Dear Colleagues,
The University invites comments on a proposed Presidential Policy Business and Finance Bulletin IS-12 IT Recovery. The rewritten policy addresses the following key issues:
- Updated to reflect modern technology (i.e. CD-ROMS are removed, ransomware and cloud computing are addressed).
- Aligned with the current state of emergency planning at UC.
- Narrowed the scope to IT Recovery.
- Adopted the concept of “recovery level already adopted by UC Health and their academic Locations.” There are 5 recovery levels.
- Granted Location control to manage budget and risk. See the accompanying presentation. Key features:
- Location defined scope.
- Location administered exception process.
- Iterative model of compliance to support a roadmap to desired state.
- Made the policy directly implementable.
- Included uniform requirements to support inter and intra Location dependencies.
- Ensured that responsibilities are clearly assigned.
- Addressed the key gaps identified by Business Continuity Planners and Risk Managers responsible for continuity and emergency planning.
The policy was written by a systemwide workgroup. The systemwide workgroup consisted of 14 cross-functional representatives from:
- ANR
- UC Berkeley
- UC Davis
- UC Davis Health
- UC Los Angeles
- UCLA Health
- UCOP
- UC Merced
- UC San Francisco
- UC Santa Cruz
This policy applies to all persons at all UC San Diego locations.
Under the Regents’ Policy, campuses were directed to issue implementing rules for certain policy requirements. This proposed policy constitutes the implementing rules for the San Diego campus and is available for viewing here.
This is a formal review of the proposed Implementing Rules. If you have comments for submission in response to the policy review, please provide your written comments to Paula Johnson in Policy and Records Administration at pjjohnson@ucsd.edu no later than February 5, 2021.
