The IT Policy team manages Berkeley Lab’s policies, guidance and procedures on IT and cybersecurity topics. The IT Policy team engages with the Department of Energy and University of California to advocate for policy and oversight that promotes Berkeley Lab’s fundamental research missions. The IT Policy team manages implementation and compliance of DOE orders, and, when necessary, sets Lab institutional policy on IT and cybersecurity.
If you have any questions or comments for the IT Policy team, please reach out to itpolicy@lbl.gov. The following sections outline our core activities and services to support the Lab’s risk management and assurance on IT and cybersecurity.
Assurance
Berkeley Lab’s Prime Contract includes a number of DOE orders related to IT and cybersecurity. The assurance page outlines Berkeley Lab’s assurance processes related to these requirements.
Authority to Operate
Berkeley Lab’s Authority to Operate website describes our continuous authorization model and risk agreement with the Berkeley Site Office, and outlines the supporting documentation that is continuously updated to support that model.
Institutional Services
Institutional Services are critical, Lab-wide services provided by the IT Division to the Laboratory. Berkeley Lab has determined that these services must be provided only by the IT Division, due to their unique risk profile and resource requirements.
Policy
Berkeley Lab’s institutional IT and cybersecurity policies focus on implementing DOE orders, UC requirements, and other laws, rules and regulations. Berkeley Lab also implements additional policies based on operational needs or to react to external risk factors.
Privacy
Berkeley Lab’s Privacy Program designs and implements policy and processes that protect your Personally Identifiable Information, and ensure compliance with applicable DOE, UC and California policies, laws and regulations related to privacy.
in the bottom right or navigate to