CU: Information Security and Privacy Awareness
Duration: 30-40 minutes
Overview: This course provides an overview of information security principles, as they apply to information at the University of Colorado. Upon completion, you will be able to:
- Identify sensitive information that requires special handling
- Recognize and report phishing scams
- Choose strong credentials for logging into your accounts
- Protect information on portable devices Recognize signs of an insider threat
Audience: All CU employees are required to complete this course within 60 days of hire.
CU: Information Security for IT Service Providers
Duration: 40 minutes
Overview: This required course provides an overview of security practices and policies for IT service providers. It builds on topics from the Information Security and Privacy Awareness course and covers policy, security management, access management, physical and environmental security, and incident detection and reporting.
Audience: An IT Service Provider (ITSP) is any person that designs, builds, implements, supports, or provides an IT service to university departments or individuals. ITSPs include website administrators, workstation support staff, server administrators, software programmers, application developers, data network technicians, user account administrators, computer center personnel, and more.
CU: Controlled Unclassified Information (CUI)
Duration: 40 minutes
Overview: Controlled Unclassified Information (CUI) is unclassified but sensitive information relating to the interests of the U.S. government. Upon completion, you will be able to:
- Identify security risks to CUI
- Prevent improper access to or use of CUI
- Mark CUI according to regulations
- Report incidents that put CUI at risk
- Find resources for additional information on CUI
Audience: As a member of a research team working with CUI, you are responsible for keeping it safe from unauthorized access and release. This course is required for all who generate or use data that has been designated as CUI, including:
- Principal Investigators (PIs)
- Faculty, staff, or students
- External contractors
CU: IT Security PCI DSS v3
Duration: 45 minutes
Overview: In this course we identify the major changes from version 2 to version 3 of the Payment Card Industry Data Security Standard (PCI DSS). Four important guidelines are covered:
- Version 3 changes to the PCI Data Security Standard
- Building a security-minded culture
- Scoping the cardholder data environment
- Completing a Self-Assessment Questionnaire
Audience: The target audience is current Campus Merchants and their IT staff; general PCI system users such as: accountants, ticket sellers, and cashiers who work with PCI security compliance.
CU: HIPAA Regulations - CU System
Duration: 30 minutes
Overview: This course covers the basics of HIPAA privacy and security for CU System Administration.
Audience: All CU System Administration employees who use HIPAA-protected information are required to take this course.
CU: Accessibility for Digital Communicators
Duration: 45 minutes
Overview: This course is for anyone who is responsible for creating or managing digital communications for the University. It provides information and techniques to address Information and Communication Technology (ICT) and accessibility compliance with the American Disabilities Act (ADA) as it applies to digital communications.
Audience: The target audience is all Digital Communicators at CU campuses.
In-Person and Customized Learning
The Office of Information Security provides in-person and customized learning experiences for your team or department, such as communications, presentations, and simulated phishing exercises. This service is available to any department within CU, regardless of campus. Please contact OIS at security@cu.edu to learn more.
LinkedIn Learning
- Cybersecurity at Work by Carolina Wong, released February 2020, total time is 55 minutes
- Security Tips by Scott Simpson, updated September 2019, total time 3 hours 43 minutes