Jump to Page Content

The Workflow-Based Test Environment of ARIS Solution for Governance, Risk & Compliance Management

Organizations need to ensure — and be able to demonstrate — that their workflows meet a wide range of legal requirements and standards. ARIS Solution for GRC from IDS Scheer offers customers a software tool for integrating current and future compliance requirements into their business processes.

ARIS Risk & Compliance Manager is an intuitive software product that helps users to conduct tests by providing a corresponding workflow and all the relevant information. It enables organizations to carry out the necessary compliance activity with maximum efficiency and can easily be extended to accommodate new legislation or standards. ARIS Risk & Compliance Manager is part of ARIS Solution for GRC.

 
Your benefits:

  • Workflow-based implementation of compliance-related measures and internal controls covering a wide range of legal and regulatory requirements
  • Deficiency management plus comprehensive reporting and sign-off functionality
  • Issue management workflow for early identification, processing, and tracking of critical issues
  • Operational risk management to manage risks or to reduce their consequences
  • Improved risk assessments based on loss data recorded using incident & loss management
  • Flexible survey management enables users to manage questionnaires, such as, self assessments, COSO questionnaires, and much more
  • Policy management workflow for embedding corporate guidelines
  • Process Risk Simulation enables simulation of risk events along defined business process chains
  • Up-to-date management dashboards, so-called mashups , via a direct link to ARIS MashZone
  • Timely detection of shortcomings in the internal control system and automatic escalation

Screenshots

E-mail to tester

Workflow-based compliance processes
Automatic initiation of the workflow by e-mail when test activity is due, including a link to ARIS Risk & Compliance Manager.

Test case list

Also suitable for non-expert users
Comprehensive tool support throughout the process, from testing to external audit.

Issue Management delivers complete transparency
Issue Management for all users

Issue Management delivers complete transparency
Issues can be created for identified problems and weaknesses of the internal control system, so that improvements can be initiated. Problem situations can thus be promptly communicated and resolved. Every issue is documented from creation to completion.

GRC mashup

Easy link to ARIS Mashzone
ARIS Risk & Compliance Manager provides a direct interface to ARIS MashZone to create mashups or dashboards for evaluating internal and external data.

Operational Risk Management
Quantitative risk analysis for exact evaluation

Operational Risk Management
Operational Risk Management helps organizations to identify and document operational risks (e.g., financial or security risks) as part of their internal control system. A risk assessment workflow supports evaluation of these risks with regard to various aspects, e.g., financial impact or probability. If necessary, appropriate measures to manage risks or to reduce their consequences should they occur are suggested and initiated.

Qualitative risk analysis
Risk assessment by risk categories

Qualitative risk analysis
The qualitative risk analysis quickly maps identified risks in terms of amount of damage and occurrence frequency. The impact of occurrence is scaled with multiple increments ranging between high and low. In the end, you can take appropriate measures and perform a new qualification with reduced amounts of damage and occurrence frequency.
The qualitative risk analysis can be run using various criteria, such as financial statement items, processes, or risk categories.