(Drafted March 2026. Pending Governing Board Approval)
Security Awareness & Training Policy
1. Purpose
This policy defines expectations for cybersecurity awareness and training at Colearn Academy to help staff and students understand their role in protecting school systems and data.
2. Scope
This policy applies to employees and, where appropriate, to contractors and volunteers. Student‑facing elements apply to enrolled students as determined by school leadership.
Operating context: Colearn Academy has no physical building and no school-owned hardware; staff and students use their own or family-owned devices for school purposes.
3. Staff Training
3.1
Colearn Academy will provide periodic cybersecurity awareness training for staff. Training topics may include recognizing phishing and social engineering, using strong authentication practices, protecting devices, and appropriately handling student and staff information.
3.2
Completion of required training may be tracked to support accountability.
4. Student Awareness
4.1
The School will provide age‑appropriate guidance to students on safe and responsible use of technology, aligned with applicable digital citizenship and internet safety expectations.
5. Communication and Reminders
5.1
The School may provide reminders, tips, or other communications throughout the year to reinforce key security practices.
6. Review
This policy will be reviewed at least annually and updated as needed to reflect emerging threats, best practices, or changes in curriculum and tools.