Cyberattacks are widely considered to be one of the most critical operational risks facing organizations. The Auditor General has taken a proactive approach in planning her audits and has included them in her annual work plans.
This Phase 2 report is an extension of our work that was underway when we issued our first report entitled “Auditor General’s Cybersecurity Review: Toronto Fire Services Critical Systems Review” and completes our review of critical systems at Toronto Fire Services (TFS).
At the February 2022 Audit Committee, TFS provided a public report with a confidential attachment on the implementation status of our Phase 1 recommendations. This report contains two administrative recommendations. The findings and recommendations from our Phase 2 review are contained in Confidential Attachment 1.
The Confidential Attachment 1 to this report involves the security of the property of the City of Toronto.