• About
  • Meet the team
  • Strategy
• Governance
  • Policies
    • Appropriate use of information and communication technology
    • FIPP Office policies and procedures
    • Policy on Information Security and the Protection of Digital Assets
    • Policy on Information Technology
  • Standards
    • Data Classification Standard
    • Digital Asset Classification Standard
    • Information Security Control Standard
    • Information Security Incident Response Plan
  • Guidelines
    • Guidelines on using AI responsibly
    • Guidelines on privacy and security for mobile apps
    • Insider threat guidelines
    • Operational technology security guidelines
    • Vulnerability management guidelines
  • Procedures
    • Procedure for ransomware decision
• Resources
  • Student resources
  • Staff resources
  • Faculty resources
• News & updates
  • News & updates
  • Best practices & tips
  • Phish Bowl
  • Advisories
• Services
  • Access group management (UTORGrouper)
  • Advanced endpoint protection
  • Enterprise Active Directory (EDA)
  • Forensic services
  • General-purpose password manager
  • Incident response
  • Information risk assessment
  • Institutional identity services (UTORauth)
  • Multi-factor authentication (UTORMFA)
  • Preferred name (display first name)
  • Privacy impact assessment
  • Research cyber security consultation
  • Risk guidance and general inquiries
  • Security Awareness and Training (SAT)
  • Tabletops as a service
  • TLS certificates
  • User identification (UTORid)
  • VPN and secure remote access
  • Vulnerability Management Service (VMS)
  • Weblogin
• Programs
  • Security Awareness and Training Program (SATP)
  • Endpoint Protection Program (EPP)
  • Information Risk Management Program (IRMP)
  • Research Information Security Program (RISP)
• Report an incident
• Accessibility
• Privacy
• Enterprise Service Centre (ESC)
• Information Security resource hub
• Directory