Computer Security Awareness Training Requirements Approved by: Deputy Administrator, Management



Similar documents
Completing Your Cyber Security Awareness Training

Guide to Using Citrix at SLU (Windows)

For: State and County Offices

Online Registration Instructions

PRIVACY IMPACT ASSESSMENT

ACT State Testing Online Services Tutorial

UNITED STATES DEPARTMENT OF AGRICULTURE Farm Service Agency Washington, DC Notice PM-2912

How To Configure CU*BASE Encryption

Getting Started In Your Davidson College Blackboard Course

RFG Secure FTP. Web Interface

Web Conference Manager

Virtual Office Remote Installation Guide

Banner Web Time Entry Approver s Handbook

FILE TRANSFER PROTOCOL (FTP) SITE

CBH Provider EDI Browser Manual

Appendix 2 EHS Deficiency Correction Certification PIH Field Office User Instructions

Register Manufacturer: Click on Register Manufacturer radio button, choose the State name and click on Login Button. The following screen appears:

eopf Release E Administrator Training Manual

Citrix Client Install Instructions

Remote Viewer Recording Backup

Initial Setup of Microsoft Outlook with Google Apps Sync for Windows 7. Initial Setup of Microsoft Outlook with Google Apps Sync for Windows 7

Windows XP Chinese Character Support Installation Instruction

Privacy Impact Assessment

OFFICE 365 SELF- CONFIGURATION GUIDE

My Online Education. Student Guide

This document shows new Citrix users how to set up and log in to their Citrix account.

Windows and MAC User Handbook Remote and Secure Connection Version /19/2013. User Handbook

Initial Setup of Microsoft Outlook 2011 with IMAP for OS X Lion

Mass-DAC Secure Document Repository User Guide

Creating a Website with Google Sites

HertSFX. User Guide V2.04. Hertfordshire s Secure File Exchange Portal. (Jan 2014) HertSFX User Guide V2.04 Jan 2014 Page 1 of 17

FAQs. OneDrive for Business?

1. What are popups? What if I have a problem with viewing popups? 1

Footprints Customer Interface Guide

User Guide. IntraLinks Courier Plug-in for Microsoft Outlook

HOW TO USE OIT VIA THE WEB

UMMS SSL VPN Instructions

GETTING STARTED WITH QUICKEN with Online Bill Pay for Windows

SonicWALL CDP 5.0 Microsoft Exchange User Mailbox Backup and Restore

SECTION 1: FIND OUT THE IP ADDRESS OF DVR To find out the IP of DVR for your DVR do the following:

Print Audit 6 - SQL Server 2005 Express Edition

How To Write A Health Care Plan

Florida Standards Assessments

FAQs. OneDrive for Business?

CONNECT-TO-CHOP USER GUIDE

Adobe Digital Signatures in Adobe Acrobat X Pro

GETTING STARTED WITH QUICKEN 2010, 2009, and for Windows. This Getting Started Guide contains the following information:

Fundamentals of Great Plains & Reporting Tools

IT SECURITY EDUCATION AWARENESS TRAINING POLICY OCIO TABLE OF CONTENTS

Remote Access VPN SSL VPN Access via Internet Explorer

Microsoft Access Calendar Scheduling Database/Template Installation Instructions

CCH Axcess Portal Client User Guide

Frequently Asked Questions webta

Table of Contents. Search Results.21. Equipment Change Request...10 Equipment Removal Request...11 Disposed..12 Not found 12

PeopleSoft Application Designer Installation Documentation

SSL VPN Support Guide

OneDrive for Business User Guide

FISH AND WILDLIFE SERVICE INFORMATION RESOURCES MANAGEMENT. Chapter 7 Information Technology (IT) Security Program 270 FW 7 TABLE OF CONTENTS

TSM for Windows Installation Instructions: Download the latest TSM Client Using the following link:

Internet Access Gateway Logon Instructions IAG Platform, XP

Installing the VPN Client for Microsoft Windows OS

HELPDESK SYSTEM (HDS) USER MANUAL

Installation Guide for Crossroads Software s Traffic Collision Database

Lawson Portal User s Manual

How to Set Up SSL VPN for Off Campus Access to UC eresources

User Registration Tutorial

BSDI Advanced Fitness & Wellness Software

The following are tips compiled by PeerPlace to assist you as you transition to the new Senior Tracking, Analysis and Reporting System (STARS).

