Policy defines requirements for the appropriate classification of Institutional Information and IT Resources to ensure their confidentiality, integrity and availability. It uses a risk-based approach to identify effective controls based on the need to achieve a specific Protection Level or Availability Level. UC’s investment in security controls is commensurate with the level of need for protection or availability of the Institutional Information.
Protection Levels
Designed around protecting the confidentiality and integrity of institutional information and IT resources. Four levels of information protection is defined in Protection Level Details
Availability Levels
Designed around protecting the availability of campus institutional information and IT resources. Four levels of information availability impact is defined in Availability Levels Details