”TigerAwareness Training

Policy Title

IT Security Awareness Training

Policy Statement

  1. All persons that access Clemson University IT Systems (including the network and any IT resources) shall complete IT security awareness training as required under this Policy.
  2. The Clemson Computing and Information Technology (CCIT) organization shall determine the appropriate type and frequency of IT security awareness training for faculty and staff. Increased levels of training may be required for certain access privileges. As a minimum, IT security awareness training for faculty and staff must be completed annually.
  3. CCIT shall also determine what, if any, IT security awareness training is needed for students, vendors, and guests that access Clemson University IT Systems.
  4. Failure to complete the required security awareness training will result in that user’s loss of access privileges to Clemson University IT Systems.
  5. Failure by faculty and staff to complete the required IT security awareness training may also be considered grounds for discipline under the applicable Clemson University disciplinary policy.
  6. Supervisors are responsible for requiring that their employees comply with this policy.

Purpose

Clemson University IT Systems are valuable and mission critical resources that the entire University enterprise relies upon to achieve its mission and goals. In addition, Clemson University IT Systems contain confidential and proprietary information that is required to be safe-guarded by various regulations and laws.

IT security awareness training is a needed part of an IT security program that mitigates the risk from an increasing threat of malicious and unauthorized attempts to penetrate Clemson University IT Systems.

Guidelines and Operating Procedures

CCIT shall work in concert with Human Resources (HR) to notify employees and their supervisors of the training required under this policy and to assist supervisors with tracking compliance with this policy. Any suspension of an employee’s access privileges for failure to comply with this Policy shall be reported by CCIT to HR; HR shall in turn notify the impacted employee’s supervisor. CCIT shall work in concert with Student Affairs and Academic Affairs regarding any student training requirements and with Procurement regarding any vendor training requirements.

Responsible Division

CCIT

Approval Date

April 16, 2018

Reviewed Date

May 21, 2019