IS-3 Resources


UC Business and Finance Bulletin IS-3 is the University of California’s systemwide information security policy. A major update to IS-3 was finalized in September 2018 and the new IS-3 changes the way information security risk is handled within the university. For more information visit our IS-3 Informational Page.

IS-3 Resources:

These resources provide additional information on the IS-3 policy. We will continue to post more information and supporting documents as they become available.

For a list of all the currently onboarded Units visit our Unit Heads and Security Leads page. Additional Units will be added to the page as they are onboarded by ISO. If you don't see your Unit listed and need support please contact

Policies and Standards 

Protection and Availability Levels


Slide Decks

  • The Information Security Office "roadshow" slide deck addressing implementation plan (login required)
  • Roles and Responsibilities Policy Draft - Highlights


For questions about UC Berkeley's IS-3 implementation project, contact us at

Units interested in detailed information about IS-3 controls; roles and responsibilities; and implementation tools from the UC Systemwide Policy Office can contact ISO at to request access to the systemwide materials.