Question PPPR-13
Is security awareness training mandatory for all employees?
| Weight | 15 |
| High Risk | No |
| Required | Yes |
| Compliant Answer | Yes |
Standard Guidance
EDUCAUSE provides no guidance here
Answering "NO"
State plans to make security awareness training mandatory for all employees.
Answering "YES"
Summarize your security awareness training content and state how frequently employees are required to undergo security awareness training.
Reason for Question
Setting the expectation of security-related responsibilities throughout an organzation is favored in an information security awareness program. Vendors without an information security awareness campaign should be met with scrutiny on how security policies and procedures are implemented in their environment.
Follow-Up Inquiries
Follow-up inquiries for information security awareness programs will be institution/implementation specific.
HECVAT Pro Advice
[Add expert insights and best practices]
Implementation Tips
[Add practical steps for SME SaaS vendors]
FAQ
[Add common questions related to this HECVAT item]
Resources
[Add links to relevant articles or tools]