Employee comments invited on Electronic Information Security Policy revisions
The Office of the Vice President and Chief Information Officer invites comments on drafts of a presidential policy, “Electronic Information Security” (IS-3), and a corresponding glossary for all information security and information technology policies.
The policy provides a security framework that protects UC’s institutional information and IT resources from accidental or intentional unauthorized access, loss or damage, while preserving UC’s collaborative academic culture. It is modeled on a recognized set of best practices and security controls from the International Organization for Standardization (ISO). Use of a standards-based approach is crucial for UC to obtain cybersecurity insurance, take advantage of vendor services based on these standards, and ensure faculty eligibility for certain federal research contracts that deal with Controlled Unclassified Information (CUI).
We recommend the following order of review:
- Policy Abstract
- Frequently Asked Questions (FAQ)
- Draft Glossary for Information Security and Information Technology policies (optional)
- Draft Presidential policy on Electronic Information Security, IS-3
The following systemwide website also provides resources to support reviewers and eventual adoption of the policy: https://security.ucop.edu/index.html
If you have any questions or wish to comment, please contact Nancy.Pluzdrak@ucop.edu no later than June 30, 2017. Please indicate “Electronic Information Security Policy” in the email subject line.