ARIS - Ensuring Business Compliance
ARIS Business Performance Edition provides extensive functionalities for efficient implementation of compliance-related measures, e.g., to meet the requirements of the Sarbanes-Oxley Act, Euro-Sox, and Basel II, or to track internal initiatives and rules, such as Six Sigma.
Issue Management
- zoom image
- With its new issue management module, ARIS Risk & Compliance Manager delivers complete transparency
The new issue management module in ARIS Risk & Compliance Manager is fully integrated into all the other modules and offers rich functionality to allow improvement of the internal control system. Issues can be created for identified problems and weaknesses, so that improvements can be initiated. Problem situations can thus be promptly communicated and resolved. Every issue is documented from creation to completion, and can be generated in connection with test cases, deficiencies, risks, processes, etc., or independently of them.
A carefully designed issue workflow delivers efficient user support for assigning issues to individuals and processing them. Issue management also provides a transparent, trackable record of the current status of the continuous improvement process relating to the internal control system itself, for management and auditors.
Operational Risk Management
Operational Risk Management helps organizations to identify and document operational risks (e.g., financial or security risks) as part of their internal control system. A risk assessment workflow supports evaluation of these risks with regard to various aspects, e.g., financial impact or probability. If necessary, appropriate measures to manage risks or to reduce their consequences should they occur are suggested and initiated.
Tight integration with the issue management module is particularly useful here. Role-based presentation of the assessment results ensures that both management and risk owners receive the specific information they need. An overview of the current situation and ongoing development status of the control system is available on demand. A single tool thus provides support for the entire process, from risk identification, documentation, and analysis through to risk monitoring.
Compliance Process Dashboard
The Web-based Compliance Process Dashboard provides the user with a convenient snapshot of the status of all GRC activity in the form of KPIs. The available information includes the proportion of test cases still open or deficiencies identified in a specific business process.
Each individual test and deficiency process can also be analyzed and presented as a process chain. Aggregated process visualizations (e.g., an EPC showing test activity in the first quarter) with probabilities and KPIs reveal structural weaknesses in process execution and enable optimization potential within the compliance process to be identified. The data mining functionality automatically highlights potential weaknesses.
