Archives

Tabletops as a Service (ImmersiveLabs)

"" Overview and Key Features:

We provide a tool for incident response training to help you prepare your staff for various information-security incidents. The Immersive Labs Crisis Sim platform is designed to enhance your team’s strategic decision-making skills in different types of security incidents.

""  Getting Started:

Facilitators should request access in ESC.

Participants don’t need to register. You’ll receive a link when you’re invited to an exercise.

Usage Guide.

""   Get Help:

Vendor support: Immersive Labs help center (logged-in users only)

Internal support: Email security@utoronto.ca to create an ESC ticket.

Risk Guidance and General Inquiries

"" Overview and Key Features:

The Information Risk team is available to provide guidance and answer general inquiries about information security risk management. This service can help to enable units and divisions to manage their exposure to risks and make risk-informed decisions.

""  Getting Started:

To access this service, please submit a ESC ticket.

""   Get Help:

All questions about risk are welcome. If you have a question or you’re unsure whether something is an information security risk, please reach out to Kanupriya Kejriwal, Manager, Risk Management at kanupriya.kejriwal@utoronto.ca.

Privacy Impact Assessment

Product overview - Free business icons Overview and Key Features:

The Privacy Impact Assessment (PIA) service allows users of information technology to assess the impacts and risks related to the use of personal information for staff, faculty and students. PIAs are done as part of vendor and application reviews to identify privacy and compliance risks. However, it is recommended that any changes to data flows to existing processes also undergo PIAs to avoid non-compliance with FIPPA requirements.

 

Help - Free computer icons   Getting Started:

   

Question mark - Free communications iconsGet Help:

Privacy policy guidance

Freedom of Information and Protection of Privacy (FIPP) Office

Contact the Security team with questions at security@utoronto.ca

Information Risk Assessment

   ""   Overview and Key Features:

The information risk assessment is a systematic evaluation process designed to identify, analyze and manage potential risks associated with projects and vendors (applications, hardware, service providers or any other vendors where data collection, storage or transfer may be involved). Regular risk assessments allow organizations to stay ahead of potential vulnerabilities, ensuring that the mitigation, avoidance, acceptance or transfer of identified risks remains effective over time.

This assessment is a proactive measure to enhance information security practices and maintain a resilient and secure environment at U of T. It is a valuable tool for those involved in projects and vendor relationships, such as project teams, departments and vendors engaged with the University, and it promotes a culture of risk-aware decision-making and continuous improvement.

 

Help - Free computer icons   Getting Started:

  

""   Get Help:

Explore the handbook to get actionable steps and helpful information for your cyber security questions and requirements. This handbook is a trusted resource created by the Information Security team for the U of T community.