OneTrust - How to request permission changes for SecureBox

OneTrust is a Software-as-a-Service tool used by the Cyber Risk Management & Compliance team within the Office of Cybersecurity to conduct risk assessments, track and mitigate risks, and report on risk levels across UW-Madison. It is used to process requests for permission changes to SecureBox folders.

To access OneTrust, review the OneTrust - How to access OneTrust KB document.

  1. Log into OneTrust.
  2. Launch a Secure Storage Review request.
  3. Review the Welcome section for details and requirements for submitting the form.
  4. Complete "Prereqs" section.
    1. Select "Update Access to Existing Secure Box Folder":
      1. New Storage Request
    2. You must already have Endpoint Hostnames available to submit the request.
      1. This is the name of the workstation inventoried by the IT department that provisioned and supports the endpoint.
  5. Add Project Details including the name of the Secure Box folder.
    1. Type in the name of the Box folder exactly as it is listed in Box as the project name:
      1. Folder Name
    2. If not already in the list, start typing to add the Secure Box folder name (Project Name).
  6. Complete the remaining required fields.
    1. You must provide all Endpoint Hostnames.
    2. Provide names and access for Internal or External Collaborators that are being added and removed.
  7. Click "Submit" to send the request to the Cyber Risk Management & Compliance team.
    1. Submit Button

Use these links for common tasks within OneTrust:

  • Cybersecurity Risk Assessment Request 
    • Request form to be used when purchasing software, requesting a department assessment, needing a HIPAA Joint Security & Privacy Review, or making any other request of the Risk & Compliance Team.
  • Secure Storage Review
    • Request form to be used to request a Cybersecurity review of a SecureBox or RestrictedDrive request.
  • International Telecommuting Review 
    • Questionnaire for submitting a International Telecommuting Request to the Risk & Compliance team to determine the risk level associated with the request.
  • Endpoint Security Checklist 
    • Checklist to provide details about endpoints connecting to "SecureStorage" such as SecureBox, RestrictedDrive, etc.

If you have questions about OneTrust, please contact the Cyber Risk Management & Compliance team within the Office of Cybersecurity at

Keywords:OneTrust, Cybersecurity, Governance, Risk, Compliance, GRC, JSPR, SecureBox   Doc ID:109102
Owner:Peter V.Group:Office of Cybersecurity
Created:2021-02-17 09:50 CDTUpdated:2021-05-03 10:10 CDT
Sites:Office of Cybersecurity
Feedback:  0   0