Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
🎓

Purpose

If you don’t report a security incident as soon as it is identified, you will delay receiving the help required to reduce the impact to your work and prevent loss of data.

Expand
titleRead more

"Security incidents can be suspected, attempted, successful, or an imminent threat of disruption to or unauthorized access, use, disclosure, modification or destruction of university digital assets and/or data." (https://security.utoronto.ca/report-an-incident-or-event/


👥

Audience

Status
titlefaculty
Status
colourBlue
titleresearchers
Status
colourRed
titleAdmin staff
Status
colourPurple
titleIT staff
Status
colourGreen
titlestudents

(question) Initial considerations


On this page

Expand
titleExpand to view table of contents.
Table of Contents
minLevel1
maxLevel4
outlinefalse
styledefault
excludePurpose|Audience|On this page|Search|Additional help|Related articles
typelist
printablefalse

Initial considerations

Info

Security incidents can be suspected, attempted, successful, or an imminent threat of disruption to or unauthorized access, use, disclosure, modification or destruction of university digital assets and/or data.

Consult your incident response plan.

  • Your divisional or departmental incident response plan should information you of (1) the incident response process and (2) how to escalate incidents to their academic, administrative, or technical leadership teams.

Determine the severity of the security incident.

 What \uD83D\uDCD8

High

  • “Significant fines, penalties, regulatory action, civil or criminal violations could result from disclosure. It could also cause significant harm to Institutional Information, major impairment to the Location’s overall operation, or the impairment of essential service(s).”

Medium

  • “Unauthorized use, access, disclosure, acquisition, modification, loss, or deletion could: (a) result in moderate damage to U of T, its students, employees, community or reputation; (b) result in moderate financial loss; or (c) require legal action.”

Low

  • “Unauthorized use, access, disclosure, acquisition, modification, loss or deletion could result in minor damage, small financial loss or affect the privacy of an individual or small group.”


What can I do?

(error) For medium or high severity incidents.

(warning) For low severity incidents or if you are unsure of the severity.


Page Properties
hiddentrue

Name

Role

Date

Michael Laurentius

Author

Sue McGlashan

Approver (Manager)

Reviewer

Live Search
spaceKeyISH
sizelarge
additionalpage excerpt
placeholderHow do I...
typepage
labelskb-how-to-article,kb-general-concepts,kb-spec-how-to-article


✉️Additional help

Expandtitle

General

https://security.utoronto.ca/report-an-incident-or-event/

expand

title

Researchers

https://security.utoronto.ca/services/research-information-security-program/


Filter by label (Content by label)
showLabelsfalse
max10
showSpacefalse
excerptTypesimple
cqllabel in ( "travel" , "incident" ) and title !~ "Report a security event or incident"