Cyber Risk Management Program

Welcome to UC Berkeley’s Cyber Risk Management Program service page. Berkeley’s Cyber Risk Management Program is a holistic program to help Units manage cyber risk as well as compliance with IS-3, UC's systemwide electronic information security policy. 

Here you will find information and resources to help your Unit with its ongoing cyber risk management and annual IS-3 review.  

IS-3 Program Principles  - details in caption

Caption - Key Program Principles:

  • Security is a shared responsibility: everyone has a role
  • Focus on risk management; risk assessment is key
  • Units are responsible for managing their own information security risk
  • Protection Level and Availability Level inform risk level and controls