Blog Posts Process Analysis Process Modeling

Improved Risk & Compliance Management in ARIS 10 SR 20

Blog: Aris BPM Blog

ARIS has been providing comprehensive capabilities for risk & compliance management for many years. It is very strong in connecting risks and controls to the business processes as well as providing two-stage workflows and clear task management for risk assessments, control tests, surveys, policy rollouts, and more. This process-driven approach helps you to gain transparency not only over your current risk & compliance status but also about the effects of GRC measures on your business.

With the rise of ESG (environmental, social, and governance) requirements, the need for sustainability, and many other new regulations reliable risk and compliance management is very important. With the ARIS 10 SR20 release we provide again some great improvements with the ARIS Extension for Risk & Compliance to support you even better in your GRC activities.

Additional settings Detectability and Trend for risk assessments

Qualitative risk assessments now provide new risk impact types Detectability and Trend. Extent and Frequency remain mandatory.

In some risk management approaches not only the assessment of the risk management types Extent and Frequency is necessary, but also an evaluation by Detectability (e. g., FMEA). Furthermore, evaluating and describing the Trend can be useful in determining relevant measures.

In the new release, customers can easily define their own values and generate assessments that cover these additional dimensions.

The new risk impact types Detectability and Trend can easily be activated by the administrator without any configuration or customizing. They are optional while Extent and Frequency are mandatory.


New object symbol Measure and new attribute group for risk-bearing capacity

The ARIS method provides a new object symbol, Measure, of type Solution. It can easily be identified as a specific GRC object. This new object is meant to describe any kind of mitigation for a risk that is not covered by specific object types such as a Control or a Policy. It is only used for describing purposes.

Sound risk management requires measuring risk exposure against the risk-bearing capacity of assets like processes, applications, organizational units, etc. For this reason, a new attribute group and respective attributes have been added to the ARIS method for those asset objects and other relevant object types like the risk category.

New HTML templates in email notifications

ARIS Risk & Compliance creates tasks based on two-stage workflows. For these tasks, automatic email notifications are sent out to the assigned owners. In ARIS 10 SR20 there are now HTML templates available for these email notifications that can be adapted to your CI.

New risk matrix report

The new release provides a new risk matrix report in PDF format that shows a risk heat matrix for each impact type of reviewed risk assessments for the selected hierarchy like organization, processes and functions, risk category, and so on.

New GRC-specific dashboards

The new GRC-specific out-of-the-box dashboard shows overview information about risk and compliance management, but also individual tabs for use cases like issues, regulations and policies, risks, incidents and losses, and controls and tests. These dashboards can be used as is and adapted to your needs if required.

Choose content type: 
Write a post

Leave a Comment

Get the BPI Web Feed

Using the HTML code below, you can display this Business Process Incubator page content with the current filter and sorting inside your web site for FREE.

Copy/Paste this code in your website html code:

<iframe src="" frameborder="0" scrolling="auto" width="100%" height="700">

Customizing your BPI Web Feed

You can click on the Get the BPI Web Feed link on any of our page to create the best possible feed for your site. Here are a few tips to customize your BPI Web Feed.

Customizing the Content Filter
On any page, you can add filter criteria using the MORE FILTERS interface:

Customizing the Content Filter

Customizing the Content Sorting
Clicking on the sorting options will also change the way your BPI Web Feed will be ordered on your site:

Get the BPI Web Feed

Some integration examples