The Cyber Cyber Risk and Resilience team cares about security and privacy of yourself and the University. We’re actively protecting your information at all times.
Monash OneTrust – ISRA/PIA request guide
The Cyber Risk and Resilience team and the Data Protection and Privacy Office are using OneTrust, a tool which simplifies the processing for Privacy Impact Assessments (PIA) and Information Security Risk Assessments (ISRA). OneTrust streamlines the PIA and ISRA workflows and will guide your request into the appropriate security and/or privacy assessment pathways.
The University’s Cyber Team and the Data Protection and Privacy Office have worked closely to streamline their processes for conducting ISRAs and PIAs into OneTrust. This tool will assist you to identify information security and data protection and privacy risks for your new or updated activities or services, including where personal, sensitive or health information is being handled. These activities or services may or may not involve an IT solution.
An important part of any project is ensuring that the system is secure before it is launched. This means that the system is assessed for any vulnerabilities that could be exploited and that a plan is put in place to mitigate any risks. Cyber security assessments are important because vulnerabilities can have a significant impact on the University. They can allow attackers to gain access to sensitive information, disrupt operations, or even cause financial loss.
How to log an ISRA/PIA request in Monash OneTrust
To log an assessment request, sign into your Monash – OneTrust portal using your Monash account (single sign-on).
ISRA/PIA assessment search dashboard
Check the status of a submitted assessment
Support and resources
For help with using Monash OneTrust to complete your ISRA/PIA assessments refer to the user guides:
If you need further support contact the team relevant to your assessment area:
- PIA (Privacy Assessments) – Data Protection and Privacy Office: dataprotectionofficer@monash.edu
- ISRA (Security Assessments) – Cyber Risk and Resilience Team: cyberteam-risk-l@monash.edu
Contact the Service Desk to report incidents.
Security incidents include, but are not limited to:
- computer viruses
- apparent hacking of machines(s) for which you are responsible
- your machine(s) being used as a staging point for denial of service attacks
- your machine(s) being subject to denial of service attacks
- offensive or abusive emails.
Cyber safety isn't just about knowing what sorts of risks you may face - it's also about knowing how to avoid them. Learn more at our cyber-safety guide.
Monash values your privacy and is committed to protecting the data we collect about you. Learn more about data protection and privacy.
Help and support
- For further information or to make a general enquiry about cyber risk and resilience at Monash, email us at cyberteam@monash.edu.
- Check the status of an ISRA/PIA assessment request
Policy
Information Technology Policies (security-related policy guidance)