Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The purpose of Isora GRC is to conduct assessments against organizational units, inventory, applications and inventoryvendors.
Before assessments can be performed, you need to put data about your organization and your
inventory into Isora GRC. Then you create lists of questions about the organizational units and lists
of inventory items to be classified. You can pull from existing lists of questions and/or create
your own custom questions. When you create a new assessment, these questions will be
compiled into surveys which are targeted to specific organizational units.


When the assessment is pushed out to the organization, specific people within each
organizational unit will be responsible for answering the questions and marking the survey as
complete. The person who is ultimately responsible for signing off on the survey is called the
organizational unit head. Once all surveys have been marked complete, the entire assessment
is considered to be complete.

...

Over time, you will likely run the same basic assessment assessments on a regular, scheduled basis. Isora GRC’s
report feature allows you to generate simple charts showing trends across multiple
instances of an assessment.

...

In some cases, administrators are not directly responsible for host-level inventory information.
This is particularly likely in large-scale environments. It may be the case that Isora GRC
administrators are directly responsible only for those hosts that are directly used by their
organizational unit; and others within the larger organization are responsible for the majority of
hosts. In that case, an alternative workflow may be used.:


Figure 1-2 Alternative Workflow with Isora GRC

...