The Information Security Council (ISC) provides broad consultation in planning and decision-making processes as it relates to information security at the University of Toronto.

Established by the Policy on Information Security and the Protection of Digital Assets and the recommendations from the Working Group on the Implementation of Information Risk Management Practice, the ISC:

• Assists in the review of envisioned and unanticipated risks to the University’s digital assets
• Collaborates with the CISO to initiate major information security initiatives
• Educates the University community on digital security best practices
• Develops and recommends procedures, standards and guidelines for the protection of the University’s digital assets
• Ensures every academic and non-academic unit is appropriately covered by an information risk management plan

ISC membership is a minimum of 51% voting faculty and includes at least one voting seat for undergraduate and graduate student representatives.

The ISC working groups, comprised of on-the-ground experts from across the University, focus on the following areas:

• Incident response planning
• Procedures, guidelines, best practices and standards
• Education and awareness
• Information risk, compliance, metrics and reporting
• Research