Safe Computing Training & Education | safecomputing.umich.edu

The training and resources below help U-M community members fulfill their shared responsibility for protecting the university’s data and digital assets.

U-M units should offer training to faculty, staff and students in their unit and require it, when appropriate, in accordance with Information Assurance Awareness, Training, and Education (DS-16). To get started, units can:

Engage with your Security Unit Liaison to assess your needs and explore education options.
Use the ITS-Safe Computing and Training form to make one of the training courses below required for employees in your unit.

Note: Michigan Medicine provides training for employees that is separate from the training listed here.

Cybersecurity & Data Protection Courses

Cybersecurity and Data Protection at U-M (DCE101)

Topics:

Data Protection

Roles:

Data Stewards & Custodians, Faculty & Staff, Researcher, Security Unit Liaison

Audience:

Required of all employees, including faculty, staff, temporary, and student employees. (MM employees are required to take different training.)

Description:

Learn to protect the university’s digital resources, your devices and accounts, and U-M data; stay safe online and avoid scams; report IT security incidents.

Length:

10 minutes

Go to Course

two monitors with U of M block M on screen

Safe Computing Challenge for Students

Topics:

Data Protection

Roles:

Student

Audience:

U-M students on the Ann Arbor, Dearborn, and Flint campuses.

Description:

U-M students test their knowledge of online security and privacy by answering questions related to protecting devices and accounts; staying safe online and avoiding scams; and reporting phishing.

Length:

10 minutes

Prerequisites:

none

Go to Course

squirrel drawing with text don't fail the challenge. You can try again!

Safe Computing for Students

Topics:

Data Protection

Roles:

Student

Audience:

Required of all U-M students on the Ann Arbor, Dearborn, and Flint campuses.

Description:

(Coming Summer 2026) Learn to protect the university’s digital resources, your devices and accounts, and U-M data; stay safe online and avoid scams; report IT security incidents.

Length:

10 minutes

Prerequisites:

none

Advanced Data Protection at U-M (DPE201)

Topics:

Data Protection, IT Security, FERPA, HIPAA, PCI

Roles:

Faculty & Staff, Researcher

Audience:

IT professionals and users of administrative systems; required for some units.

Description:

Learn about the shared responsibility in protecting the university’s digital assets and how to safeguard institutional data (with a focus on HIPAA-, FERPA-, and PHI-regulated data) , staying safe online.

Length:

30 minutes

Prerequisites:

DCE101

Go to Course

person at desk in front of monitors with data charts showing

Payment Card Industry (PCI) Data Protection (DPE310)

Topics:

PCI

Roles:

Faculty & Staff

Audience:

ITS employees or unit IT who work with PCI systems and data, and their managers.

Description:

An overview of how ITS protects the PCI infrastructure, the security safeguards that PCI requires, and how to follow PCI requirements when adding or maintaining devices in the PCI infrastructure.

Length:

30 minutes

Prerequisites:

DCE101, DPE201

Go to Course

graphic of person holding large bank card with card reader in background

HIPAA and Protected Health Information (DPE320)

Topics:

HIPAA

Roles:

Faculty & Staff

Audience:

Employees who interact with Protected Health Information (PHI) as part of their normal job activities.

Description:

A more advanced course about the importance of HIPAA compliance, appropriately accessing and sharing PHI, and your role in safeguarding PHI.

Length:

20 minutes

Prerequisites:

DCE101

Go to Course

graphic of medical waiting room with patients and front desk workers

FERPA at U-M (RO100)

Topics:

FERPA

Roles:

Faculty & Staff

Audience:

Employees who interact with student records data.

Description:

A more advanced course on how to responsibly handle student data in accordance with FERPA (Family Educational Rights and Privacy Act).

Length:

30 minutes

Prerequisites:

DCE101

Go to Course

graphic of instructor pointing at board containing charts, in front of students

Controlled Unclassified Information (CUI) Protections (PEERRS_CUI_T100)

Topics:

Data Protection, CUI

Roles:

Faculty & Staff, Researcher

Audience:

Faculty, students, staff, and others working on a sponsored project subject to CUI regulations, as identified by the U-M Research Information Security Oversight (RISO) office.

Description:

This course introduces the federal regulations governing information deemed by a U.S. federal government agency to be CUI, and describes the basic security and procedural controls used to safeguard CUI. This course is required for U-M.

Length:

45 minutes

Prerequisites:

DCE101

Go to Course

graphic of shield with lock on it with monitor and servers in background

SUL Roles and Responsibilities (SUL100)

Topics:

IT Security

Roles:

Security Unit Liaison

Audience:

SULs

Description:

This course describes the Security Unit Liaison (SUL) role, overall expectations, how SULs coordinate security activities within the unit and in collaboration with IA, and highlights key responsibilities with scenarios. Deans or their equivalent designate SULs for their units.

Length:

10 minutes

Prerequisites:

DPE201

Go to Course

graphic of person helping someone at computer

Incident Response at U-M (SUL101)

Topics:

IT Security

Roles:

Security Unit Liaison

Audience:

SULs

Description:

This course outlines the goals of incident response at U-M, defines what an information security incident is and what makes it serious (per SPG 601.25), provides initial steps to take when responding to an incident, and describes the overall incident response process.

Length:

15 minutes

Prerequisites:

SUL100

Go to Course

graphic of laptop surrounded by alert and notice icons

IT Security Administration at U-M (SUL102)

Topics:

IT Security

Roles:

Security Unit Liaison

Audience:

SULs

Description:

This course highlights capabilities IA offers in the areas of vulnerability management, endpoint protection, sensitive data discovery, and network security, and describes the SUL role in ensuring these capabilities are utilized in order to improve the unit’s security posture.

Length:

15 minutes

Prerequisites:

SUL100

Go to Course

IT Security Risk Management at U-M (SUL103)

Topics:

IT Security

Roles:

Security Unit Liaison

Audience:

SULs

Description:

This course provides an overview of the Information Security Risk Management process, describes when RECONs (Risk Evaluations of Computers and Open Networks) are required, and gives SULs an introduction to the process of performing risk evaluations.

Length:

15 minutes

Prerequisites:

SUL100

Go to Course

graphic of 3 people standing and pointing at data charts

Introduction to Data Stewardship at U-M (DSE101)

Topics:

Data Governance

Roles:

Data Stewards & Custodians, Researcher

Audience:

Data Stewards and Custodians

Description:

This course is designed for members of the U-M community who have data governance responsibilities or are interested in data governance. It will cover U-M's data governance program, the data stewardship framework, and the roles and responsibilities of Data Stewards and Data Custodians.

Length:

15 minutes

Go to Course

graphic of two people interacting with data in front of them

Copyright Compliance Quiz

Topics:

Data Protection

Roles:

Student

Audience:

Students

Description:

Test your knowledge of what music, movies, books, and more you can and cannot share from your computer and mobile devices.

Length:

10 minutes

Go to Course

Three students looking at media on different devices