Cal Poly Information Security Awareness and Training
Consistent with CSU Information Security Policies, all employees with access to the Cal Poly network and information assets must participate in information security awareness training. The Information Security Awareness Training Program is designed to help individuals protect and respond appropriately to threats and vulnerabilities to campus information assets.
Cal Poly information security is a shared responsibility to protect resources. Therefore, everyone who has a portal account is required to take information security awareness training (ISAT) which is tied into the annual portal password change process.
In addition to the portal training, anyone who has access to level 1 data is required to take detailed security awareness training like the examples below:
- Everyone who conducts credit card transactions (in person or phone) or has access to the PCI environment is required to take PCI training via SumTotal.
- Everyone who works in Health Care must complete annual HIPAA training.
- Everyone who works in Human Resources, Finance, or handles level 1 data as defined by the Cal Poly Classification and Handling Standard must receive security training customized for their environment, such as Cal Poly Learning Hub online security training presented by the Chancellor’s Office.