Need to request a risk assessment? — Reach out to Risk Team at uoft.me/riskassessment.
Overview
The information risk team provides guidance on information security risk management and privacy assessments to various units and divisions to enable them to manage information security risk exposure. This helps senior management to make risk-informed decisions. We also conduct risk assessments for IT systems (software, platforms, applications, webpages and services) that are implemented at the University.
Services
Project / vendor information risk management assessment
A project/vendor risk assessment based on data, roles, processes, systems, connections, constraints and sensitivity helps to identify and treat risks early. This also includes assessing the vendors involved to identify and treat supply chain related risks to minimize impacts on the project.
Featured project
Information Security Risk Management Program (IRMP)
The IRMP is a set of processes and procedures, designed to establish a structured approach for identifying, assessing, prioritizing and managing risks that could impact the mission and objectives of your unit.
The IRMP allows a dynamic and flexible approach to manage security and privacy risks continuously and to address changes within your unit.
Contact
Rishi Arora
Risk Program Coordinator
rishi.arora@utoronto.ca
Jesse Beard
Security & Threat Analyst
jesse.beard@utoronto.ca
Areg Harutyunyan
Security & Threat Analyst
areg.harutyunyan@utoronto.ca
Ashley Langille
Privacy Analyst
ashley.langille@utoronto.ca
Kanupriya Kejriwal
Manager, Information Security Risk Management
kanupriya.kejriwal@utoronto.ca