MOODLE Installation on Windows Platform

Remote Access: Internet Explorer

How do I use Citrix Staff Remote Desktop

NYS OCFS CMS Contractor Manual

Installing Google Drive for Windows 7

DraganFly Guardian: API Instillation Instructions

Personal Portfolios on Blackboard

Web Receipt for Service (webrfs) User s Guide. Version 1.1

Audit Report. Natural Resources Conservation Service Water and Climate Information System Review of Application Controls Portland, Oregon

VPN: Using WebVPN SSL Client This document outlines the process for using the WebVPN SSL with Internet Explorer and Firefox

How to Use Remote Access Using Internet Explorer

Learning Management System (LMS) Frequently Asked Questions

Vestal Central School District New Service Desk System: Service-Now Go live July 2, 2011

How to Remotely Access the C&CDHB Network from a Personal Device

SonicWALL CDP 5.0 Microsoft Exchange InfoStore Backup and Restore

PROCUREMENT CARD US BANK ACCESS ONLINE SYSTEM USER GUIDE

Transcription:

UNITED STATES DEPARTMENT OF AGRICULTURE Farm Service Agency Washington, DC 20250 Notice IRM-363 For: FSA Employees and Contract Employees Computer Security Awareness Training Requirements Approved by: Deputy Administrator, Management 1 Overview A Background Annually FSA is required to provide training to all permanent and temporary employees, contractors, and others who have access to government computer systems. The Office of Personnel Management published final rules in the June 14, 2004, Federal Register concerning the obligations of federal agencies to train employees on information technology security. The USDA Service Center Agencies developed online computer security awareness training in conjunction with the USDA Office of the Chief Information Officer (OCIO). This online training has been designed to be taken by all users to: ensure the consistency of the training across the Service Center agencies provide accountability for the training. B Authorities Annual computer security awareness training is mandated by the following authorities: E-Government Act of 2002, Pub. L. 107-347, 44 U.S.C. 3531 et seq., Title III, Federal Information Security Management Act (FISMA) Office of Management and Budget Circular A-130, Management of Federal Information Resources, Appendix III, Security of Federal Automated Information Resources 5 CFR Part 930, Employees Responsible for the Management or Use of Federal Computer Systems Disposal Date Distribution October 1, 2006 All FSA employees and contractors; State Offices relay to County Offices 8-8-05 Page 1

1 Overview (Continued) B Authorities (Continued) USDA Departmental Manual 3545-001, Computer Security and Training, Chapter 9, Part 1 USDA Departmental Regulation 3140-001, Management ADP Security Manual 6-IRM, Information Systems Security Program. C Purpose This notice: explains the computer security awareness requirements provides guidance to complete training for FY 2005 provides guidance for employees and contractors provides contact information. D Obsolete Material Notice IRM-356 is obsolete. 2 Manager, Supervisor, and COTR Responsibilities A Responsibilities All FSA managers, supervisors, and COTR's shall do the following. Ensure that all employees and contractors have completed the required Computer Security Awareness Training by August 15, 2005. USDA s OCIO has requested that all agencies complete training by this date to achieve goals related to mitigating outstanding USDA (and FSA) OIG audit findings. Certify in writing to their supervisor or manager that all of their employees and contractors have completed the training. This certification should go up-the-line. CED's should certify to SED's. SED's and Division Directors (or equivalent) should certify to their Deputy Administrators. Deputy Administrators (and above) should certify to the Acting CIO, Steve Sanders. Ensure that new employees and contractors complete the computer security awareness training requirements within 14 business days of their start date. Users will be provided with initial training by ITSD before receiving a computer user ID. This training provides users with "Rules of Behavior" and "Incident Response Procedures", but does not substitute for taking the full training course described in this notice. 8-8-05 Page 2

3 Employee Action A Access to AgLearn All employees shall access the AgLearn homepage at http://www.aglearn.usda.gov to complete the computer security awareness training. Employees are required to have a USDA eauthentication employee account (user ID and password) to access training provided through AgLearn. Employees who do not have an account shall establish an eauthentication user ID and password according to 6-IRM, Exhibit 16.5. This handbook is available on the Intranet from FSA Handbooks Online at http://dmis.fsa.usda.gov/rware/home.html#98677. B Accessing Computer Security Awareness Training Through AgLearn Note: Users that have pop up blockers should turn them off to run the course. Employees shall access the computer security awareness training according to this table. Step Action 1 Access the AgLearn homepage according to subparagraph A and click on the "Student Login" button. 2 Click "Continue" on the Warning Screen to access the eauthentication Login Screen. Enter user ID and password and click "Login." 3 If "USDA Security Literacy and Basics FY 2005" is on the "Student Development Plan" (as it should be), go to Step 7. Otherwise, select "Catalog" from the list of items on the left side of the screen. 4 On the "Component Type" dropdown menu, select "Web Based." In "Title Contains: block, ENTER "USDA Security. Hit search. 5 The "USDA Security Literacy & Basics FY 2005" course should appear. 6 Click "Add to Development Plan". The "Student Development Plan" Screen will be displayed. See subparagraph C. 7 Click "Launch" under the "Status" heading located to the right of the title "USDA Cyber Security Literacy and Basics FY 2005". 8 If the Security Certificate Warning Screen is displayed, click "Yes" to accept the security certificate. Following is an example of the screen. 9 Employee will now be within the Security Literacy Basics Course. Complete each topic and assessment according to the instructions provided within the course. 8-8-05 Page 3

3 Employee Action (Continued) B Accessing Computer Security Awareness Training Through AgLearn (Continued) Note: Employees shall print the completion certificate and retain a copy for their records. Do not submit the certificate to management or the Information Security Office, unless requested. The Information Security Office will receive reports directly from the AgLearn system. C Example of AgLearn Student Access Screen Following is an example of the AgLearn Student Access Screen. D Reasonable Accommodations Persons with disabilities who require accommodation to participate in this training should contact their local helpdesk. E Deadline for Completing Training All FSA employees (except County and State Committee Members) must complete the required Computer Security Awareness Training by August 15, 2005. If an employee is out of the office the entire time between the date this notice is issued and August 15, 2005, then the employee should take the training within 5 business days of his/her return. 8-8-05 Page 4

