Policy
Policy Name
Information Security Training Policy

Overview
The main objective of information security training policy is to increase security awareness in order protect the organization's information from unauthorized disclosure.

Statement
  • Employees, contractors and third parties must be educated on their responsibilities for protecting and securing information resources.
  • Individuals must participate in annual information security awareness training.
  • Information security training must be completed within 30 days of hire or contract date.
  • Leaders must periodically review information protection requirements with each of their organizations.

Justification
The following benefits will be achieved:
  • Individuals will better understand their responsibilities for protecting and securing information
  • Individuals will better understand the organization's policy requirements

Scope
All employees, contractors, agents and third-parties

Consequeces for Noncompliance
Noncompliance to this policy can result in disciplinary action up to and including termination of employment or contract.

Topics
Security Awareness and Training