USG Information Security Awareness, Training and Education
A successful information security program consists of:
- Developing security policy that reflects business & security needs tempered by known risks;
- Informing users of their security responsibilities, as documented in USG security policies and standards; and
- Establishing processes for monitoring and reviewing the program.
USG security awareness and training will be focused on the system's entire user population. Each institution's management should set the example for proper security behavior within an institution. An awareness program should begin with an effort that can be deployed and implemented in various ways and is aimed at all levels of the institution including senior and executive leaders.
Learning is a continuum; it starts with awareness, builds to training, and evolves into education.
AWARENESS
Awareness is not training. The purpose of awareness presentations is simply to focus attention on security. Awareness presentations are intended to allow individuals to recognize security concerns and respond accordingly.
TRAINING AND EDUCATION
Training strives to produce relevant and needed security skills and competencies.
The University System - Office of Information Security (OIS) web site contains links to other sites that are not owned or controlled by us. The information provided at these sites does not reflect the views of this Office or indicate an endorsement of a particular company or product. Please be aware that our Office is not responsible for the security and privacy practices of such other sites.