Palm Beach State College Board Policy

Title: Security Awareness and Training Policy

Policy Number: 6Hx-18-6.03

Legal Authority: F.S. 1001.64; F.S. 1001.65; FS 501.171

Date Adopted/Amended: Adopted 7/11/2017;  Amended 4/8/2025

 

Purpose

The purpose of this policy is to establish an information security awareness and training program and to ensure that all employees, non-employees, and external individuals who have access to information technology resources owned and managed by the College receive security awareness training.


Scope

This policy applies throughout the organization as part of the College security framework. It applies regardless of whether or not workers use computer systems or networks, since workers are expected to protect all forms of information assets, including computer data, written materials/paperwork, and intangible forms of knowledge and experience. This policy also applies to third-party employees working for the College, whether they are explicitly bound (e.g., contractual terms and conditions) or implicitly bound (e.g., by generally held standards of ethics and acceptable behavior) to comply with our information security policies.

 

Policy Statement

The Information Security Office will establish an Information Security Awareness Program. The Information Security Office will coordinate with the Human Resources department to ensure initial information security training is provided upon hire and at least annually thereafter.

Violations of this policy are grounds for disciplinary actions as referenced in the Security Awareness Training Procedure and in accordance with the Grounds for Discipline and Termination of Employment (6Hx-18-5.44).


Responsibilities and Accountabilities

The Information Security Office will be responsible for annual training and the overall management of the information security awareness and training program.


References