How-To: Add People and Define Their Roles

3 min read

As a superuser, you can add people into Isora GRC using the People Inventory page (or Legacy Settings). Assessment Managers can also assign existing users roles within their own unit.

Using the New UI

  1. Go to Inventory → People
  1. To add a new person, click the + button. Type in the desired username and click Create.
  1. In the sidebar that pops up, you can fill in important details, like the first and last name, email address and password (if using local authentication). Click the gear icon to access additional account settings.
  1. Configure account settings as needed to customize this account.
  1. Back on the main sidebar, you can also optionally add roles to this user, to give them capabilities in one or more units. Click the + sign or Assign Role. See also:
  1. Next to the role type you want to define, click the + sign to add one or more units. Then select the unit(s) you want to assign that role in.
  1. You can assign multiple roles in this step. Once you have added all of the roles needed to this person, click Save.
  1. Back on the sidebar, you can see the roles. you added and make additional changes if needed.
  1. If you have a large number of people who you want to add at one time, you can use the Import feature to import a CSV. Note that you can’t use this method to update existing user accounts. If any lines in your CSV include a username that is already assigned, those lines will produce errors.
  1. Use the Download Template link to access the correct CSV template to use for your upload.

💡
Keep in mind, not every person in your entire organization needs to have an account in Isora GRC. You should only create accounts for people who actually need to use the product. If you are integrating with Single Sign-On, make sure to choose a username that matches what the SSO provider uses to identify a person.

Using the Old UI

  1. On the Settings page under Organization click the “People” link. Then click the + sign to create a new user.

  1. Fill in the fields with details about the new user.

    The username field should be required. Leave the password blank unless you are using local authentication (you should not be using local authentication unless you are still very early in the setup process). If any user needs to have administrative privileges, you can click the “superuser” checkbox when you add the user. You can also add this capability later. Do not give superuser authority to anyone other than Isora GRC administrators, since superusers have unrestricted privileges. The "service account" checkbox should be used if a non-person entity needs to access Isora GRC. No authorization is used with service accounts, and although they could be authenticated through LDAP or local password, service accounts should normally access Isora GRC through the API.

  1. Use the bottom half of the Add User dialog to optionally assign permissions. Use permissions to assign roles within specific organizational unit(s) to the user. Click the Save button when finished.

    See also: Reference: Roles and Capabilities .

  1. You can also use the upload button to upload details about multiple users at once using a CSV file. Each line of the file should consist of a username, first name, last name, and email address.

🗒️
In a large institution, you may not be aware of all the people in the organization who will at some point need to use Isora GRC. As authorized users fill out surveys to complete assessments, they can delegate questions or hosts to other people. When doing so, they can specify people who aren’t yet defined in Isora GRC, and this is another way that people can get added into Isora GRC. This method only works if you’re using LDAP integration.

See also:

See also: Reference: Roles and Capabilities

Related articles
Did this answer your question?