Securely enable world-class teaching, learning and research

The information security framework provides a baseline developed by the community, for the community in consultation with subject matter experts to:

  1. Enable the mission of the University.
  2. Increase trust and reduce risk.
  3. Address regulatory and legal requirements the University must meet.

Learn more about the components that frame information security practices and support informed decision making at U of T below.

Icon showing information security: two hands cradling a green shield with a white checkmark.

Information security guidelines

Guidelines are best practices and approaches to protect digital assets based on U of T’s information security standards. They provide guidance to the U of T community on implementing practices that mitigate security risks.

  • Guidelines on using AI responsibly

    As artificial intelligence becomes a crucial part of various systems, it’s important to exercise caution when working with AI systems to ensure data privacy and security.

  • Privacy and security for mobile apps

    Guidelines for the U of T community to understand, watch out for and mitigate security risks on apps and social media.

  • Operational technology security guidelines

    Unauthorized changes to operational technology (OT) controls could have serious negative effects for U of T. These guidelines outline controls applicable to OT systems and provide guidance on securing OT at U of T.

  • Vulnerability management guidelines

    Vulnerability management is a process by which identified vulnerabilities are tracked, evaluated, prioritized and managed until the vulnerabilities are remediated or otherwise appropriately resolved.