Available Training

Duration: 30-40 minutes

Overview: This course provides an overview of information security principles, as they apply to information at the University of Colorado. Upon completion, you will be able to:

• Identify sensitive information that requires special handling
• Recognize and report phishing scams
• Choose strong credentials for logging into your accounts
• Protect information on portable devices Recognize signs of an insider threat

Audience:  All CU employees are required to complete this course within 60 days of hire.

Access to the course 

Duration: 40 minutes

Overview: This required course provides an overview of security practices and policies for IT service providers. It builds on topics from the Information Security and Privacy Awareness course and covers policy, security management, access management, physical and environmental security, and incident detection and reporting.

Audience: An IT Service Provider (ITSP) is any person that designs, builds, implements, supports, or provides an IT service to university departments or individuals. ITSPs include website administrators, workstation support staff, server administrators, software programmers, application developers, data network technicians, user account administrators, computer center personnel, and more.

Access to the course 

Duration: 40 minutes

Overview: Controlled Unclassified Information (CUI) is unclassified but sensitive information relating to the interests of the U.S. government. Upon completion, you will be able to:

• Identify security risks to CUI
• Prevent improper access to or use of CUI
• Mark CUI according to regulations
• Report incidents that put CUI at risk
• Find resources for additional information on CUI

Audience: As a member of a research team working with CUI, you are responsible for keeping it safe from unauthorized access and release. This course is required for all who generate or use data that has been designated as CUI, including:

• Principal Investigators (PIs)
• Faculty, staff, or students
• External contractors

Access to the course 

Duration: 45 minutes

Overview: In this course we identify the major changes from version 2 to version 3 of the Payment Card Industry Data Security Standard (PCI DSS). Four important guidelines are covered:

• Version 3 changes to the PCI Data Security Standard
• Building a security-minded culture
• Scoping the cardholder data environment
• Completing a Self-Assessment Questionnaire

Audience: The target audience is current Campus Merchants and their IT staff; general PCI system users such as: accountants, ticket sellers, and cashiers who work with PCI security compliance.

Access to the course 

Duration: 30 minutes

Overview: This course covers the basics of HIPAA privacy and security for CU System Administration.

Audience: All CU System Administration employees who use HIPAA-protected information are required to take this course.

Access to the course 

Duration: 45 minutes

Overview: This course is for anyone who is responsible for creating or managing digital communications for the University. It provides information and techniques to address Information and Communication Technology (ICT) and accessibility compliance with the American Disabilities Act (ADA) as it applies to digital communications.

Audience: The target audience is all Digital Communicators at CU campuses.

Access to the course 

The Office of Information Security provides in-person and customized learning experiences for your team or department, such as communications, presentations, and simulated phishing exercises. This service is available to any department within CU, regardless of campus. Please contact OIS at security@cu.edu to learn more. 

• Cybersecurity at Work by Carolina Wong, released February 2020, total time is 55 minutes
• Security Tips by Scott Simpson, updated September 2019, total time 3 hours 43 minutes