Definition of Roles
- Unit Head - In the context of information security a "Unit Head" is a generic term for Dean, vice chancellor, associate vice chancellor, or other accountable executive in a senior role who has the authority to allocate budget and is responsible for Unit performance, administration, and risk acceptance. The following senior roles may also be Unit Heads if explicitly delegated by the responsible Dean, VC, or AVC: department chairs, principal investigators, directors, or senior managers.
- Unit Information Security Lead (UISL) - A term for the Workforce Member(s) appointed by the Unit Head and assigned responsibility for ensuring tactical execution of information security activities including, but not limited to: implementing security controls; reviewing and updating risk assessments; devising procedures for the proper handling, storing and disposing of electronic media within the Unit; and reviewing access rights. These activities are performed in consultation with the Unit Head. The UISL doesn’t need to be a technical person (though they can be).
Summary of Responsibilities
- Unit Heads are the executives accountable and responsible for overseeing the execution of UC and Campus information security policies within the Unit. The Unit Head role is a business function responsible for risk acceptance; even where IT functions have been centralized, this role remains with the Unit and does not transfer to IT Client Services (ITCS).
- Unit Information Security Lead/UISL (also known as Security Lead) is designated by the Unit Head and is responsible for ensuring execution of information security activities within the Unit. The role is responsible for ensuring that security activities happen, not necessarily for performing the implementation; there may be a coordination aspect for many tasks. For Units whose IT functions have been centralized, the UISL is expected to work in partnership with the IT Client Services (ITCS) zone contact for areas requiring technical support.
Security Lead Job Duties and Tasks
- Short Description - An overview of the main tasks associated with the UISL role
- Detailed Description - An in-depth review of the tasks that are associated with the UISL role
NOTE: The number of UISLs in a Unit is established by the Unit Head. A single person could oversee the responsibilities for an entire Unit or different UISLs could be assigned to different functional areas. This will largely be determined by the size and structure of the Unit and the Unit Head’s reporting preferences. Smaller Units may also be able to share one UISL.
Security Lead Resources
All documentation and assets created by the Information Security Office for implementation of IS-3 are available to UC Berkeley Authenticated users on our UISL Resources page