OneTrust - How to request permission changes for SecureBox

OneTrust is a Software-as-a-Service tool used by the Cyber Risk Management & Compliance team within the Office of Cybersecurity to conduct risk assessments, track and mitigate risks, and report on risk levels across UW-Madison. It is used to process requests for permission changes to SecureBox folders.

To access OneTrust, review the OneTrust - How to access OneTrust KB document.

  1. Log into OneTrust.
  2. Launch a Secure Storage Review request.
  3. Review the Welcome section for details and requirements for submitting the form.
  4. Complete "Prereqs" section.
    1. Select "Update Access to Existing Secure Box Folder":
      1. New Storage Request
    2. You must already have Endpoint Hostnames available to submit the request.
      1. This is the name of the workstation inventoried by the IT department that provisioned and supports the endpoint.
  5. Add Project Details including the name of the Secure Box folder.
    1. Type in the name of the Box folder exactly as it is listed in Box as the project name:
      1. Folder Name
    2. If not already in the list, start typing to add the Secure Box folder name (Project Name).
  6. Complete the remaining required fields.
    1. You must provide all Endpoint Hostnames.
    2. Provide names and access for Internal or External Collaborators that are being added and removed.
  7. Click "Submit" to send the request to the Cyber Risk Management & Compliance team.
    1. Submit Button

Use these links for common tasks within OneTrust:

  • Cybersecurity Risk Assessment Request 
    • Request form to be used when purchasing software, requesting a department assessment, needing a HIPAA Joint Security & Privacy Review, or making any other request of the Risk & Compliance Team.
  • Secure Storage Request
    • Request form to be used to request a Cybersecurity review of a SecureBox or RestrictedDrive request.
  • Remote Work Review 
    • Questionnaire for submitting a International Telecommuting Request to the Risk & Compliance team to determine the risk level associated with the request.


If you have questions about OneTrust, please contact the Cyber Risk Management & Compliance team within the Office of Cybersecurity at rmc-team@office365.wisc.edu.