ARIS - SHARE YOUR IDEAS
How can we make ARIS better?
ADD A NEW IDEA

Risk & Compliance

Showing 59

Be able to create issues to a specific environment without having to link an issue-relevant object

In ARCM you today have the possibility to have Issue Manager for environment specific and also an issue manager for cross-environment. But when you use multiple environments that you do not wish for issue manager (cross-environment) to administrat...
My Hvit about 1 year ago in Risk & Compliance 0 Open for voting

change the format for Offline Object downloading

Hi, The security policy of our customer "*******" doesn't allow for the downloaded file to be in zip format, it has to be in its plain original format to security conduct file scan every time the file is downloaded. The requested idea is to change...
Abdulrahman AlMohimeed about 1 year ago in Risk & Compliance 0 Open for voting

Handover & Delegation for review tasks

For surveys we can handover / delegate the task of the interviewee but we can't do this for reviewing the survey.
Pascale Wessel over 1 year ago in Risk & Compliance 0 Open for voting

Re-use of values available on questionnaire instead of survey schedular task

As an user, I want to be able to re-use the values which were entered in an existing Survey (DPIA) for the purpose of reusing existing DPIA (Data Protection Impact Assessment) answers. This will allow me to save time and effort in creating new DPI...
Pascale Wessel over 1 year ago in Risk & Compliance 0 Open for voting

Option Sperre „Offene Vorfälle“

Optional können diejenigen Objekte eines Objekttyps von der automatischen Anonymisierung nach Punkt 2 ausgenommen werden, deren Issues zum Prüfzeitpunkt noch „offen“ sind bzw. vor weniger als einem Sperr-Zeitraum geschlossen wurden Beispiel: ein K...
Andreas Geis over 1 year ago in Risk & Compliance 0 Open for voting

Option „Anonymisierungs-Automatik“

Optional können pro Objekttyp nach Ablauf einer zeitliche Grenzen die personenbezogenen Daten aus allen Versionen eines Objektes automatisch gelöscht werden. (Maximal-Auskunftsfrist) Beispiel: für alle Kontroll-Tests werden nach Ablauf von 10 Jahr...
Andreas Geis over 1 year ago in Risk & Compliance 0 Open for voting

Mindest-Verfügbarkeit für personenbezogene Daten nach Objekttypen

Pro Objekttyp (z.B. Kontroll-Test) können zeitliche Grenzen erfasst werden, vor deren Ablauf personenbezogenen Daten (handelnde User) nicht gelöscht werden können (Mindest-Auskunftsfrist). Beispiel: für Kontroll-Tests können vor Ablauf von 3 Jahre...
Andreas Geis over 1 year ago in Risk & Compliance 0 Open for voting

GDPR requires all systems to be able to delete record when requested to do so by the customer

It is required by law (GDPR) that when a customer wants their data to be deleted from a system it should be possible to do so (deletion by design). Currently this is not possible in ARCM. We, as xxx, want this functionality to be implemented.
Sylvia Groenbos almost 2 years ago in Risk & Compliance 3 Open for voting

Questionnaire Reviewer timer: maximum of 90 days between creation questionnaire and acceptance moment by reviewer

Our Compliancy department requires the period that it takes from initiating a DPIA (a questionnaire in ARCM) until the moment the DPO accepts the identified risks to be a maximum of 90 days. Can ARCM be adjusted so that with every questionnaire th...
Sylvia Groenbos almost 2 years ago in Risk & Compliance 2 Open for voting

Show all details for non risk management relevant risks

We currently have Risks that are not relevant for assessment, but we still want to have them in ARCM with all their details. The problem is that when the risk-management relevant attribute is deactivated, some of the detail information is removed ...
Guest almost 2 years ago in Risk & Compliance 1 Open for voting