Statement

West Texas A&M University shall provide role-based security-related training as part of training for new users and when required by Information System changes. Training shall be implemented in accordance with Texas Government Code Section 2054.519.

Applicability

This Control applies to all West Texas A&M personnel who use University information resources.

Implementation

• Role-based security training will be provided to staff with information security responsibilities, commensurate with the risk presented by their access.
• Developer, will take a “Developer Security Awareness Training” consisting of a mixture of general information security practices and work specific security issues such as coding practices and web application vulnerability.
• Infrastructure, will take an “Infrastructure Security Awareness Training” consisting of a mixture of general information security practices and work specific security issues such as information system access and encryption.
• Client-Services, will take a “Client Services Security Awareness Training” consisting of a mixture of general information security practices and work specific security issues such as client identity verification and sensitive information disposal.
• Just as with the basic security awareness training WTAMU utilizes third-party platforms that can be used to provide web based training, all of which are subject to change based on the budget and needs of the University.