The Official Web site for the Office of Information Technology - UTSA

This document should be rendered in an HTML format with cascading style sheets and JavaScript turned on.

Office of Information Technology Home Page

Skip to Main Content

Skip to Navigation

Please take a few minutes to read our Accessibility Page which will make your visit through this Web site easier.

Copyright (c) 2010. The University of Texas at San Antonio. All rights reserved.

OIT Home > About OIT > Information Resource Standards > Information Security Training Standard

Information Security Training Standard

Information security awareness and training are vital components of UTSA’s Information security program.  All users of UTSA computing resources must be aware of their role and responsibilities in the protection of information and trained to fulfill their responsibilities.

Required Training

University employees and others granted access to the university computing systems must complete training within the first 30 days of their receiving an account.

University employees and others granted access to the university computing systems must complete regular refresher training that reinforces information security practices and concepts.

The Office of Information Security will provide regular updates and reminders about information security issues, awareness and available training opportunities for University employees and others granted access to the university computing systems.

Training objectives and content must be aligned with the role and responsibility of the trainees, and must be reviewed regularly to reflect changes in technology policy or practice.

Required Topics for Training

  • Information security significance and importance

  • Structure of the Information Security program at UTSA and UT System

  • Information security and privacy responsibilities

  • Relevant policies, materials and documentation

  • Information security best practices

Training content and attendance shall be documented and made available to the Office of Information Security upon request.
Effective Date:

April 1, 2011

Compliance Date:

July 1, 2011

Last Revision:

March 19, 2011

Account Management

Disposal of Computers
Other Electronic Devices

Laptop Encryption

Policy Exception and Risk Assumption Procedures

Administrative/Special Access

E-Mail Management

Log-in Disclaimer

Security Monitoring

Application Registration

Incident Management

Network Access

Security Training

Enterprise Backup &
Data Recovery

Information Resource Use and Security (pending)

Network Configuration

Server Hardening

Change Management

Information Security Risk Assessment

Password

Software Licensing

Computer Naming Convention

Information Security Administrator (ISA)

Patch Management Standard

Threat Detection and Prevention

Configuration and Asset Management

Information Security Training Standard

Personal Computing

Unauthorized File Sharing

Copiers and Printers

Information Services Privacy

Physical Access

Vendor Access

Data Center

Internet Use

Portable Computing

Web Application Vulnerability Scanning

Data Classification

Intrusion Detection

Protection Against Malicious Software

Wireless Network

 

 

 

Workstation Operating Systems Support

Tools