Professional Documents
Culture Documents
Introduction
As a CCRC employee, you are obligated to comply with CCRC Information Security policies and
regulatory controls for the protection of Company and private information. As a CCRC employee,
you are best means of protecting Company and private information through both your adherence
to policy and your diligence to report information security infractions. This Information Security
Policy Awareness Summary is meant to provide you with the following:
1. Summary description of each Information Security policy, its guidelines, and associated
security standards.
2. The location of all published Information Security policies and standards.
3. Who to contact for further security advice and the proper channels for reporting
information security incidents.
CCRC requires your acknowledge of this information prior to the provisioning of your network
access as a CCRC employee.
pg. 1
applications and information systems. The Remote Access Standard is intended to help
mitigate potential damage exposure to CCR that might occur from unauthorized access
using remote access connections. The Encryption Standard details the cryptographic
controls which should be used to protect sensitive information classified as Confidential
and Confidential Restricted. The requirements and user obligations for helping to prevent
infections by computer viruses and other types of malicious software is provided in the
Malicious Software Protection Standard.
Contact Information
All published Information Security policies and standards are located on the MyCCR Intranet at
the following location:
MyCCR > BIS > Information Security Policies > Security Awareness
You may obtain hard copies of the Information Security policies and standards by submitting a
request to:
Security Governance, Compliance, and Risk Management
CCR BIS
3200 Windy Hill Road, East Tower
Atlanta GA 30339
For further security advice and for reporting information security incidents, contact Security
Governance, Compliance, and Risk Management as follows:
Email Security Governance/CCR
Call 770-370-6940
pg. 2
Acknowledgement of Receipt of Information Security Policies
I acknowledge that I have been provided a copy of the Company's Information Security Policies. I
understand that as a part of my job, I am expected to know and follow these policies. I further
understand I have an affirmative obligation to promptly report any misconduct in violation of these
policies, including making reports to the Corporate Office, should misconduct not be fully
corrected by local / Business Unit management.
In addition, I understand that the Company policy prohibits any retaliation against those making
good faith complaints under these policies. I also understand that if I engage in conduct
prohibited by these policies, I will be subject to disciplinary action, up to and including discharge.
Print Name
Signature
Date
Note:
The Information Security Policies of the Company will be applied to all employees including those
who may not have signed the above acknowledgement of receipt.
pg. 3