| Term | Definition / Usage |
|---|---|
| Acknowledgment | Process of signing off a survey or part of a survey. |
| Application / App | An object stored in application inventory and belonging to exactly one unit; usually these refer to software applications or some combination of hardware/software, may consist of multiple products working together as a system; may refer to an internally developed product. Can be assessed as an individual target. |
| Assessment | Process of asking questions about a specific target or set of targets; exists within a series, consists of one or more surveys and potentially may include data enrichment as part of the survey(s). |
| Assessment Series | Organizational bucket containing assessments with the same target type (methodology), usually done for the same purpose and often on the same target(s) repeatedly. |
| Asset Enrichment | This is part of a survey where attributes about a certain target are gathered. Currently there are two supported types of data enrichment- 1) asset enrichment (host categorization) as part of a unit survey; this is the part of the survey where assets are classified based on the type of data they contain; and 2) application enrichment as part of an application survey. When the attributes are gathered they have two impacts- 1) the answer is part of the survey results; 2) the attributes on the underlying object are updated to reflect any changes made. |
| Deployment- Application | An association between an application in inventory with an asset (host) also in inventory. |
| Deployment- Third-Party Vendor Product | An association between a third-party vendor product in inventory with a unit; has data classification associated with it. |
| Asset / Host | An object stored in asset (host) inventory on a sheet which is owned by exactly one unit; typically these are IP-based networked assets. They are classified based on the type of data they contain and can be assessed via “asset enrichment” within a unit survey. |
| Host Categorization | Old UI terminology- the part of an organizational survey where host assets are classified based on the type of data they contain. |
| Inventory | Objects managed within Isora GRC; have three distinct types- Asset (Hosts), Applications (Apps) and Third-Party Vendor Products. |
| Location | A location is an object representing a specific physical place where an asset may reside. Locations must be fully qualified, consisting of a site, building, floor and room. Only superusers can create and edit locations. |
| Unit (formerly Organizational Unit, Org Unit or OU) | Basic entity of ownership or designation; usually these represent groups of people or departments but it could represent anything you care about assessing. Roles (permissions) are on a per-unit basis. |
| Role | A method for assigning capabilities or permissions pertaining to a particular unit. |
| Survey | The most basic part of an assessment; a list of questions targeting one specific object. |
| Target | The entity being assessed / questioned by a survey. |
| Questionnaire (Unit Questions) | The part of an unit survey with questions targeting the unit itself. |
| Third-Party Vendor Product | A type of inventory used to represent 3rd-party products. Unlike other inventory types, no one specifically “owns” vendor products. |
Glossary of Terms
2 min read
Related articles
Did this answer your question?