MIMS Final Project 2008

IT Security for Berkeley Academic Resources (IT’S a BeAR!)

Eric Kansa
The regulatory regime covering information handling at a major research university such as UC Berkeley is varied and complex. There are many laws, regulations, and policies that impose IT security management requirements on organizations which store and process personal, financial, and other types of sensitive data. Institutions that are not in compliance face the loss of funding and other penalties.

A number of University-wide policies and campus-wide policies describe how the university community is to comply with individual parts of the regulatory regime, but it is not necessarily clear what concrete steps should be taken to ensure compliance as a whole. We are designing a mechanism to help members of the campus community determine the set of specific security controls they need to implement based on the nature of the information they are trying to protect.

Last updated:

October 7, 2016