Configuring ZenGRC with Jira Software Server

Overview

The ZenGRC Jira integration allows you to view Jira Software Server information from within ZenGRC. In particular, you can create audits where request details can be updated and tracked in both Jira and ZenGRC. 

Configuring Jira

This documentation is for configuring Jira Software Server projects that are linked to ZenGRC, as well as for setting up the Jira user who is added to the Jira Settings page within ZenGRC.

Creating or Verifying a Jira User

This user must have an API token and use that instead of a password. For more information about tokens, please read the Atlassian Cloud documentation on API tokens.

• From the Atlassian admin console, create a new user or verify the existence of the user that will be used to establish the ZenGRC connection. Be sure to use the API token instead of a password.
• Alternately, if you're using a Lightweight Directory Access Protocol (LDAP), then create the user in that directory and sync it with Jira.

Configuring Permissions

In each of the Jira projects that will be used for ZenGRC, complete the following in the Permissions area:

• Create Issues - Enable this section so the user can create issues within Jira. If not, ZenGRC won't be able to send requests or tasks into the Jira project. 
• Browse Projects - This should be enabled only for the projects that will be used for ZenGRC.
• Create Attachments - This should be enabled in order to attach evidence.
  

Testing the User

• Log into your Jira project as the user just created in the Creating or Verifying a Jira User.
• Review content to double-check what the user can see and do. This is then what ZenGRC will be able to access/see in Jira.

Setting the Connection

To set up the connection in ZenGRC, complete the following steps:

1. Click Settings | Jira Settings in the left-hand navigation.
   
2. The Jira Settings page displays.
   
   
   
   
3. Enter the following information:

   • Jira instance URL - Add the link to your Jira instance.
     
     

     TIP

     The URL to your Jira application should look similar to this example: https://[your-jira-domain].atlassian.net/. Make sure to include the full address, including the https://.

   • Jira email / username - Add the user email address or username who is set up with access to Jira and ZenGRC. To set this user up in Jira, follow instructions under Configuring Jira.

   • Jira password / API token - Add the API token used to access the Jira instance.
     
     

     NOTE

     The user must have an API token and use that instead of a password. For more information about tokens, please read the Atlassian Cloud documentation on API tokens.

     
     
     
4. Click Next.
5. The Jira Settings page displays. For information on the selection of issues and requests, please read the Atlassian Cloud documentation on Epics, stories, versions, and sprints.
6. After making selections, click Save. You will then have the option to select whether a new audit can be managed in ZenGRC or in Jira.
   
   

Add Linked Issues Field

Connecting Jira Software Server with ZenGRC also requires that the Jira Linked issues field be added to the Jira project. For additional instructions, please view the following video.

To add the Linked issues field to Jira, complete the following steps:

1. Sign in to your Jira instance as an administrator user.
2. Open Jira administration.
   
3. Click Projects.
   
4. Click the project name you want to use for a Jira Audit.
   
5. Click Screens.
   
6. Find the Screen scheme that contains Issue types that you would like to use for you Audits and Requests (e.g. Task/Sub-task or Epic/Story). Click Create issue screen.
   
7. Find Linked Issues field and click Add.
8. Go back to Screens page and repeat the step 7 for Edit issue screen.

9. Verify that Linked Issues field was added to View issue screen (it should be added automatically).