Securely enable world-class teaching, learning and research
The information security framework provides a baseline developed by the community, for the community in consultation with subject matter experts to:
- Enable the mission of the University.
- Increase trust and reduce risk.
- Address regulatory and legal requirements the University must meet.
Learn more about the components that frame information security practices and support informed decision making at U of T below.
Information security guidelines
Guidelines are best practices and approaches to protect digital assets based on U of T’s information security standards. They provide guidance to the U of T community on implementing practices that mitigate security risks.
Unauthorized changes to operational technology (OT) controls could have serious negative effects for U of T. These guidelines outline controls applicable to OT systems and provide guidance on securing OT at U of T.
Vulnerability management is a process by which identified vulnerabilities are tracked, evaluated, prioritized and managed until the vulnerabilities are remediated or otherwise appropriately resolved.
As artificial intelligence becomes a crucial part of various systems, it’s important to exercise caution when working with AI systems to ensure data privacy and security.
Guidelines for the U of T community to understand, watch out for and mitigate security risks on apps and social media.
As artificial intelligence becomes a crucial part of various systems, it’s important to exercise caution when working with AI systems to ensure data privacy and security.
Guidelines for the U of T community to understand, watch out for and mitigate security risks on apps and social media.
Unauthorized changes to operational technology (OT) controls could have serious negative effects for U of T. These guidelines outline controls applicable to OT systems and provide guidance on securing OT at U of T.
Vulnerability management is a process by which identified vulnerabilities are tracked, evaluated, prioritized and managed until the vulnerabilities are remediated or otherwise appropriately resolved.