Academic Toolbox Renewal Spotlight

When you are thinking of using a new educational technology, do you ask
yourself, ­ “Does the tool (or company behind the tool), protect sensitive
information, such as student data or your intellectual property from being
put at risk and/or being used by others?”

When considering services and solutions for use with your students, it is
essential to understand the risk that such services and solutions may
present. Risk to you and/or the University through the use of information
services can occur for many reasons, including ­ threats to private or personally
identifiable and other sensitive information, or vulnerabilities in the
software, hardware, out-sourced or built-to-order components.

If you and your students need to log into the tool to use it, or if you
plan to upload content (or have your students upload content), it’s good
practice to use the Information Risk and Risk Management (IRRM) audit
processes to assess the viability of the solution before you use it. The
IRRM covers standards related to the protection of personally identifiable
information as per the Freedom of Information & Protection of Privacy Act,
information security practice, access control practices, business
continuity planning, capacity and scalability of architecture, and so on.

For more on the Academic Toolbox Renewal Initiative, please visit
http://toolboxrenewal.act.utoronto.ca.