Information Technology Services (ITS)

Information Security Council: Goals and objectives

Published on: April 20, 2020

The Information Security Council (ISC) exists to ensure broad consultation in planning and decision-making processes as it relates to information security. Officially formed in February 2018, its creation stems from the Policy on Information Security and the Protection of Digital Assets and the recommendations from the Working Group on the Implementation of Information Risk Management Practice.

The ISC has many objectives, some of which include:

  • Ensure every academic and non-academic unit is appropriately covered by an information risk management plan.
  • Collaborate with the CISO to initiate information security initiatives and educate the university community on digital security best practices.
  • Oversee the development, recommendation and review of procedures, standards and guidelines for the protection of the university’s digital assets.

ISC Structure

ISC Co-Chairs

  • Chief Information Security Officer Isaac Straley
  • Director of the Citizen Lab at Munk School of Global Affairs and Professor Ronald Deibert

ISC Working Groups

The ISC working groups, comprised of on-the-ground experts from across the university, focus on the following areas:

  • Incident response planning
  • Procedures, guidelines, best practices and standards
  • Education and awareness
  • Information risk, compliance, metrics and reporting
  • Research

“The ISC provides an opportunity for representatives from our tri-campus community to collaborate and provide expertise, as we work toward a common goal,” said Isaac Straley, chief information security officer. “With the help of all the committee members in these working groups, our decision-making process and solutions are continually elevated.”

For more information, visit