What are guidelines?

As per the Policy on Information Security and the Protection of Digital Assets, guidelines are:

Best practises and approaches to protecting Digital Assets. These are not mandated or prescriptive, but are meant to provide guidance to the community for implementing practises that mitigate risks.


Where do I find guidelines?

As University of Toronto guidelines are developed, the pages will be provided to the left.

Some guidelines that have gone through an approval process may be mandated and will be indicated as such in the guideline.

If there is no guideline, the Centre for Internet Security provides over 100 guidelines, called CIS Benchmarks.  These are available for free, from https://learn.cisecurity.org/benchmarks and are a useful source of knowledge while the UofT community develops their own guidelines.

Who will develop guidelines?

UofT has many knowledgeable IT professionals who already use guidelines. The community will work together to better protect our digital assets.

If you have a guideline you would like this page to link to, please visit our Contact page.