CISPC members revised the committee charter in May and June of 2014. The 2014 revised CISPC charter is conditionally published, pending approval by the Information Risk Governance Committee (IRGC). The archived charter is published here for reference.
The Campus Information Security and Privacy Committee (CISPC) is a standing committee providing input and prioritization of UC Berkeley information security and privacy programs. CISPC reports to the campus Chief Privacy & Security Officer and has responsibility and accountability for making recommendations to that office. The Committee is charged with identifying campus requirements, providing input to policy issues, and reviewing proposed standards. CISPC advises Systems and Network Security (SNS) on programs, priorities, and budget. The Committee reviews requests for exception to campus security policies and provides input to the CPSO on criteria for granting exceptions. CISPC also functions as an advisory group for the Deputy CIO Technology Council on matters of information security and privacy.
Sponsor: Chief Privacy & Security Officer
One vote per person.
Quorum is 70% of voting members.
Members must be present to vote.
Membership is by appointment.
Additional members may be added by appointment or application and membership vote.
CISPC voting members are appointed by the Chief Privacy & Security Officer for two-year terms and include technology managers and experts from major campus units. The Committee also includes non-voting representatives from Information Services and Technology, System and Network Security, Audit and Advisory Services, and Office of the CIO.
On average, a minimum commitment of 3-4 hours/month is expected of committee members. Due to the committee's significant campus-wide responsibilities, attendance is required and will be taken at each meeting. More than 2 consecutive absences will jeopardize a member's appointment to the committee. If members must miss a meeting, they need to notify the Chair or Vice-Chair in advance. Members who miss a meeting, especially when a vote is to be taken, are encouraged to appoint a proxy to attend the meeting as their representative.
Some of the work of CISPC is carried out by working groups that bring together technical experts to study particular topics in depth, prepare reports, and make recommendations to the larger group. The working groups are appointed ad hoc for a finite term and can be comprised of both CISPC and non-CISPC members.
CISPC is an advisory body to provide input to campus information security requirements, priorities, and strategic directions. It is not a communications and outreach body. If there are relevant issues CISPC needs to communicate, the following channels can be used:
- SNS mailing lists
- CIO communications and outreach staff
- Security SIG
- Associate CIOs
- CISPC Membership
Name Title Department Role Rivers, Paul Interim Chief Information Security Officer Information Security and Policy firstname.lastname@example.org Co-Chair Ho, Lisa IT Policy Manager Information Security and Policy email@example.com Co-Chair Battacharya, Arka Student Graduate Assembly Member Brym, Petr Chief Security Officer Student Affiars IT firstname.lastname@example.org Member Open Chemistry Member Gonzalez, Gabriel CTO Law email@example.com Member Gross, Ben Mgr, End User Infrastructure IST-Client Services firstname.lastname@example.org Member Open Letters & Science Member Kraitchman, Mark IT Security Analyst EECS email@example.com Member Kraus, Andy IS Manager Cal Performances firstname.lastname@example.org Member Maxwell, Neil Director, Information Systems Research Admin & Compliance Ofc email@example.com Member McCoy, Scott Network Administrator University Health Services firstname.lastname@example.org Member McGrath, Owen Mgr, Tech Operations Educational Teaching Services email@example.com Member Shireman, Scott Director, IS University Extension firstname.lastname@example.org Member Van Cleave Smith, Barbara Deputy Chief Risk Officer Ethics, Compliance & Risk Management email@example.com Member Open Library & Collections Edwards, Chad IT Auditor Audit and Advisory Services firstname.lastname@example.org Ex-officio Stone, Adam UCB-DOE Liaison LBNL email@example.com Ex-officio
Mark Kraitchman has been a working IT professional for over twenty years. For the last ten plus years, he has worked in computer and network security. He is currently employed as an IT Security Analyst for the Infrastructure Development and Support Group (IDSG) in the Department of Electrical Engineering & Computer Sciences (EECS) at UC Berkeley.