How to Add People and Define Their Roles in Isora GRC

As a superuser, you can add people into Isora GRC using the Settings page. Assessment Managers can also assign existing users roles within their own OUs.

On the Settings page under Organization click the “People” link. Then click the + sign to create a new user.
Fill in the fields with details about the new user.

The username field should be required. Leave the password blank if you want to use LDAP for authentication. If you specify a password, then the local password will be used for authentication purposes, but if possible, LDAP will still be used for authorization. In a non-LDAP environment, you will need to specify a password, or the user won't be able to log in.

If any user needs to have administrative privileges, you can click the “superuser” checkbox when you add the user. You can also add this capability later. Do not give superuser authority to anyone other than Isora GRC administrators, since superusers have unrestricted privileges.

The "service account" checkbox should be used if a non-person entity needs to access Isora GRC. No authorization is used with service accounts, and although they could be authenticated through LDAP or local password, service accounts should normally access Isora GRC through the API.
Use the bottom half of the Add User dialog to optionally assign permissions. Use permissions to assign roles within specific organizational unit(s) to the user. Click the Save button when finished.

See also: https://saltycloud.atlassian.net/wiki/spaces/TES/pages/1275462779 .
You can also use the upload button to upload details about multiple users at once using a CSV file. Each line of the file should consist of a username, first name, last name, and email address.

In a large institution, you may not be aware of all the people in the organization who will at some point need to use Isora GRC. As authorized users fill out surveys to complete assessments, they can delegate questions or hosts to other people. When doing so, they can specify people who aren’t yet defined in Isora GRC, and this is another way that people can get added into Isora GRC. This method only works if you’re using LDAP integration.