Information Security and Privacy Awareness Training Standard
Adopted by the TRU Information Security Committee on May 26, 2015
Information security and privacy awareness training are an important part of Thompson Rivers University’s (TRU) Information Security and Privacy Programs. The TRU Information Security and Privacy Offices have made both online and face-to-face awareness training available to all members of the community. This standard has been created to ensure that all members of the university community are provided clear guidance on expectations and requirements to participate in these programs.
1) Any member of the university community who processes, handles, or has access to the credit card information of others, must attend annual information security awareness training which includes specific coverage of those topics mandated by the Payment Card Industry – Data Security Standard. It is the responsibility of the Dean/Director to ensure that these individuals complete annual awareness training and that their attendance is recorded as part of their annual review.
2) All new employees must complete the on-line Freedom of Information and Protection of Privacy Course as part of their on-boarding as a TRU employee. Privacy Awareness training can be completed on-line here.
3) All new employees must attend at least one hour of information security training during their first year of employment.
4) All staff and faculty who access any confidential information as defined in the Information Classification Standard, should attend annual information security and privacy training. It is the responsibility of the Dean/Director to make sure that staff attend at a level that is deemed appropriate for their role.