ARIS Risk & Compliance Manager

Transparent issue management

Create issues for identified problems and weaknesses in the ICS so that improvements can be initiated. Communicate and resolve problem situations promptly. Action tracking with ARIS Risk & Compliance Manager ensures that every defined activity is followed through. Every issue is documented from creation to completion.

Incident & loss management

Document incidents and resulting loss or damage. Use the incident and loss management workflow with clearly assigned roles and automated e-mail notification. Create the relevant values, process and analyze them. You can categorize issues according to specific criteria from Basel II or Solvency II requirements. Use the gathered loss values to improve your risk management and future risk assessments.

Process risk simulation

Simulate risk events along the defined business process chains. Analysis of dependencies between business processes, risks and controls are supported. You can use various statistical methods for defining risk probabilities and damage distribution, as well as control effectiveness. This functionality is provided with ARIS Business Simulator.

Learn more in this fact sheet.

Proactive risk management

Identify, document and analyze operational risks, such as financial or security risks. You can evaluate risks according to financial impact or probability using the risk assessment workflow with clearly assigned roles and automatic e-mail notification. Initiate measures to manage risks or to reduce their consequences should they occur. Monitor your risks running qualitative or quantitative risk analyses. Take action to resolve the issues using the issue management workflow.

Easy link to ARIS MashZone

Create customized management dashboards. Using ARIS MashZone, you can create mashups or dashboards for evaluating internal and external data. Mashups can be shared and jointly developed within the company.

ARIS Risk & Compliance Manager provides a direct interface to ARIS MashZone, which can access data in ARIS Risk & Compliance Manager and create a range of evaluations.

See a sample GRC dashboard in ARIS MashZone

Efficient internal control system

Test the implemented controls of your ICS regularly for effectiveness using an automated testing workflow with clearly assigned roles. Whenever the software detects a test wasn’t conducted as scheduled or controls are ineffective, it triggers a process to alert the responsible parties to take action. Use the issue management workflow to initiate improvements.

Audit management

Manage all audit-related tasks in an integrated end-to-end process-driven approach. Support your internal auditors in handling work papers and scheduling audit-related tasks, time management and reporting throughout the four audit phases: planning, preparation, execution and reporting.

To assure consistent information throughout the enterprise, content information relevant to audits, such as policies, control test evidences, incident reports as well as previous audit findings, are all managed within ARIS Risk & Compliance Manager. This saves expensive audit time.

Flexible survey management

Use surveys to help audit suppliers, analyze business impact and more. Complete surveys online or offline. You can use the survey management workflow with clearly defined roles—for example, survey managers and interviewees—as well as automated e-mail notification. ARIS Risk & Compliance Manager offers various question-and-answer combinations, predefined scores, as well as periodic and one-time surveys.

Policy management

These days, publishing corporate guidelines isn’t enough. That’s why the software includes a policy management workflow that can be adapted to your company’s requirements. Use this feature to get confirmation from the appropriate people that policies have been applied. This functionality is fully integrated in ARIS Risk & Compliance Manager.