You are here:

Ensure new software is Monash approved

What to do

If you wish to use new software or hardware at Monash University, you must apply for an Information Security Risk Assessment (ISRA).

How to do it

Complete an ISRA through Monash’s OneTrust portal. For more information and guides to this process, visit the ISRA/PIA assessment intranet page (staff login required).

Why it matters

By ensuring that third-party vendors meet stringent security standards, Monash University can manage the risks associated with external suppliers who have access to our sensitive information or IT infrastructure.

In line with the evolving technology risk landscape, the Cyber Risk and Resilience Team has updated the cyber security assessment (ISRA) workflow in our Monash University OneTrust Portal.
1. Enhanced logic-based workflow, keeping assessment questions and pathways more relevant to your activity/scenario
2. New Assessment types for Hardware deployments and Mobile Application development scenarios
3. Finishing the assessment earlier when minimum cyber security requirements are not met, or no further action is required
4. Revised questions, content and order across all assessments for better flow.
5. Identifying low cyber risk scenarios and applying a lighter touch ISRA process.
6. The ability to handle software licence renewals that require a new ISRA ID.
The process to submit an ISRA/PIA assessment request has not changed, for more information on where and how to submit your assessment request refer to our guide on the intranet.

Cyber Security at Monash University

Cyber Security at Monash University

Ensure new software is Monash approved

What to do

How to do it

Why it matters