Upcoming Changes for Information Security Policy

November 6, 2019

There will be some changes coming to information security policies at Berkeley brought on by a major update to the UC systemwide information security policy (IS-3). The revision brings sweeping changes to the way information security risk is handled on Campus. 

What to Expect:

The Information Security Office (ISO) is currently updating and developing several foundational information security Standards and Policies. “Working drafts” and/or final versions (as noted) of the following documents are live and available at: https://security.berkeley.edu/policy/policy-catalog

Alignment with new UC Data Protection Levels

The IS-3 update affects the classification and mitigating controls of Protected Data. ISO is integrating these changes into UC Berkeley’s information security program in two phases: 

First, ISO is changing the Data Protection Level numbering system to align with the new UC Protection Levels. You will start seeing these number changes reflected on the ISO website. In the second phase, ISO will review and update controls and requirements for each classification level. 

Where to Learn More: