Classifying Institutional Information and IT Resources

At UC, protecting our Institutional Information and IT Resources is critical to our mission of teaching, research, and public service.

UC's Electronic Information Security Policy (IS-3) defines requirements for the appropriate classification of Institutional Information and IT Resources to ensure their confidentiality, integrity and availability.

The policy uses a risk-based approach to identify effective controls based on the need to achieve a specific Protection Level or Availability Level. UC’s investment in security controls is commensurate with the level of need for protection or availability of the Institutional Information.

Protection Levels:

Designed around protecting the confidentiality and integrity of institutional information and IT resources. Protection Level Details

Availability Levels:

Designed around protecting the availability of campus institutional information and IT resources.  Availability Levels Details

Resources: