ISC Incident Response Planning Working Group

The Incident Response Planning Working Group at the University of Toronto helps ensure the institution is prepared for cybersecurity incidents. Working under the Information Security Council (ISC), the group reviews and updates the university’s response plan, aligns it with crisis and continuity strategies, and develops exercises to strengthen readiness. It also promotes security awareness, evaluates risk mitigation options, and provides recommendations to maintain a resilient and secure digital environment.

Terms of reference:

  1. Purpose
  2. Mandate
  3. Process
  4. Timing
  5. Membership

Purpose

The purpose of the working group is to develop a set of recommendations as outlined in our mandate below and bring them forth to the ISC.

Mandate

  1. Review the existing Incident Response Plan on a regular basis.
  2. Review current tools and capabilities – ability to prevent, detect, investigate and respond to an incident.
  3. Engage the Crisis Management team to ensure alignment.
  4. Ensure alignment with Business Continuity, Disaster Recovery and Availability Planning.
  5. Engage with an external consultant to review and provide guidance of our Incident Response Plan.
  6. Ensure there is a section on crisis communications, including review of legal requirements (external consultation).
  7. Evaluate cyber insurance and the alternative for retaining specific skills needed in event of a significant incident.
  8. Develop a program around a table top exercise(s) and walk-through drill/simulation test (external vendor).
  9. Provide input into the information security awareness program.
  10. Conduct post-hoc reviews of measures taken in response to digital emergencies and/or breaches concerning digital assets and their remediation, and based on these, make recommendations for future responses (determine root cause and document lessons learned).

Process

The working group will seek input from key stakeholders and other interested parties (i.e. faculties and divisions, crisis management team, communications team, central and divisional IT units). Its findings will be documented in the form of an interim report and a final report and will be presented to the ISC.

Timing

  1. Initial meetings and consultations: TBD
  2. Interim report submitted to the ISC: TBD
  3. Final report submitted to the ISC: TBD

Membership

Co-chairs

Sotira Chrisanthidis

Divisional IT Director, Information & Instructional Technology, Faculty of Arts & Science

Kalyani Khati
Kalyani Khati

Associate Director, Strategic Initiatives, Information Security, Information Technology Services (ITS)

Members

Anthony Betts

Director, Information & Instructional Technology Services, UTM

Vandana Bhamidi

Senior Auditor, Internal Audit

Michael Chun

Manager, Information Security, Discovery Commons

Suzanne Cuneo

Assistant to the Dean, Residence Administration, Woodsworth College Residence

Humberto Ferreira

Executive Director, Information Management, Division of University Advancement

Patrick Hopewell

Director, Enterprise Information Solutions, ITS

Sarah Lowy

Legal Counsel & Director, Freedom of Information & Protection of Privacy Office

Priya Murugaiah

Senior Manager, Client Services, Faculty of Arts & Science

Amaz Taufique

Director, Enterprise Technology, Cybersecurity & Digital Workplace, University of Toronto Libraries

Andrew Wagg

Manager, Incident Response, Information Security, ITS

William Wong

Procurement Advisor, Client & Vendor Relationship, OREP