Unit Information Security Lead

The Unit Information Security Lead is a role defined by the University of California IS-3 Electronic Information Security Policy that helps put this policy into practice at the campus and unit level.

For more information about the UISL role, see the Systemwide UISL quick start guide.

Training is available for the UISL role. 

At UCSC the UISL role has been further defined into three Tiers, with general areas of responsibility as outlined below. 

 

Tier 1 UISLs are expected to apply basic concepts of the IS-3 Policy & Standards, such as data classification, requirements, exception process and risk decision process, as well as understand resources available to help with these activities.

Tier 2 UISLs are expected to meet Tier 1 objectives and perform additional activities in support of the cybersecurity needs of a unit, such as keeping track of information, systems, and Suppliers, and providing guidance on the required security controls based on the classifications for protection and availability levels.

Tier 3 UISLs are expected to meet Tier 2 objectives and provide cybersecurity expertise where and when it is needed, facilitate risk assessments, prepare risk treatment plans, and consult with Unit Heads on risk-based decisions.

 

All UISLs, regardless of Tier, will be invited to participate in regular and periodic sessions with the UCSC Chief Information Officer (CISO) and IT Security Team, to learn about the latest vulnerabilities, tools and techniques that will help keep our campus safe and secure.