Security awareness training policy should address purpose, scope, roles, responsibilities, management commitment, and compliance related to secure use of information systems.

Understanding the importance of information security, individual responsibilities, and accountability are paramount to achieving university security goals. This can be accomplished with a combination of general information, security awareness training, and targeted training. The security awareness and training information needs to be ongoing and updated as needed.

The University shall provide role-based information security training to staff with information security responsibilities.

The University maintains records of information security training and monitors them for compliance.