After logging into ISORAIsora GRC, the first step as an administrator is to import data into ISORAIsora GRC. This usually includes data about people and data about machines (inventory).
A single initial administrative user is set up for you by SaltyCloud. You then add data about additional users and organizational units. In a typical environment, users are authenticated to ISORA Isora GRC via LDAP or Active Directory. Credentials and LDAP schema must be provided to SaltyCloud and will be integrated as part of provisioning. Currently there is no way to manually add information later about your authentication server.
If you’re not using LDAP or AD, then local authentication can be used. In that case, users along with their passwords are stored locally in ISORAIsora GRC.
You will also need to define your organizational hierarchy to ISORAIsora GRC- in other words, add organizational units and tell ISORA Isora GRC which people belong to them.
Then, you import the inventory. Inventory is not necessarily required to use ISORAIsora GRC. For instance, you might be doing an assessment of applications which doesn’t require any inventory. However, it is often the case that assessments are linked to particular machines, which are in turn owned by organizational units. You may import inventory yourself as an administrator, or you may allow ISORA Isora GRC users to import data about inventory into ISORAIsora GRC.
Once your critical data is in place, you can start building lists of questions based on the type of assessment you want to do.
All of the steps required to do the initial setup of ISORA Isora GRC are outlined in the rest of this section.
...