Profile picture for user markknaap


I am new to this group but would like to inform if someone is aware of companies using ARIS or ARIS GRC in areas where FDA compliance applies. I work for Philips Electronics where we have established ARIS as our BPM and EA repository and may want to extend into GRC area but with a focus on FDA in our Healthcare sector. 

Most of the GRC I see sofar is positioned in financial areas like SOx, Basel etc, but I wonder if ARIS would stand the test of FDA.


by Michiel Jorna
Posted on Thu, 12/06/2012 - 12:23


Hi Paul,

Welcome to the group!

ARIS GRC offers a generic and sector independent approach for enterprise-wide risk management. I agree with your observation that GRC platforms (ARIS GRC included) traditionally have a strong basis in the area of financial reporting but the concepts behind and the methodologies used can be applied to any organization and any applicable regulation. In the end it’s all about being able to identify the applicable regulations and corresponding (compliance) risks, design appropriate control measures to mitigate the identified risks, implement and integrate these control measures into the business processes and continuously monitor the design and effectiveness of these processes / controls.

For FDA compliance specifically I think it’s worthwhile to mention the Compliance Performance Ready Solution for Pharmaceutical environments.

Besides (Pharma) reference processes this includes GxP regulation requirements, reference risks, controls, SOP’s and test instructions.


The reference information can be used to set up a framework in ARIS Business Designer that integrates GxP requirements with the risk and control frameworks and business processes:

Based on this structure ARIS Risk & Compliance Manager can be used to enable continuous monitoring of these controls, evidence of control execution, support the management of deficiencies and remediation actions etc.

If you are interested to have more details on this topic please feel free to contact me.



by Robin Craven
Posted on Thu, 03/26/2015 - 10:40

Hi Michiel,

Like Paul I am interested to know if there are companies that are using ARIS within a GxP environment for an SAP based solution. Do you have any updates since your previous posting? If yes what are the prerequisites? For example:

1. What is the earliest version of ARIS that can be used?

2. Is ARIS GRC and/or Compliance Performance Ready Solution for Pharmaceutical environments required?

The reason for my questions is to understand the base starting position and thereupon to evaluate the roadmap to an ideal solution, which will take time and investment.

Kind regards, Robin


Featured achievement

Say hello to the ARIS Community! Personalize your community experience by following forums or tags, liking a post or uploading a profile picture.
Recent Unlocks
  • SS
  • MZ
  • Profile picture for user kbiront
  • Profile picture for user Tony Iliev
  • Profile picture for user amandeep.7.singh
  • PacMan


icon-arrow-down icon-arrow-cerulean-left icon-arrow-cerulean-right icon-arrow-down icon-arrow-left icon-arrow-right icon-arrow icon-back icon-close icon-comments icon-correct-answer icon-tick icon-download icon-facebook icon-flag icon-google-plus icon-hamburger icon-in icon-info icon-instagram icon-login-true icon-login icon-mail-notification icon-mail icon-mortarboard icon-newsletter icon-notification icon-pinterest icon-plus icon-rss icon-search icon-share icon-shield icon-snapchat icon-star icon-tutorials icon-twitter icon-universities icon-videos icon-views icon-whatsapp icon-xing icon-youtube icon-jobs icon-heart icon-heart2 aris-express bpm-glossary help-intro help-design Process_Mining_Icon help-publishing help-administration help-dashboarding help-archive help-risk icon-knowledge icon-question icon-events icon-message icon-more icon-pencil forum-icon icon-lock