Unit Assessment Service

A service overview and catalog of Unit Assessment Service provided by the UC Berkeley IT Service Hub.

Description

The Unit Assessment Service is a cornerstone of the campus Cyber Risk Management Program (CRMP). It empowers campus units to evaluate their security posture through an ISO-facilitated self-assessment process using the Isora platform. This process ensures departmental compliance with institutional security standards by requiring all academic and administrative units to update their assessments every 2–5 years, based on their specific risk profile.

Benefits & Features

Self-Guided Assessment: Access the Isora platform, a streamlined portal for conducting unit self-assessments.
Expert ISO Review: Receive a formal evaluation of your submission by ISO security analysts to ensure alignment with campus standards.
Prioritized Action Plan: Every participating unit receives a summary report containing tailored recommendations to improve security maturity and mitigate high-risk areas.
Annual Theme & Toolkit: Each year, the CRMP highlights a specific risk area, providing units with actionable tools and resources to simplify compliance and increase security awareness.
Data Visualization & Reporting: Gain access to interactive Tableau dashboards to track your compliance progress, benchmark your unit against campus peers, and analyze security trends across specific risk tiers and categories.

Getting Started

The Information Security Office contacts units that are due to participate each calendar year. To ensure timely communication and all necessary access, units should verify that their Unit Head and Security Lead(s) are current in Socreg.

Information about the unit self-assessment process and the Cyber Risk Management Program is available below.

Service Details

Eligibility	This service is available to Faculty and Staff as required through the campus Cyber Risk Management Program.
Contact	Technical Support: Please email security-assessments@berkeley.edu.
Availability	Available 24/7. Support is provided Monday–Friday, 8:00 AM – 5:00 PM PT, excluding University holidays and curtailment periods.
Cost	There are no direct costs associated with this service.
Data Classification	This service is rated for P3, A2, and R2 data. Compliance: Users are responsible for ensuring data handled within this service complies with the Data and IT Resource Classification Standards.