Profile picture for user Ana Rita Lopes

Good afternoon,

I need help on a topic related to risk management in ARCM.

The risk management cycle is currently as follows:

- Risk Owner performs the risk assessment;

- Risk Reviewer reviews the risk assessment (accept or reject);

- Risk Manager monitors all evaluations;

The question is this: If the Risk Reviewer wants to refuse the evaluation and comment on the reason for the refusal, how can this be done? There is no field for Reviewer to write.

When we are talking about other components (for example the tests to the controls, audit, incidents and losses,...), when the Reviewer decides to reject, becomes MANDATORY to fill in the field "comment / reviewer remark", but in Risk Management there is no field to fill in (neither obligatory nor optional).

My client is a very complex organization and in each risk assessment cycle, there is a strong probability of rejection of evaluations, however the Reviewer should indicate (in a comment, or something similar) the reason for rejection. BUT currently, when the Reviewer reject a risk, send an e-mail (outside of ARIS) to inform the Owner, what was the reason for rejection. Which is not correct and is unsustainable in the long run, considering that everything should be centered on the ARIS / ARCM platform.

Is there any possibility to configure this?


Thank you!

Ana Rita Lopes

by Steffen Exeler
Posted on Fri, 01/18/2019 - 13:49

Dear Ana Rita,

what version are you working with? With SR6 a specific Reviewer remark is available at the risk assessment.

Kind regards



by Ana Rita Lopes Author
Posted on Fri, 01/18/2019 - 16:02

Good afternoon Steffen,

Thank you for the attention to my message.

I forgot to mention that point. Currently the client has version 10 Service Release 6, but has not yet been passed to production, because the application is in the testing phase.

However the installation that I have used to perform the tests and demonstration is the 10SR5.

According to your comment, in SR6, does the reviewer remark for risk management exist and is it mandatory in case of rejection?

Best regards, 

Ana Rita Lopes

by Steffen Exeler
Posted on Fri, 01/18/2019 - 16:08

Dear Ana Rita,

in the standard configuration it is not mandatory.

Kind regards



Featured achievement

Say hello to the ARIS Community! Personalize your community experience by following forums or tags, liking a post or uploading a profile picture.
Recent Unlocks
  • Profile picture for user frankweise
  • Profile picture for user Henrik Buckler
  • Profile picture for user UffeK
  • SS
  • MZ
  • PacMan


icon-arrow-down icon-arrow-cerulean-left icon-arrow-cerulean-right icon-arrow-down icon-arrow-left icon-arrow-right icon-arrow icon-back icon-close icon-comments icon-correct-answer icon-tick icon-download icon-facebook icon-flag icon-google-plus icon-hamburger icon-in icon-info icon-instagram icon-login-true icon-login icon-mail-notification icon-mail icon-mortarboard icon-newsletter icon-notification icon-pinterest icon-plus icon-rss icon-search icon-share icon-shield icon-snapchat icon-star icon-tutorials icon-twitter icon-universities icon-videos icon-views icon-whatsapp icon-xing icon-youtube icon-jobs icon-heart icon-heart2 aris-express bpm-glossary help-intro help-design Process_Mining_Icon help-publishing help-administration help-dashboarding help-archive help-risk icon-knowledge icon-question icon-events icon-message icon-more icon-pencil forum-icon icon-lock