The University of California Office of the President invites comments on a proposed Presidential Policy Business and Finance Bulletin IS-12 IT Recovery. The rewritten policy addresses the following key issues:
- Updated to reflect modern technology (i.e. CD-ROMS are removed, ransomware and cloud computing are addressed).
- Aligned with the current state of emergency planning at UC.
o Narrowed the scope to IT Recovery.
- Adopted the concept of “recovery level already adopted by UC Health and their academic Locations.” There are 5 recovery levels.
- Granted Location control to manage budget and risk. See the accompanying presentation. Key features:
o Location defined scope.
o Location administered exception process.
o Iterative model of compliance to support a roadmap to desired state.
- Made the policy directly implementable.
- Included uniform requirements to support inter and intra Location dependencies.
- Ensured that responsibilities are clearly assigned.
- Addressed the key gaps identified by Business Continuity Planners and Risk Managers responsible for continuity and emergency planning.
The policy was written by a systemwide workgroup. The systemwide workgroup consisted of 14 cross-functional representatives from:
- UC Berkeley
- UC Davis
- UC Davis Health
- UCLA Health
- UC Merced
- UC Santa Cruz
The proposed policy is posted here: https://ucanr.edu/sites/anrstaff/Administration/Business_Operations/Controller/Administrative_Policies_-_Business_Contracts/Policy_and_administrative_handbooks/ANR_Administrative_Handbook/Recent_Updates/
If you have any questions or if you wish to comment, please contact Robin Sanchez at firstname.lastname@example.org, no later than March 5, 2021. Please indicate “Proposed Presidential Policy, Business and Finance Bulletin, IS-12 IT Recovery” in the subject line.