Use ARIS Connect to prepare a processing activity description survey.
Prerequisites
You have the ARIS Connect Viewer > Contribution license privilege.
The relevant objects are available in a Record of processing activities model and assigned to the respective legal entity.
The ARIS GDPR method enhancement filter is imported. For detailed information, refer to the ARIS Accelerators for GDPR Installation Guide.
The questionnaire for describing processing activities (GDPR Processing Activity Documentation) is installed and adapted to your specific requirements. The value of the SynchronizeARCM attribute at the Questionnaire template object must be true (default value). For detailed information, refer to the ARIS Accelerators for GDPR Installation Guide.
Procedure
Start ARIS Connect.
Enter the name of the relevant Record of processing activity model to the Search field.
Click the model containing the relevant processing activity in the list of results. The fact sheet is displayed.
Click Edit > Contribute if the edit mode is not activated yet.
In the Processing activities table, click the Processing activity details attribute of the relevant processing activity. The fact sheet is displayed.
The link is only available if the elements are already assigned to the processing activity.
Click the edit box of the Questionnaires attribute to add a new element.
Enter a name according to the respective processing activity and the description survey, for example, Salary payment GDPR description.
Click to transfer your input, then click OK to confirm your input. The Questionnaires attribute is created.
Click the Questionnaires attribute. The fact sheet is displayed.
Specify the relevant survey details. To do so, click the edit box of the respective attribute, enter the relevant information, click to transfer your input, and click OK to confirm your input (only for some attributes).
Responsible: Any user responsible for this survey.
Description: Short description of the survey.
Questionnaire templates*): The questionnaire template to be used in the survey. Use the GDPR Processing Activity Documentation (Controller) or the GDPR Processing Activity Documentation (Processor) questionnaire template.
Important: If a different template is used for the Record of processing activities report, you must set the attribute value GDPR-PAD-C for the Identifier of the questionnaire template object for controller entities and the attribute value GDPR-PAD-P for processor entities.
Assigned roles*): The interviewee groups and the survey reviewer group in charge. You can assign multiple interviewee groups, but only one survey reviewer group. Each interviewee group receives one questionnaire.
Start date*): The date the first survey and the assigned questionnaires are to be generated.
End date: The date when the survey scheduler must be completed and no further survey is created.
Frequency*): The interval at which the survey and the assigned questionnaires are generated.
Time limit for execution in days*): The number of days available to the interviewee for the completion of the questionnaire. It defines the completion date by which the survey must be completed.
*) = Mandatory for technical reasons
The processing activity description survey scheduler for ARIS Risk & Compliance Manager is created.
For detailed information, refer to the ARCM - Survey Management Conventions manual and the ARIS Risk & Compliance Manager online help.