Getting Started
-
- Read through UCI ISS and UC IS-3 policy and standards.
- Familiarize yourself with the UISL role description.
- At UCI we split the UISL role between an Administrative UISL and Technical UISL, who represent security leadership for the business operations and IT operations, respectively. While it is ultimately up to the Unit Head how to assign responsibilities within their Unit, a suggested breakdown of responsibilities between the two is UISL Responsibilities RACI.
The Basics
-
- Act as the Unit’s central contact regarding information security.
- Have regular communications (at least quarterly) with the Unit Head, both to keep them informed of the current security risk posture of the Unit, and also any resource or prioritization needs to ensure you can succeed in the UISL role. Ensure there is an active dialogue between Unit Head and UISLs.
- Actively participate in all campus-wide security activities such as meetings, alerts, and requests from the CISO.
- Ensure that any potential security incidents are reported to the CISO and Unit leadership.
First Initiatives
-
- Complete/update (or get familiar with existing) Unit Information Security Management Plan (ISMP).
- Complete/update (or get familiar with existing) Unit Protected Data & Systems Inventory.
- Document Unit process for tracking, remediating, and communicating risk related to vulnerabilities or include in Unit ISMP.
- Document Unit approach to ensuring minimum security standards or include in Unit ISMP.
Resources
-
- UCI Information Security Management Program
- Current Unit Leadership
- Information Security Services
- Campus-wide Security Projects
- OIT Security Risk and Compliance Service Request
- (Consulting for ISMP, PDSI, IS-3, etc; Unit draft reviews; Facilitated Risk Assessments)
- OneTrust Tool
- Supplier Security Reviews
- UC ITPS Group and Mailing List
- UISL Mailing List
- Calendar of Changes and Due Dates