ISP-05 - Information Security Awareness and Training Policy



Policy Objective

This policy provides support and direction for developing and managing the information security awareness and training program, and the validation of that program.


All faculty and staff at Parkland College are required to complete security awareness training and participate in the security awareness program.

Security awareness materials shall be made available to students and their participation is voluntary.



Section 1 – Security Awareness and Training

Tailored and appropriate security awareness and training activities must occur on a regular basis, at least annually.

The activities must:

  • Facilitate understanding and compliance with Parkland College security policies, standards, procedures, and guidelines

  • Support the rules of behavior for the systems and data to which users have access

  • Guide users to the appropriate actions they can take to better protect information at Parkland College

  • Enable the users at Parkland College to understand their role in information security and how best to fulfill that role

Section 2 – Security Awareness Testing

The effectiveness of information security awareness, training, and the overall culture of security shall be tested:

  • Separately from training

  • On a regular basis

  • Using various measures (including phishing, social engineering, surveys, etc.)

  • Depending on risk factors and threats

The tools for testing security awareness shall be appropriate for the state of current technology and targeted towards the current threat environment.



Print Article


Article ID: 156037
Wed 5/31/23 2:54 PM
Wed 5/31/23 4:28 PM

Related Articles (1)

Definitions of terms used across policies and standards