2. Initial Setup
After logging into Isora GRC, the first step as an administrator is to import data into Isora GRC. This usually includes data about people and data about machines (inventory).
A single initial administrative user is set up for you by SaltyCloud. You then add data about additional users and organizational units. In a typical environment, users are authenticated to Isora GRC via LDAP or Active Directory. Credentials and LDAP schema must be provided to SaltyCloud and will be integrated as part of provisioning your individual instance of Isora GRC. Currently there is no way to manually add information later about your authentication server; however, you can always integrate LDAP later by working with SaltyCloud’s support team. (Refer back to https://saltycloud.atlassian.net/wiki/spaces/SHD/pages/621805581 for more info on customization.)
If you’re not using LDAP or AD, then local authentication can be used. In that case, users along with their passwords are stored locally in Isora GRC.
You will also need to define your organizational hierarchy to Isora GRC- in other words, add organizational units and tell Isora GRC which people belong to them.
Then, you import the inventory. Inventory is not necessarily required to use Isora GRC. For instance, you might be doing an assessment of applications which doesn’t require any inventory. However, it is often the case that assessments are linked to particular machines, which are in turn owned by organizational units. You may import inventory yourself as an administrator, or you may allow Isora GRC users to import data about inventory into Isora GRC.
Once your critical data is in place, you can start building lists of questions based on the type of assessment you want to do.
All of the steps required to do the initial setup of Isora GRC are outlined in the rest of this section.
If you can't find what you are a looking for and need support, email support@saltycloud.