Department of Corrections and Rehabilitation - Operations Manual

Cancel

Chapter 4 – Information Technology

Article 65 – Security and Privacy Awareness Training Policy

Effective November 3, 2022

View All Sections >

49220.5 Roles and Responsibilities

  • Department Chief Information Officer (CIO) or Designee

    • The CIO or Designee owns this policy and is responsible for ensuring that all users of department information assets are aware of this policy and their individual responsibilities.

    • The CIO or Designee is responsible for ensuring that this policy is reviewed annually and updated accordingly.

    • The CIO or Designee is required to audit and assess compliance with this policy at least once every two (2) years.

  • Department Information Security Officer (ISOInformation Security Officer)

    • The ISOInformation Security Officer shall ensure the development implementation, and compliance of the department’s security awareness training program.

  • Department Privacy Officer

    • The Privacy Officer shall ensure the development, implementation, and compliance of the department’s privacy awareness training program.

  • Department Users

    • Users shall participate in all required privacy and security awareness training annually.

    • Users shall be aware of and adhere to all department information security and privacy policies.