Information Risk Management Program Services provide consultation services that assist clients in the University of Toronto community to develop their capacity for managing information risk specific to their needs and position. Whether the scope is a specific project, application, unit or division or attaining compliance with the U of T Policy on the Protection of Digital Assets, we can help you get where you need to be.
Depending on the full scope of your need, we offer three main services:
A per-project assessment of risk based on data, roles, processes, systems, connections, constraints, and sensitivity.
A division-wide assessment of the current as-is state of information risk to your Division’s business (academic/administrative) based on data, roles, processes, systems, connections, constraints, and sensitivity.
This provides a context-specific consultation service to divisions or units to facilitate the operationalization of an Information Risk Management Program, as required per the Policy on the Portection of Digital Assets.