Isora GRC is an information security risk assessment and inventory control application. It can be used to conduct targeted risk assessments to assess compliance with specific laws and regulations such as: GLBA 314.4(b), FERPA, HIPAA, SOX, DFARS and GDPR. It can also be used to conduct organization-wide risk assessments against cyber-security frameworks such as: NIST 800-53, NIST 800-171, NIST CSF, ISO/IEC, ITIL and COBIT.
Anyone responsible for filling out surveys as part of a risk assessment.
Administrators of Isora GRC should read the Isora GRC Administrator’s Guide, in addition to this User’s Guide.
Org Unit Assessments include surveys for each Organizational Unit (OU) included in the assessment.
Application Assessments have just one survey and they are filled out by a member of the OU that owns the application.
After logging in to Isora GRC, you will be presented with a list of assessments for which you have some responsibility. These assessments will be displayed similarly to the one shown below.
The number of hosts and unit questions completed is listed here so that you can quickly see how far along an assessment is. The status (e.g. “in progress”) of each step is listed here as well.
Or you may want to look at: Process for completing app assessments
|