Yes you are right,
ISE sends typical radius messages to the edge switches or WLCs,
The NADs will use the loopback interface to send radius messages, and you will see these entries normally in the ISE.
No other considerations.
You need to be familier with trustsec and SGTs to apply policies that are not a must.
You can start with simple authorization profiles without using the tustsec.