Lab Logo
Lawrence Berkeley National Laboratory
Main | Search | Phone | Today | Notice
Office of the Chief Information Officer: Rosio Alvarez, PhD
Home | Policy | Privacy | Assurance | Federal Enterprise Architecture | CPIC | IT Division | Organizations and Committees


Certification and Accreditation Landing Page
Summary, Keywords, Notes   IT Policy: Management of Certification and Accreditation, Enclaves, Corrective Actions, and Federal Compliance

This policy relates to the high level management of cyber security at LBNL. While applicable to all systems, its intended audience is the Enclave Security Managers.


This policy is specific to enclave security management and was promulgated by the CPPM 5/17/2007.






Like EH&S at LBNL, Cyber Security is regulated by the Department of Energy and University of California Policy. This page describes the overarching relationships that define this regulation. It is for information purposes and should generally be outside the view of most users at LBNL - that is, these regulatory issues should appear integrated into the work of individual end users, and not as exogenous regulation.

Certification and Accreditation
LBNL systems operate under an authority to operate which is granted by the Department of Energy. This authority is like a license and the license is granted based on the program in place to protect the security of LBNL computing systems, assurance mechanisms to ensure that they are operating as intended, and an understanding of the risks, both mitigated and residual, that result from the operation of the systems.


The following policies of the Office of the CIO describe how systems are grouped and managed.

Policy on Certification and Accreditation

Policy on Corrective Actions and Plans of Action and Milestones (POAMs)

Guidance on Testing and Managing Disaster Recovery, Contingency Planning, and Business Continuity Planning.


Core 2007 Certification and Accreditation Documentation (Sept 2007-Sept 2010:

2007 Risk Assessment

2007 Common Controls Plan for LBL

2007 Common Controls 800-53 Crosswalk (being reformatted for distribution)

2007 Research and Operational Enclave Plan

2007 ST&E Review of LBL

2007 Cyber Security Assurance Plan


Supporting and Governing Guidance:

NIST 800-37, NIST 800-53

Office of Science SCMS / PCSP






  Home | Policy | Privacy | Assurance | Federal Enterprise Architecture | CPIC | IT Division | Organizations and Committees  
Lab Logo
Lawrence Berkeley National Laboratory
University of California: It Starts Here
This page is and all subsequent pages are covered by the University's Privacy and Security Notice and Policies