All-Employee Security Awareness

Mandatory All-Employee Security Awareness Program

All UA employees, student workers and DCCs with access to University Information Resources are required to complete annual security awareness training.  To fulfill this requirement, the Information Security Office, with help from the campus community, has developed user-friendly online modules to ensure that all employees can easily participate in and complete the security awareness program.  The program has been designed to not only inform employees of their responsibilities as members of the UA community, but to also assist them in securing their information at home.


Security Awareness Training Links

 


Frequently Asked Questions (FAQs)

This training is mandatory for all UA employees, student workers, and DCCs with access to University Information Resources, including: 

  • Networks and network appliances
  • Computers (servers, workstations and laptops)
  • Printers
  • Software and applications
  • Thumb drives, hard copies of documents, etc.
  • Any other computer‐related equipment, device or hardware used to access, store, transmit or interface with another university resource

Yes, this training should completed as part of new employees' onboarding processes. 

You will receive an email confirming training completion within 24 hours of completing it.  Your completion is also recorded in EDGE Learning and UAccess Analytics

 

If you are unsure as to whether or not your departmental DCCs need to complete training, please contact the Information Security Office.

The University's Information Security Awareness Training Policy contains the following requirement: 

  • All University employees (including student employees) and Designated Campus Colleagues (DCCs) must complete security awareness training within the first 30 days from date of hire. Information Security Refresher Training must be completed annually, within 60 days of the anniversary of the previous instance of such training.

ISO is authorized to limit network access for individuals or Units not in compliance with information security policies (including this one) and related procedures. In cases where University resources are actively threatened, the CISO shall act in the best interest of the University by securing the resources in a manner consistent with the Information Security Incident Response Plan. In an urgent situation requiring immediate action, the CISO is authorized to disconnect affected individuals or Units from the network. In cases of noncompliance with this policy, the University may apply appropriate employee sanctions or administrative actions, in accordance with relevant administrative, academic, and employment policies. 

If you have any issues, comments or concerns please contact the 24/7 IT Support Center at 520-626-8324.