IT Policy Library

The below table displays all UC Berkeley and UC systemwide IT policies, standards, guidelines, and procedures, and their relationship to one another.

Policies & Standards	Related Standards, Guidelines & Procedures	Scope
Acceptable Use Policies for UC Berkeley Information Technology Resources	Administering Appropriate Use of Campus Computing and Network Services	Berkeley Campus
Rescinded: Application System Development Policy		Berkeley Campus
CalNet Policies		Berkeley Campus
Updated: Campus Information Technology Security Policy(link is external)	Data and IT Resource Classification Standard Minimum Security Standards for Electronic Information (MSSEI) Minimum Security Standards for Networked Devices (MSSND)	Berkeley Campus
Under Review: Campus Online Activities Policy	Mass Email Communication Guideline Procedures for Blocking Network Access	Berkeley Campus
Archived: Computer Use Policy Superseded by: Campus Acceptable Use Policy	Administering Appropriate Use of Campus Computing and Network Services	Berkeley Campus
Copyright Notices on Campus Websites		Berkeley Campus
Data and IT Resource Classification Overview	Data and IT Resource Classification Standard - version 2.1, updated 6/13/2024 Data and IT Resource Classification Guideline Data Classification and Protection Profiles	Berkeley Campus
Departmental Information Security Contact Policy	Highlighting Changes to the Departmental Information Security Contact Policy	Berkeley Campus
Domain Name System (DNS) Service Policy and Resources(link is external)		Service
Electronic Communications Policy	Administering Appropriate Use of Campus Computing and Network Services Approval to Access Berkeley Campus Electronic Communications(link is external) Accessing a former employee's email or files(link is external) Guidelines for Use of Campus Network Data Reports	UC & Berkeley Campus
Email Service Policy	UC Berkeley Box and Google Data Use Agreement Cautions in the Use of Email Mass Email Communication Guideline Terms and Conditions of Appropriate Use for bMail	Service
Exception Process	Information Security Policy Exception Process Overview Full Information Security Policy Exception Process	Berkeley Campus
IS-3 Electronic Information Security(link is external)	UC systemwide policy(link is external) UC Berkeley IS-3 Information UC Berkeley's Implementation of IS-3 Campus Information Security Management Program Campus Incident Response Plan Information Security Policy Guide for Units	UC & Berkeley Campus
IT Accessibility Policy	UC Berkeley Digital Accessibility Program(link is external)	UC & Berkeley Campus
Updated: Minimum Security Standards for Electronic Information Home Page - links to full Standard and implementation information Previous Version: Minimum Security Standards for Electronic Information	MSSEI Requirement Finder (authentication + campus network or campus VPN required) Request for Exception: Berkeley Campus Minimum Security Standards Guidelines for previous version of MSSEI: Secure Deletion Guideline Covered System Registration Guideline Registration Review Guideline Managed Software Inventory Guideline Secure Device Configuration Guideline Continuous Vulnerability Assessment & Remediation Guideline Authenticated Scans Guideline Intrusion Detection Guideline Device Physical Security Guideline Secure Coding Practice Guidelines Application Security Testing Program Commercial Software Assessment Guideline Mobile and Wireless Device Guideline Security and Privacy Training Guideline Separation of System Resources Guideline Use of Admin Accounts on Secure Devices Guideline Admin Account Security Guideline Managed Hardware Firewall Guideline Protected Subnet Guideline Audit Logging Guideline Security Audit Log Analysis Guideline Need to Know Access Control Guideline Account Monitoring and Management Guideline Data Encryption in Transit Guideline Data Encryption on Removable Media Guideline Data Access Agreement Guidelines Incident Response Planning Guideline Incident Response Plan Availability Guideline Incident Reporting Training Guideline Request for Exception: Berkeley Campus Minimum Security Standards	Berkeley Campus
Minimum Security Standards for Networked Devices Home	Minimum Security Standards for Networked Devices (MSSND) - full Standard Request for Exception: Berkeley Campus Minimum Security Standards MSSND: How to Secure Devices Guide to MSSND Changes	Berkeley Campus
Privacy Statement for UC Berkeley Websites	How to Write an Effective Website Privacy Statement	Berkeley Campus
Roles and Responsibilities Policy Home Page	Full Policy: Roles and Responsibilities for the Protection of University Institutional Information and IT Resources Information Security Policy Glossary	Berkeley Campus
Routine Monitoring Practices Overview	Detailed Routine Monitoring Practices (login required) Electronic Communications Policy (ECP) Guidelines for Use of Campus Network Data Reports	Berkeley Campus
Security Requirements for Networked Devices (including NAT)(link is external)		Berkeley Campus
Terms and Conditions of Appropriate Use for bMail		Berkeley Campus