Experienced ARIS user, but I need to experimentally dig into the possibilities and limitations of modelling and handling compliance/risk/audits. Since the UMG example is quite limited, I need to understand the following - anyone who can share links to resources, best practises or similar:
Overall need:
- I need to model how a certain control catalogue is implemented. Particular questions: Object types and relation types to use? Any modelling advices in terms of where to place objects into groups?
- Typical use cases/tips & tricks for invoking the GRC module?
Any links/advice appreciated. Exerimental use means that this is prior to any formal training and similarly.