KPI allocation diagram

For the risks identified in the processes or at hierarchy objects, the responsibilities and objects relevant for the assessment can be defined in the KPI allocation diagram. This means that effects on the company's hierarchies can be documented, e. g. which risk affects which organizational unit.

KPI allocation diagram structure

The allocations of risk owner and risk reviewer are mandatory if the Risk Management-relevant attribute is set to true. All other allocations are optional.

The is assigned to connection (CT_IS_ASSIG_6) can be used to inherit object assignments between risks. Objects assigned to the risk object with outgoing connection are passed on to the risk object with ingoing connection. Only the following object types are passed on: Function, Organizational unit, Application system type, Regulation, Risk category, and Roles. An object type is only passed on if the receiving risk has no direct connection to the same object type. A role is only passed on if the receiving object has no direct connection to the same role. Example: The risk reviewer group is passed on but the risk owner group is not passed on, because the receiving risk already has an assignment to the risk owner group.

Relationships of the risk object

The following connections are relevant between the objects in the KPI allocation diagram:

Object

Connection

Object

Notes

Risk

is technically responsible for

Role

This connection creates the relationship to the risk owner, risk manager, and risk reviewer.

Risk

affects

Organizational unit

This connection creates the relationship to the organizational hierarchy.

Risk

affects

Technical term

This connection creates the relationship to the regulation hierarchy. It becomes a mandatory relationship if Financial reporting has also been selected for the Risk type risk attribute.

Risk

affects

Application system type

This connection creates the relationship to the application system type hierarchy.

Risk

is measured by

KPI instance

This connection creates the relationship to the KPI. It is not transferred to ARIS Risk & Compliance Manager so far.

Risk

is influenced by

Task

This connection creates the relationship to the measure. It is not transferred to ARIS Risk & Compliance Manager so far.