Skip to Main Content
ARIS - SHARE YOUR IDEAS
How can we make ARIS better?
ADD A NEW IDEA

Risk & Compliance

Showing 57

risk hierarchy

In design it's possible to define a hierarchy of risks (eg. risk X consits of risk X.1 and risk X.2). ARCM does not support this concept.If it would be added, the principle is that a risk assessment would be done only on the lower level risks and ...
Koen Maes 5 months ago in Risk & Compliance 0 Open for voting

Relevant impact type(s) for a risk

In today's implementation, for any risk the assessment will always show all impact types.Approach at customers is that certain impact types are relevant only for some risks.So,it should be possible to define for a risk (or risk category) which imp...
Koen Maes 5 months ago in Risk & Compliance 0 Open for voting

Document risk appetite in ARIS & ARCM

Today there is no standard to document the risk appetite in ARIS. However, it is an important indication when managing risks.Having the ability to document this (in a standard way), would enable further reporting and analysis about the risk situat...
Koen Maes 5 months ago in Risk & Compliance 1 Open for voting

Be able to deactivate issues in bulk by admin users

Use case is for a customer that has only the basic ARCM roll out and issues from Connect. Their users are creating issues but some issues needs to be removed/not visible and it is complicated to deactivate issues once they are already created and ...
Tanguy Petre 5 months ago in Risk & Compliance 1 Open for voting

GDPR requires all systems to be able to delete record when requested to do so by the customer

It is required by law (GDPR) that when a customer wants their data to be deleted from a system it should be possible to do so (deletion by design). Currently this is not possible in ARCM. We, as xxx, want this functionality to be implemented.
Sylvia Groenbos almost 2 years ago in Risk & Compliance 3 Open for voting

Simple interface for risk assessment by the Risk Owner.

The current risk assessment interface has too many tabs with excessive information when evaluating each risk assessment by the Risk Owner. We propose simplifying the interface while still having the option to expand the information. The data that ...
Ariel Carrizo about 1 year ago in Risk & Compliance 1 Open for voting

Questionnaire Reviewer timer: maximum of 90 days between creation questionnaire and acceptance moment by reviewer

Our Compliancy department requires the period that it takes from initiating a DPIA (a questionnaire in ARCM) until the moment the DPO accepts the identified risks to be a maximum of 90 days. Can ARCM be adjusted so that with every questionnaire th...
Sylvia Groenbos almost 2 years ago in Risk & Compliance 2 Open for voting

Simplify Risk Review interface

For risk assessment, we propose generating a table-like interface that includes the following columns: Risk Name, Risk Owner, Owner's Evaluation Date, Process, Inherent Probability, Inherent Impact, Reduced Probability, Reduced Impact. The risk re...
Ariel Carrizo about 1 year ago in Risk & Compliance 0 Open for voting

Handover & Delegation for review tasks

For surveys we can handover / delegate the task of the interviewee but we can't do this for reviewing the survey.
Pascale Wessel over 1 year ago in Risk & Compliance 0 Open for voting

Design Risk Report based on Risk Tree

Currently the closest thing to a Risk report is the weak point analysis. This report uses the activity/ function objects as a starting point. To get insight in the Risk framework it would be usefull to have a report that uses the Risk framework as...
Hanneke Loefs about 1 year ago in Risk & Compliance 0 Open for voting