Classifying Institutional Information and IT Resources
At UC, protecting our Institutional Information and IT Resources is critical to our mission of teaching, research, and public service.
UC’s Electronic Information Security Policy (IS-3) defines requirements for the appropriate classification of Institutional Information and IT Resources to ensure their confidentiality, integrity and availability.
The policy uses a risk-based approach to identify effective controls based on the need to achieve a specific Protection Level or Availability Level. UC’s investment in security controls is commensurate with the level of need for protection or availability of the Institutional Information.