Quick Start Guides by Role
In a complex and ever-changing information security environment, members of the UC community can often find it challenging to discern exactly what they need to do to help protect our Institutional Information and IT Resources.
We’re aiming to make things easier with a series of checklists providing clear action items tailored to key roles. These guides offer additional cybersecurity measures beyond the baseline practices required for all users and all devices.
Role descriptions are provided below. Once you’ve determined yours, click the corresponding link or Quick Start Guide on the left to get started.
If you’d like to review the full policy (IS-3), you’ll find it here.
CISO: The Chief Information Security Officer (CISO) is responsible for security functions throughout a Location, including assisting in the interpretation and application of IS-3. IS-3 requires each Location to “identify or appoint” a CISO. It is possible to identify one or more individuals to fulfill the role, as long as responsibilities are clearly defined per individual. At some Locations, the CISO might hold the title of ISO, or Information Security Officer.
Proprietor: 1) The individual responsible for the Institutional Information and processes supporting a University function. 2) The individual responsible for the IT Resources and processes supporting a University function. 3) An identified group, committee or board responsible for the Institutional Information and processes supporting a University function.
Researcher: A UC faculty member conducting research on behalf of UC. Also a Workforce Member.
Service Provider: A UC group or organization providing specific IT services to a Unit.
Unit : 1) A point of accountability and responsibility that results from creating or collecting, managing or possessing Institutional Information or from installing or managing IT Resources. A Unit is typically a defined organization or set of departments. 2) An IT, academic, research, administrative, or other entity operating within UC. 3) An academic school or administrative organization led by a Location appointed Unit Head. Service Providers are considered Units.
Unit Head: 1) A generic term for Dean, Vice Chancellor, or similarly senior role who has the authority to allocate budget and is responsible for Unit performance. 2) A senior management role with the authority to allocate budget and responsibility for Unit performance. 3) At a specific location or in a specific situation, the following senior roles may also be Unit Heads: department chairs, assistant/associate vice chancellor (AVC), principal investigators, directors, senior directors, or senior managers.
Unit Information Security Lead: The Workforce Member(s) assigned responsibility for tactical execution of information security activities associated with IS-3.
Workforce Manager: A person who supervises/manages Workforce Members or approves work or research on behalf of the University.
Workforce Member: An employee, faculty, staff, volunteer, contractor, researcher, student worker, student supporting/performing research, medical center staff/personnel, clinician, student intern, student volunteer, or person working for UC in any capacity or other augmentation to UC staffing levels.