ADMINISTRATIVE PROCEDURES
|
Title: SECURITY AWARENESS TRAINING |
Identification: 9.17 |
|
Effective Date: July 11, 2023 |
|
|
Authority: FS 1001.64; 1001.65 |
Signature/Approval: Dr. Ken Atwater |
PURPOSE
This procedure provides guidelines to ensure that all members of the Hillsborough Community College user community are provided with Information Security Awareness training and develop a fundamental understanding of Information Security principles and best practices.
PROCEDURE
The Office of Information Technology (OIT) will provide Information Security Awareness training yearly to all employees. This training will also be provided to all third-party contractors with restricted data access. Every user is required to complete the training satisfactorily.
-
Methods of Delivery: Information Security training may be delivered through multiple methods. These methods include, but are not limited to:
-
Yearly Security Awareness Training provided by the Office of Information Technology.
-
OIT-approved Information Security Knowledge Base articles and security-related information.
-
Information provided via email or other communications to the HCC community.
-
-
IT Security SharePoint site: OIT will maintain a section within the SharePoint site where content will be provided about information security concepts and best practices.
-
Spam Email Simulation: Periodically, OIT may send simulation SPAM emails to all or selected groups of employees. If an employee fails to identify the spam email correctly, the employee may be required to take supplemental Security Awareness training.
HISTORY
New