This page lists priority questions for the Information Risk Self-Assessment for the 2020/21 cycle. For 2020/21, units are asked to respond to these questions at a minimum; however, you are welcome to respond to any other questions in the framework as well. Click here for the complete list of questions in the IRSA framework.

Each question in the assessment is scored using a Capability Maturity Model. Click here for descriptions of the CMM Scores.

Click on a question to view further guidance, existing U of T resources and mapping to U of T Security Controls. Mapping to other common controls frameworks is also provided.