UW-Madison - Policy Portfolio - Education, Training and Awareness
The Education, Training and Awareness portfolio includes documents related to training, rules of behavior, compliance agreements, and sanctions for non-compliance.
Education, Training and Awareness addresses IT-related information that faculty, staff, and students should understand in order to properly act within their role at UW. The cybersecurity-related policies in this portfolio are mapped to the NIST SP 800-53 control families.
Policies
- Accounting Services - Credit Card Merchant Services and PCI Compliance (training, disposal) (on bussvc.wisc.edu)
HIPAA (on compliance.wisc.edu)
- 8.7 Destruction/Disposal of PHI
- 9.1 HIPAA Privacy and Security Training
- 9.2 Responding to Employee Noncompliance related to HIPAA
- 9.3 Responding to Student Noncompliance related to HIPAA
IT Policy
- Endpoint Management and Security Policy (main entry: Configuration and Maintenance)
- Disposal and Reuse Policy and Procedures (main entry: Configuration and Maintenance)
- Security Education, Training, and Awareness Implementation Plan (SETA) (under development)
- Password Standard (main entry: Identity and Access Management)
UW System (on wisconsin.edu)
Related Documents
IT Policy-related
- Copyright Infringement (main entry: Copyright and Intellectual Property)
- IT Compliance Agreement