The Toronto Police Service (TPS) uses its Information Technology (IT) Infrastructure to help deliver mission critical work to keep the City’s communities safe.
This report is a follow-up to the first TPS cybersecurity assessment completed by the Auditor General in 2021, following a request from the Toronto Police Services Board.
Cybersecurity incidents do not only impact recovery, response, and remediation costs, but also cause significant indirect costs in the form of disrupted operations as well as reputational damage. It is therefore essential that organizations have robust cybersecurity measures in place. Protecting the TPS’s IT infrastructure is important to not only prevent costly outages and breaches, but to maintain public confidence in the organization’s ability to respond to residents’ calls for service and protection.
This public report contains three recommendations. The confidential findings and recommendations to improve TPS cybersecurity are presented separately to this report in Confidential Attachment 1. In addition, a detailed technical report has also been provided to management for expediting actions.
Management agrees with the recommendations contained in the confidential attachment to this report, which also includes management’s response.