Terms and Definitions

Business Continuity Plan (BCP): documented procedures that guide organizations on how to respond, recover, resume, and restore business to a pre-defined level of operation following disruption.BCP is also known as a “continuity plan” in the UC Ready tool and, in other tools, Continuity of Operations (COOP).

Cyber-risk Responsible Executive (CRE): an individual in a senior management or academic position who reports to the Location chancellor or top Location executive. The CRE is accountable for all information risk assessments, security strategies, planning and budgeting, incident management, and information security implementation.

Institutional Information: a term that broadly describes all data and information created, received, and collected by UC. (See also the UC IT Policy Glossary.)

IT Recovery: a term that includes all activities needed to enable access to Institutional Information and enable business functions. This includes:

IT Disaster Recovery – recovering the operating state of IT Resources and access to Institutional Information (information systems or cloud services) that support identified business functions. 

IT Service Continuity – restoring or making available equivalent functional IT Resources and access to Institutional Information, whether temporary or durable, that support identified business functions.

IT Resource: a term that broadly describes IT infrastructure, software, and hardware with computing and networking capability. These include but are not limited to portable computing devices and systems, mobile phones, printers, network devices, industrial control systems (SCADA, etc.), access control systems, digital video monitoring systems, data storage systems, data processing systems, cloud services, cloud or virtually hosted services/applications/infrastructure, backup systems, electronic media, Logical Media, biometric and access tokens, and other devices that connect to any UC network. (See also the UC IT Policy Glossary.)

Maximum Tolerable Downtime (MTD): the amount of time a mission/business process can be disrupted without causing significant harm to the Unit or Location’s mission.

Recovery Point Objective (RPO): the amount of data that can be lost before significant harm to the business occurs. The objective is expressed as a time measurement from the loss event to the most recent backup preceding the event.

Recovery Time Objective (RTO): the length of time allowed for the restoration of business processes and the achievement of a stated level of service following a disruption.

Unit: A point of accountability and responsibility that results from creating/collecting or managing/possessing Institutional Information or installing/managing IT Resources. A Unit is typically a defined organization or set of departments. (See also the UC IT Policy Glossary.)

Unit Head: A general term for a dean, vice chancellor or person in a similarly senior role who has the authority to allocate budget and is responsible for Unit performance and administration. (See also the UC IT Policy Glossary.)

Vital Records: Institutional Information essential for a Unit to continue business-critical functions, both during and after a disaster or emergency condition. (See also Business and Finance Bulletin, RMP-4.)

Workforce Member: An employee, faculty, staff, volunteer, contractor, researcher, student worker, student supporting/performing research, medical center staff/personnel, clinician, student intern, student volunteer, or person working for UC in any capacity or other augmentation to UC staffing levels. (See also the UC IT Policy Glossary.)

Questions? = itdrhelp@berkeley.edu