Policy Updates
IS-3 Information Security Program - Current & Upcoming Highlights
For FY 2023-24, our security teams are working with 36 units this year as part of the IS-3 Program. The fall cohort of units recently wrapped up, and we’re holding Unit Head orientations for the spring cohort in January. By the end of spring, all academic and administrative units will have completed their initial IS-3 onboarding, and early adopters will have completed at least one round of review!
Also, see the “In the Know” section above for information about this year’s IS-3 annual theme.
Beginning FY 2024-25, the IS-3 program will be an ongoing program of regular reviews, annual themes, and enhanced metrics/reporting for units and Leadership. Units can expect to review their information in Socreg annually and to update their IS-3 self-assessment every 2-5 years (depending on the risk level of the unit).
-
Please see the IS-3 Onboarding and Review Schedule for timing details, including a projected schedule through FY26. ISO will reach out to units with details and program support as each review period approaches.
-
Security Leads can expect to receive a poll this spring to help determine the best time of year for these reviews.
Updating the MSSEI
The revised MSSEI has completed the campus key stakeholder review. After addressing a few remaining items of feedback, the update will be sent out for full campus review to all employees via CalMessage later this month.
We continue to welcome any feedback on the proposed update (links below) - please help us identify any potential issues or concerns. We also welcome feedback on the prioritization of the requirements and the exception process, both included in the draft. Please use this feedback form (you can even be anonymous) or email iso@berkeley.edu.
Full Draft | Annotated Draft | Roadshow Slides
Other Information Security Policy Updates
A proposed consolidated Acceptable Use Policy that combines all of the various IT-related Acceptable Use Policies on campus into a single document is nearing completion. The Information Security and bIT Policy Offices are partnering on this effort. The next step is to determine what the campus review process will entail since no new policies are being introduced with this consolidation.
Back to Top
|