Security standard: Techniques used to protect digital assets and environments.

Overview

Information security standards set the baseline for protecting information and digital assets at U of T. Everyone plays a role in understanding and applying these standards.

Security standard: Techniques used to protect digital assets and environments.
Icon for Digital Asset Classification Standard

Digital Asset Classification Standard

This standard defines classification of digital assets. It establishes an expectation for the University to follow and builds upon the Data Classification Standard.

Icon for Digital Asset Classification Standard
Icon for data classification

Data Classification Standard

Knowing the criticality of your data is the first step towards adequately protecting it. U of T’s data classification groups U of T data into four levels based on its importance, sensitivity and potential for misuse.

Icon for data classification
Icon for Information Security Control Standard

Information Security Control Standard

These are controls for securing U of T information and digital assets based on risk. Everyone at U of T is expected to follow these controls to ensure our data and systems are adequately protected.

Icon for Information Security Control Standard

Information Security Incident Response Plan

The Incident Response Plan provides guidance for managing incident response with the primary objective to contain and mitigate the risks and issues associated with computer security incidents.