Item - 2023.AU3.3

Tracking Status

  • City Council adopted this item on December 13, 2023 without amendments and without debate.
  • This item was considered by Audit Committee on December 1, 2023 and was adopted with amendments. It will be considered by City Council on December 13, 2023.

AU3.3 - Toronto Transit Commission Cybersecurity Audit - Phase Two: Overall Network Security and Cybersecurity Assessment of Select Critical Systems

Decision Type:
ACTION
Status:
Adopted on Consent

City Council Decision

City Council on December 13, 14, and 15, 2023, adopted the following:

 

1. City Council authorize the public release of Confidential Attachment 1 to the report (November 6, 2023) from the Auditor General at the discretion of the Auditor General, after discussions with the appropriate Toronto Transit Commission and City Officials.  

 

2. City Council direct the City Clerk to provide a copy of the report (November 6, 2023) from the Auditor General and confidential attachment to the City's Chief Information Security Officer.

 

Confidential Attachment 1 to the report (November 6, 2023) from the Auditor General remains confidential at this time in accordance with the provisions of the City of Toronto Act, 2006, as it pertains to the security of property of the City of Toronto. Confidential Attachment 1 to the report (November 6, 2023) from the Auditor General will be made public at the discretion of the Auditor General, after discussions with the appropriate Toronto Transit Commission and City Officials.

City Council Decision Advice and Other Information

City Council considered the following Items together:

 

AU3.3 headed “Toronto Transit Commission Cybersecurity Audit - Phase Two: Overall Network Security and Cybersecurity Assessment of Select Critical Systems”; and

 

AU3.5 headed “Update to Winter Maintenance Program Follow-Up: Change in Contract Terms”.

Confidential Attachment - Confidential Attachment 1 involves the security of the property of the City of Toronto or one of its agencies and corporations.

Background Information (Committee)

(November 23, 2023) Letter from the Toronto Transit Commission Board on Toronto Transit Commission Cybersecurity Audit - Phase Two: Overall Network Security and Cybersecurity Assessment of Select Critical Systems
https://www.toronto.ca/legdocs/mmis/2023/au/bgrd/backgroundfile-241124.pdf
Attachment 1 - Report (November 6, 2023) from the Auditor General on Toronto Transit Commission Cybersecurity Audit - Phase Two: Overall Network Security and Cybersecurity Assessment of Select Critical Systems
https://www.toronto.ca/legdocs/mmis/2023/au/bgrd/backgroundfile-241130.pdf
Confidential Attachment 1 to the report (November 6, 2023) from the Auditor General

AU3.3 - Toronto Transit Commission Cybersecurity Audit - Phase Two: Overall Network Security and Cybersecurity Assessment of Select Critical Systems

Decision Type:
ACTION
Status:
Amended

Confidential Attachment - Confidential Attachment 1 involves the security of the property of the City of Toronto or one of its agencies and corporations.

Committee Recommendations

The Audit Committee recommends that:

 

1. City Council authorize the public release of Confidential Attachment 1 to the report (November 6, 2023) from the Auditor General at the discretion of the Auditor General, after discussions with the appropriate Toronto Transit Commission and City Officials.  

 

2. City Council direct the City Clerk to provide a copy of the report and confidential attachment to the City's Chief Information Security Officer.

Origin

(November 23, 2023) Letter from the Toronto Transit Commission Board

Summary

At its meeting on November 22, 2023 the Toronto Transit Commission Board considered the report titled "Toronto Transit Commission Cybersecurity Audit - Phase Two: Overall Network Security and Cybersecurity Assessment of Select Critical Systems" and has forwarded the report to City Council through the Audit Committee.

Background Information

(November 23, 2023) Letter from the Toronto Transit Commission Board on Toronto Transit Commission Cybersecurity Audit - Phase Two: Overall Network Security and Cybersecurity Assessment of Select Critical Systems
https://www.toronto.ca/legdocs/mmis/2023/au/bgrd/backgroundfile-241124.pdf
Attachment 1 - Report (November 6, 2023) from the Auditor General on Toronto Transit Commission Cybersecurity Audit - Phase Two: Overall Network Security and Cybersecurity Assessment of Select Critical Systems
https://www.toronto.ca/legdocs/mmis/2023/au/bgrd/backgroundfile-241130.pdf
Confidential Attachment 1 to the report (November 6, 2023) from the Auditor General

Motions

1 - Motion to Amend Item moved by Councillor Frances Nunziata (Carried)

That the Audit Committee recommends that:

 

1. City Council authorize the public release of Confidential Attachment 1 to the report (November 6, 2023) from the Auditor General at the discretion of the Auditor General, after discussions with the appropriate Toronto Transit Commission and City Officials.  


2 - Motion to Reconsider Item moved by Councillor Stephen Holyday (Carried)

That in accordance with the provisions of Chapter 27, Council Procedures, the Audit Committee reconsider Item AU3.3.


3 - Motion to Amend Item (Additional) moved by Councillor Stephen Holyday (Carried)

That:

 

1. City Council direct the City Clerk to provide a copy of the report and confidential attachment to the City's Chief Information Security Officer.


Motion to Adopt Item as Amended moved by Councillor Stephen Holyday (Carried)
Source: Toronto City Clerk at www.toronto.ca/council