Mandatory Information Security Awareness Training Enforcement Coming Soon

University Information Security Training Policy (ISO-500) has been in effect since 2019. The policy states the following: 

All University employees (including student employees) and Designated Campus Colleagues (DCCs) with access to University Information Resources must complete security awareness training within the first 30 days from date of hire. Information Security Refresher Training must be completed annually, within 30 days of the anniversary of the previous instance of such training. 

Beginning in Fall 2025, full enforcement of this policy will be in place. Completing security awareness training by the employee's annual due date (dependent on the completion date of training in the past) will be enforced. The full procedure for enforcement is found on the ISO Governance page. 

You must complete your training by your due date or you will be blocked from accessing all university systems except EDGE Learning. After you complete your annual training, you will regain access to university systems within two hours. 

Automated reminders are sent to employees and DCCs beginning 30 days ahead of the due date. The refresher training consists of a 5-minute course that can easily be completed in EDGE Learning. 

If you have circumstances that prevent you from completing the training on time, work with your department’s business office to request an extension from the Information Security Office. 

If you are due or overdue for completing your training, go to EDGE Learning today and complete your annual training. This simple preventative measure will ensure that you are following policy and are also informed on the latest threats and trends in the world of information security.