IS-3 What Units Can Do Now

Campus-level implementation of IS-3 will happen in phases. However, there are things that Units at all levels can do to get started, even as campus-level implementation is in progress:

  • Be aware that Protection Levels are changing. UC now uses a 1-4 scale, while Berkeley has been using a 0-3 scale. This means that all PL numbers will be changing. There are also category changes for certain types of information, so its not as simple as just adding 1 to the current PL number. ISO has been working on Berkeley's updated Data Classification Standard Draft and it's available for review. The UC Data Classification Standard and Guide are also available to review. At a high level, this is what you’ll see:

  • Learn about the new Availability Levels. This is a new concept for information security at UC. Availability Level refers to the impact of loss of availability or service, measured on a scale of 1-4. A4 is the highest level of impact and A1 is the lowest. Availability Level helps to determine what protections are required to ensure that information and resources are available when needed. The four Availability Levels are described the Berkeley Data Classification Standard Draft. Additional information is also available in the UC Data Classification Standard and Guide.

 

AL Flags with Scale