Security Awareness Program. External Party shall implement and maintain an ongoing security awareness program to educate Employees regarding security issues and the requirements of this document. The program must include, but should not be limited to, education regarding the following: a. Email usage b. Password management c. Social Engineering, including phishing d. Mobile device usage e. Use of social media during job hours f. How to contact management to report a security concern External Party shall ensure that Employees are recertified annually and shall maintain documentation of Employee’s current training.
Appears in 2 contracts
Sources: Master Services Agreement, Master Services Agreement
Security Awareness Program. The External Party shall implement and maintain an ongoing security awareness program to educate Employees its Authorised Users regarding security issues and the requirements of this document, and shall ensure that Authorised Users are recertified at least annually and shall maintain documentation evidencing such training. The program must include, but should not be limited to, education regarding the following:
a. 9.5.1 Email usage
b. usage 9.5.2 Password management
c. management 9.5.3 Social Engineering, including phishing
d. Mobile device usage
e. Use of social media during job hours
f. How to contact management to report a security concern External Party shall ensure that Employees are recertified annually and shall maintain documentation of Employee’s current training.
Appears in 1 contract
Sources: Software as a Service Agreement