What is Isora GRC?

Isora GRC is an information security risk assessment and inventory control application. It can be used to conduct targeted risk assessments to assess compliance with specific laws and regulations such as: GLBA 314.4(b), FERPA, HIPAA, SOX, DFARS and GDPR. It can also be used to conduct organization-wide risk assessments against cyber-security frameworks such as: NIST 800-53, NIST 800-171, NIST CSF, ISO/IEC, ITIL and COBIT.

Who should read this document?

Anyone who wants to use the API to access Isora GRC- this may include both administrators and end-users.

Where can I find information about Isora GRC’s web interface?

End-users of Isora GRC who are required to fill out surveys for assessments (and/or may need to add inventory into Isora GRC) should read the Isora GRC User’s Guide. Administrators should read the Isora GRC Administrator’s Guide.

How to use this Guide

If you are just getting started with the Isora GRC API, start with the overview to learn how the API is used and how to get access to it. Then find the section of the guide that is relevant to the portion of Isora GRC that you need to access with the API.

If you aren’t already familiar with Isora GRC, you should first read the User’s Guide or the Administrator’s guide to get the big picture.

What can the API do?

The API can do everything that the web interface can do. However, realistically there are some things that you probably won’t want to use the API for, such as filling out surveys and creating assessments. The API is most commonly used for automating activities that involve adding or removing large quantities of data from Isora GRC. A later section of this document will look at a use case. This document covers how to use the API to interact with organizational data and inventory.

Next: 2. Overview

Browser not supported