FAQ: What is Host Categorization?

Host categorization is the part of an organizational assessment process wherein host assets are classified based on the types of data they contain or have access to.

Before host categorization, we are aware of host assets but we don’t know anything about them. Afterwards, we can identify which hosts expose the most risk and which org units own them.

Host assets reside in Isora GRC’s inventory on sheets, where the sheet belongs to exactly one organizational (org) unit. When a superuser creates an organizational assessment, by default all hosts on sheets belonging to targeted org units will be pulled into the host categorization part of the assessment. If additional hosts are added to those sheets while the assessment is ongoing, they can also be included.

Isora GRC has default data classification labels. Normally, these labels are customized for your instance of Isora GRC based on your own data classification policy.

Data Categories

In addition to assigning a host asset to an overall data classification, you can also specify data categories to that host to explain why the host fits a certain category.

Host xyz is classified as Confidential because it contains Private Health Info.


See also: https://saltycloud.atlassian.net/wiki/spaces/TES/pages/1275462273 https://saltycloud.atlassian.net/wiki/spaces/TES/pages/1275462005