Search Information Security site


Information Security Awareness Training (ISAT) in Workday


As part of the IRM-002 – Acceptable Use of the University’s Information Technology Resources policy, all UVA non-student users (e.g., faculty, staff, contractors) and student employees must complete information security awareness training annually.  Information security awareness training is now moved into the Workday Learning system and is new and improved.   Workday will initaite an email notification to your registered address 30 days before the end of the month you were hired in (e.g. hired in June 2000, then training is required to be completed in June 2019).  For some, it may feel like you just completed last year's (2018) training.   We thank you for your patience and vigilance as we work to improve security awareness in the University community.  You can take the Information Security Awareness Training (ISAT) in Workday at any time before your hire month, if you wish. 

JointVPN (JVPN) and High Security VPN (HSVPN) users: You must complete the annual ISAT by the end of the anniversary of your hire month, or your access to the JVPN will be revoked.  If you fail to complete your annual training and your iKey or eToken is blocked, then you must contact Access Management to have this access restored.


Please email if you have any questions or concerns regarding the training and any impacts experienced by the users you support.


Security Awareness (Responsible Computing) Handbook for Faculty & Staff
Security Awareness (Responsible Computing) Handbook for Students

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security Office will evaluate the report and provide a full investigation.

Complete Report Form