3 Employee Action (Continued) F Contacts and Additional Information Direct Computer Security Awareness Training policy questions to the FSA Information Security Office by e-mail to Security@kcc.usda.gov or telephone at 816-926-6537. See 6-IRM, Exhibits 16.5 through 16.8 for eauthentication questions and assistance. For guidance or assistance with AgLearn: click the "Help" option available on each of the AgLearn pages access the AgLearn Student Reference Guide at https://aglearn.usda.gov/student_ref.pdf click "Contact Us" option for FSA contact information or call 1-866-633-9394. 4 Contractors and Others With Access to Government Computer Systems A Accessing Computer Security Awareness Training Contractors and others with access to government computer systems shall access Computer Security Awareness Training at the following location, http://www.info.usda.gov/egovtraining/securitytraining.html. Follow instructions on the page to complete the training. This site is not password protected. Review each topic, complete each assessment, and certify course completion. B Completing Computer Security Awareness Training Note: Users that have pop up blockers should turn them off to run the course. Complete the Computer Security Awareness Training according to this table. Step Action 1 Access the web site according to subparagraph A. 2 Click "Start the online training". 3 Select "Security Literacy and Basics". 4 Review each topic. 5 Complete the assessment. A score of 70 percent must be achieved. 6 After achieving a passing score, complete the certification form. If the form is not completed, credit will not be received for completing the training. Note: Contractors and others shall print the completion certificate and retain a copy for their records. Do not submit the certificate to management or the Information Security Office, unless requested. The Information Security Office will receive reports directly from the system. 8-8-05 Page 5

4 Contractors and Others With Access to Government Computer Systems (Continued) C Example of Computer Security Awareness Training Screen Following is an example of the Computer Security Awareness Screen. D Deadline for Completing Training All contractors and others shall complete the required Computer Security Awareness Training by August 15, 2005. If someone is out of the office the entire time between the date this notice is issued and August 15, 2005, then that person should take the training within 5 business days of his/her return. E Reasonable Accommodations Persons with disabilities who require accommodation to participate in this training should contact their local helpdesk. F Contact Information Direct Computer Security Awareness Training policy questions to the FSA Information Security Office by e-mail to Security@kcc.usda.gov or telephone to 816-926-6537. If difficulties are encountered accessing the webpage, contact the Centralized Help Desk at 800-457-3642 or e-mail to CHD@stl.rural.usda.gov. 8-8-05 Page 6

5 Alternate Training Methods A Alternate Methods for Completing Training USDA and FSA prefer that everyone take the training via the web. However, since OCIO is requesting completion of the training by August 15, 2005, FSA is providing alternate means to take the training for employees, contractors, or others who may encounter difficulties in taking web-based training. B CD-ROM Based Training Download the CD version of the course at http://www.ocionet.usda.gov/ocio/security/policy.html. The ".zip" files downloaded, "SecurityLiteracyandBasicsFY2005.zip can be "unzipped" (uncompressed) by clicking on "Windows Explorer" (the second icon from the bottom on the Microsoft Office tool bar), right-clicking on the file's name in "My Documents" (or other location where the file was downloaded to) selecting "Open with WinZip" and then clicking on "Extract" (default location is to extract to C:\) and clicking the "Extract" box. Users may then run the unzipped file by clicking on "Start" on the Start Menu, clicking on "Run" and typing the following in the "Open" box (or find using the "Browse" command): C:\temp\SecurityLiteracyandBasicsFY2005\autorun\Autorun.exe. Users shall print the completion certificate and retain a copy for their records. Do not submit the certificate to management or the Information Security Office, unless requested. The Information Security Office will receive reports directly from the AgLearn system. Important: Employees or contractors who complete the CD version of the course must notify their agency training coordinator and request that they manually update AgLearn with the course number, USDA-CYBERSECURITY-05. National Office employees shall contact Bessy Plaza, HRD, by: telephone at 202-418-9050 TDDY/TYY at 202-419-9107 email to bessy.plaza@wdc.usda.gov. State Offices, Kansas City, St. Louis, and APFO shall contact Sandy Prentice, KC/HRD, by: telephone at 816-926-6282 email to sandy.prentice@kcc.usda.gov. 8-8-05 Page 7

5 Alternate Training Materials (Continued) C Other Alternate Training Notice IRM-363 If employees or contractors cannot access either the web-based or CD version of the course, contact the FSA Information Security Office by e-mail to Security@kcc.usda.gov or telephone to 816-926-6537. They will assist users with access, provide a CD, or provide alternate training as needed. D Deadline for Completing Training All employees, contractors, and others shall complete the required Computer Security Awareness Training by August 15, 2005. If someone is out of the office the entire time between the date this notice is issued and August 15, 2005, then that person should take the training within 5 business days of his/her return. 8-8-05 Page 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information