1.8 Security Awareness and Training Standard
1.8.1. Overview
See Purpose
1.8.2. Purpose
This standard establishes the Security Awareness and Training standard, for managing risks from a lack of company security awareness, communication, and training through the establishment of an effective security awareness and education program. The security awareness and education program helps Highline College document, communicate, and train company personnel on security best practices and concepts.
1.8.3. Scope
The scope of this standard is applicable to all ITS resources owned or operated by Highline College. Any information, not specifically identified as the property of other parties, that is transmitted or stored on Highline College ITS resources (including e-mail, messages and files) is the property of Highline College. All users (Highline College employees, contractors, vendors or others) of ITS resources are responsible for adhering to this standard.
1.8.4. Standard
Highline College has chosen to adopt the Security and Awareness principles established in Junglemap’s Cyber Security Awareness NanoLearning Training.
1.8.5. Compliance
1.8.5.1 Compliance Measurement
ITS will verify compliance to this standard through various methods, including but not limited to, business tool reports, internal and external audits, and feedback to the standard owner.
1.8.5.2 Exceptions
Any exception to the standard must be approved by ITS in advance.
1.8.5.3 Non-Compliance
An employee found to have violated this standard may be subject to disciplinary action, up to and including termination of employment.
1.8.6. Related Standards, Policies, and Processes
1.8.7. Revision History
| Date | By | Summary |