Security Training and Awareness Policy, version 1.0.0

Purpose

The purpose of the (District/Organization) Security Training and Awareness Policy is to describe the requirements to ensure that each user of (District/Organization) Information Resources receives adequate training on information security issues.

Audience

The (District/Organization) Security Training and Awareness Policy applies equally to all individuals that use any (District/Organization) Information Resource.

Policy

  • (District/Organization) Information Resources.
  • (District/Organization) Information Resources.
  • (District/Organization) Information Security Policies before they are granted to access to (District/Organization) Information Resources.
  • (District/Organization) Security Team must develop and maintain a process to be able to communicate new security program information, security bulletin information, and security items of interest.

Definitions

See Appendix A: Definitions

References

  • (District/Organization) Information Security Policy

Waivers

Waivers from certain policy provisions may be sought following the (District/Organization) Waiver Process.

Enforcement

Personnel found to have violated this policy may be subject to disciplinary action, up to and including termination of employment, and related civil or criminal penalties. 

Any vendor, consultant, or contractor found to have violated this policy may be subject to sanctions up to and including removal of access rights, termination of contract(s), and related civil or criminal penalties.

Version History

VersionModified DateApproved DateApproved ByReason/Comments
1.0.0February 2018 SecurityStudioDocument Origination
     
     
     

Download Security Training and Awareness Policy template