In a December 12, 2019 letter to the Auditor General, the Toronto Police Services Board requested the Auditor General to conduct a cybersecurity audit. Given the size and importance of Toronto Police Service (TPS) and the sensitivity of the information it retains, the Auditor General prioritized the allocation of resources on the request and agreed to perform a vulnerability assessment and penetration testing of the TPS IT network, systems and applications.
We have completed Phase 1 of this review. The purpose of Phase 1 was to assess TPS’s ability, as a critical City agency, to effectively manage external and internal cybersecurity threats. A Phase 2 review will be conducted in the future to review systems that were excluded from this current review.
The public report with a confidential attachment is tabled at the June 24, 2021 TPS Board meeting. The agenda for the meeting and the report are available at:
The Auditor General has made a recommendation to the Board to forward the report to Council through the Audit Committee.
A decision document will be forwarded to the Audit Committee by the TPS Board.