Information Risk Management Program Services provide consultation services that assist clients in the University of Toronto community to develop their capacity for managing information risk specific to their needs and position. Whether the scope is a specific project, application, unit or division or attaining compliance with the U of T Policy on the Protection of Digital Assets, we can help you get where you need to be.
We can help you understand, contextualize, prioritize and respond to the issues that keep you up at night.
Depending on the full scope of your need, we offer three main services, as shown in the tabs to the left
Project Information Risk Management Assessment
A per-project assessment of risk based on data, roles, processes, systems, connections, constraints, and sensitivity.
Divisional Risk Analysis (DRA)
A division-wide assessment of the current as-is state of information risk to your Division’s business (academic/administrative) based on data, roles, processes, systems, connections, constraints, and sensitivity.
Divisional Information Risk Management Program Assistance
This provides a context-specific consultation service to divisions or units to facilitate the operationalization of an Information Risk Management Program, as required per the Policy on the Portection of Digital Assets.