The information security council (ISC) is established in order to ensure broad consultation in planning and decision-making processes. The ISC will: assist in the review of envisioned and unanticipated risks to the university’s digital assets; ensure a robust and practiced process exists around incidence response; collaborate with the president or designate to initiate information security initiatives; ensure education of the university community on digital security best practices; oversee the development, recommendation and review of procedures, standards and guidelines for the protection of the university’s digital assets and ensure timely and accurate reporting on information security risks to the appropriate governing groups including the senior executive and the audit committee of governing council. The council will focus on transparency, awareness and educating the community as much as possible. Working groups will strive to run ideas by the community and solicit feedback.
The ISC is a committee established by the president or designate (VPUO), and will be co-chaired by a senior faculty member and the chief information security officer.
Members have been drawn from a list of nominations made in 2017. The working groups are augmented with subject matter expertise, specific to each working group.
The ISC will report regularly, through the VPUO, to the audit committee of the governing council and to senior decision making groups. In addition, materials related to the work of the ISC will be made accessible to the community, as appropriate. The CISO and CIO will also act as a conduit to the campus information technology council (if this were established), ensuring alignment and resourcing.
The ISC is expected to create standing and ad hoc sub-committees and or working groups on an as-needed basis.
The ISC will meet at least once in each of the fall, winter and spring terms and as necessary at the direction for the chairs. This will be reviewed on a yearly basis.
Terms for members is generally two years, with eligibility for renewal. Flexibility for leaves will be accommodated in an ad hoc fashion.
|Ron Deibert||Co-Chair||Political Science||Faculty|
|Sam Chan||Member||Medicine – IT Director||Staff|
|Deepa Kundur||Member||Engineering Science||Faculty|
|Zoran Piljevic||Member||UTSC – IT Director||Staff|
|Rafael Eskenazi||Member||Privacy Office||Staff|
|C. J. Woodford||Member||Physics||Grad Student|