The control is modeled in an ARIS modeling environment using the Function object (OT_FUNC) and the default symbol Control (ST_CONTR). A control is created in ARIS Risk & Compliance Manager for each control for which the Synchronize ARCM attribute is set to true.
Attribute mappings: Function (control) (ARIS) to Control (ARCM)
ARIS attribute |
API name |
ARCM attribute |
M* |
Notes |
---|---|---|---|---|
Name |
AT_NAME |
name |
X |
|
Control ID |
AT_AAM_CTRL_ID |
control_id |
|
|
|
|
manager_ |
|
Is identified via the connection to the role. A corresponding link to the control manager in ARIS Risk & Compliance Manager is saved. |
Control frequency |
AT_AAM_CTRL_FREQUENCY |
control_frequency |
|
|
Control execution |
AT_AAM_CTRL_EXECUTION_MANUAL AT_AAM_CTRL_EXECUTION_IT |
control_execution |
|
The enumeration is set in ARIS Risk & Compliance Manager when the values are true. |
Effect of control |
AT_AAM_CTRL_EFFECT |
control_effect |
|
|
COSO component |
AT_AAM_COSO_COMPONENT_CRTL_ENVIRONMENT AT_AAM_COSO_COMPONENT_RISK_ASSESSMENT AT_AAM_COSO_COMPONENT_CTRL_ACTIVITIES AT_AAM_COSO_COMPONENT_INFO_COMMUNICATION AT_AAM_COSO_COMPONENT_MONITORING |
control_type |
|
The enumeration is set in ARIS Risk & Compliance Manager when the values are true. |
Control activity |
AT_AAM_CTRL_ACTIVITY |
controls |
|
|
Control objective |
AT_AAM_CTRL_OBJECTIVE |
control_objective |
|
|
Key control |
AT_AAM_KEY_CTRL |
key_control |
|
|
Assertions |
AT_AAM_ASSERTIONS_EXIST_OCCURRENCE AT_AAM_ASSERTIONS_COMPLETENESS AT_AAM_ASSERTIONS_RIGHTS_OBLIGATIONS AT_AAM_ASSERTIONS_VALUATION_ALLOCATION AT_AAM_ASSERTIONS_PRESENTATION_DISCLOSURE AT_AAM_ASSERTIONS_NA |
assertions |
|
The enumeration is set in ARIS Risk & Compliance Manager when the values are true. A dependency of values exists. The first five values cannot occur in combination with the last entry. |
|
|
control_function |
|
Is identified via the connection to the function. A corresponding link to the process hierarchy element in ARIS Risk & Compliance Manager is saved. |
|
|
testdefinitions |
|
Is identified via the connection to the test definition. A corresponding link to the test definition in ARIS Risk & Compliance Manager is saved. |
|
|
financial_statement |
X |
Is identified via the connection to the technical term. A corresponding link to the regulation hierarchy element in ARIS Risk & Compliance Manager is saved. |
*The M column specifies whether the attribute is a mandatory field.