Organizational Structure in Isora GRC

The Organizational Unit (OU) is a fundamental object in Isora GRC. It’s used to represent a department or other organizational entity within the larger structure of your organization. OUs provide a way for you to divide a larger organizational assessment into smaller parts handled by individuals that are familiar with the specifics of their part of the organization. In a small-scale company or environment where Isora GRC Admins are directly responsible for IT resources and assessments, you may find it unnecessary to use a large number of OUs. Surveys and inventory must be associated with OUs, though, so you need at least one.

Isora GRC was originally designed to support a large university with a heavily federated system of controls. In such an environment, you may have a complicated hierarchical structure with many OUs, some of which have other OUs nested beneath them. An OU can include both people and other OUs.

Every single person and department in your organization does not need to be represented in Isora GRC. Only those people who need to use the Isora GRC application should be represented. This typically includes anyone who is responsible for inventory, department heads or managers, and people involved with auditing.