security awareness training Self, Dennis (Apr 12)
- Re: Mandatory information security awareness training Banks, Teresa E - (tbanks) (Apr 18)
- Re: Mandatory information security awareness training Drew Perry (Apr 18)
- Re: Mandatory information security awareness training Banks, Teresa E - (tbanks) (Apr 18)
- Re: Mandatory information security awareness training Dan Han (Apr 12)
- Re: Mandatory information security awareness training Jeff Holden (Apr 12)
- Re: Mandatory information security awareness training Palmer, Kevin J. (Apr 12)