Last review date: April 2020, version 1.0.2
The purpose of the Bethel University Security Training and Awareness Policy is to describe the requirements to ensure that each user of Bethel University Information Resources receives adequate training on information security issues.
The Bethel University Security Training and Awareness Policy applies equally to all individuals that use any Bethel University Information Resource.
- All new personnel must complete an approved Security Awareness training within 30 days of being granted access to any Bethel University Information Resources.
- All personnel must be provided with relevant information security policies to allow them to properly protect Bethel University Information Resources.
- All personnel must acknowledge they have received and agree to adhere to the Bethel University Information Security Policies before they are granted access to Bethel University Information Resources.
- All personnel must complete the annual security awareness training.
- Bethel University Information Security Officer must develop and maintain a process to be able to communicate new security program information, security bulletin information, and security items of interest.
- ISO 27002: 7
- NIST CSF: PR.AT
- Bethel UniversityInformation Security Policy
Waivers from certain policy provisions may be sought following the Bethel University Waiver Process.
Personnel found to have violated this policy may be subject to disciplinary action, up to and including termination of employment, and related civil or criminal penalties.
Any vendor, consultant, or contractor found to have violated this policy may be subject to sanctions up to and including removal of access rights, termination of contract(s), and related civil or criminal penalties.