We need to improve our Security and Information Management (SIM) training completion rates to demonstrate we have a fully-trained workforce – to be compliant with the University’s obligations to its stakeholders and regulatory requirements.

We have not yet achieved satisfactory levels of compliance. This training requirement is mandatory.

From figures compiled last week, average training course completions across Professional Services Groups stand at 65%; across Academic Departments, average course completions stand at 25%. We need to achieve 90%+ completion rates across the institution. SIM training underpins a sound awareness of key security measures and the current threat landscape.

A reminder of our call to action on SIM training now!

This is a reminder of our ‘call to action’ to everyone to complete all nine training modules listed below by the end of November. This gives plenty of time to complete the process – a few hours to work through the list, or chip away, completing a couple of modules a week.

If you responded to our training call in August and completed all 9 modules then, thank you. Your renewal anniversary will be recorded and you will be sent a reminder next year.

The two ‘Foundation’ training modules are reinforced by seven additional ‘Standard’ modules, available to us through an existing contract. While they are not ideal, they do improve our overall training provision.

We have noted users comments and feedback on issues of content and functionality from course completions in August and September. These will feed into a project to produce better material in the future.

The full list of modules is here and can be accessed directly from these links:

 Foundation Training modules:

• Information Security EssentialsLink opens in a new window
• GDPR TrainingLink opens in a new window

Standard Training modules:

• Internet SecurityLink opens in a new window
• Password SafetyLink opens in a new window
• Secure Remote WorkingLink opens in a new window
• Email EssentialsLink opens in a new window
• Data HandlingLink opens in a new window
• Confidentiality, Integrity and AvailabilityLink opens in a new window
• Essential Phishing AwarenessLink opens in a new window

Security & Information Management is Everyone's Responsibility

All staff are required to take SIM training that is relevant and appropriate to the kind of work they undertake:

1. Foundation Training: the two ‘Information Security Essentials’ and ‘GDPR Training’ modules must be completed at induction and refreshed annually by all staff who work at the University, without exception.
2. Standard Training: in addition to the Foundation Training modules, all staff who predominantly complete their University work on a computer and regularly handle electronic communications, must complete the 7 Standard Training modules listed above, at induction and refresh them annually thereafter. This applies to existing and new staff joining the University from 1 September 2020. There are no exceptions to this policy.

For more information:

See the Organisation Development Essential Induction Training web pages here