Software AG's Business Process Analysis Platform, ARIS, uses robust architecture and process management / analysis capability to drive integrations with the existing business processes along with information technology and SAP systems.
$100
designer
ServiceNow Governance, Risk, and Compliance
Score 9.0 out of 10
N/A
ServiceNow Governance, Risk, and Compliance provides the tools businesses use to proactively manage risk by measuring, testing and auditing internal processes. This solution helps business users ensure compliance to regulations, policies, standards and frameworks. It is available via the Standard, Professional, and Enterprise editions, the latter two supporting GRC and internal auditing processes.
N/A
Pricing
ARIS
ServiceNow Governance, Risk, and Compliance
Editions & Modules
ARIS Elements
$100
designer
ARIS Advanced
$200
designer
ARIS Enterprise
contact us
ARIS Enterprise
contact us
No answers on this topic
Offerings
Pricing Offerings
ARIS
ServiceNow Governance, Risk, and Compliance
Free Trial
Yes
No
Free/Freemium Version
Yes
No
Premium Consulting/Integration Services
Yes
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
ARIS
ServiceNow Governance, Risk, and Compliance
Features
ARIS
ServiceNow Governance, Risk, and Compliance
Reporting & Analytics
Comparison of Reporting & Analytics features of Product A and Product B
ARIS
9.1
6 Ratings
16% above category average
ServiceNow Governance, Risk, and Compliance
-
Ratings
Dashboards
7.96 Ratings
00 Ratings
Standard reports
9.76 Ratings
00 Ratings
Custom reports
9.86 Ratings
00 Ratings
Process Engine
Comparison of Process Engine features of Product A and Product B
ARIS
7.4
6 Ratings
12% below category average
ServiceNow Governance, Risk, and Compliance
-
Ratings
Process designer
8.26 Ratings
00 Ratings
Process simulation
8.66 Ratings
00 Ratings
Business rules engine
6.46 Ratings
00 Ratings
SOA support
7.55 Ratings
00 Ratings
Process player
6.02 Ratings
00 Ratings
Support for modeling languages
9.16 Ratings
00 Ratings
Form builder
7.06 Ratings
00 Ratings
Model execution
6.82 Ratings
00 Ratings
Collaboration
Comparison of Collaboration features of Product A and Product B
ARIS
8.4
6 Ratings
1% above category average
ServiceNow Governance, Risk, and Compliance
-
Ratings
Social collaboration tools
8.46 Ratings
00 Ratings
Content Management Capabilties
Comparison of Content Management Capabilties features of Product A and Product B
ARIS
9.3
6 Ratings
14% above category average
ServiceNow Governance, Risk, and Compliance
-
Ratings
Content management
9.36 Ratings
00 Ratings
Governance, Risk & Compliance
Comparison of Governance, Risk & Compliance features of Product A and Product B
ARIS
-
Ratings
ServiceNow Governance, Risk, and Compliance
8.5
10 Ratings
12% above category average
Common repository of GRC items
00 Ratings
8.610 Ratings
Risk management
00 Ratings
9.010 Ratings
Integration with Corporate Performance Management (CPM) systems
Well suited for enterprise architecture modeling where the intent to document elements beyond processes as well, such as risks and controls, KPIs, systems, org charts, etc. It also has the excellent capability of creating custom reports, hence if looking for various views right from summary to detailed, this is a great tool. It is less appropriate for implementing the processes as it is not very strong in BPMN.
Oracle EBS R12 requires a unique user skillset to understand how it handles user access and functions. Accordingly, ServiceNow has this high level of sophistication to manage this information and apply it to Sensitive Access and Segregation of Duties rules to identify exceptions. This depth of configuration is critical to accurately identify when Oracle Responsibilities (access) truly allows access and thus could be a violation. ERPs with less complexity may not require this customization of ServiceNow GRC, but you would be wise to raise these questions and examples in the demo to ensure it will work for you. In the past, we have found that risks of under-reporting exceptions or false positives become so voluminous that users don't always get to the accurate violations for timely remediation. Proper configuration up front will improve your effectiveness and ROI down the road.
Finding reported by the auditor. GRC helps us identify, assign, and track the resolution of this.
Exception to information security policy. These require quarterly reviews and setting up reminders to revisit these.
Building out new projects and baking security and compliance into the project and tracking it in GRC to ensure we deliver a compliant product on day one
Delivering more out of the box functionality that rivals other GRC platforms. The bare bones approach may not help companies that do not have expertise or capabilities to build effective GRC processes.
Easier way to implement workflow.
Offering better metrics without buying add-on tools.
I am a BPM and Enterprise Architect Consultant and hence have been using different BPM and EA tools for consulting practice. Until now I have used Opentext Provision EA,Sparx EA, MS Visio and IBM Blueworks. All of the tools used are good and have their own unique features and capabilities. ARIS BPA is widely used by my current organization for different projects.
I'm satisfied with our experience. The configuration was the biggest challenge, but we have moved onto the stage of user training and usability. We would appreciate having better user training documentation and possibly videos and/or computer-based training to help our international users adopt this software for their GRC needs.
It has good, even complex functionality that is provided by its library and ability to create relations between items, yet it is not hard to use. Anyone can use it in a short time. It provides reporting abilities and good documentation with the availability of exporting options. The only drawback I have seen was user management/login issues.
It's a good system, but I am awaiting key features in the new release. We hear that ServiceNow is continually adding new features and we look for improved reporting, better Oracle Integration, and user training opportunities. To the extent these materialize, we expect further improvements in our experience with ServiceNow GRC. Until that time, though, we believe we are meeting our objectives expected at the beginning of this project.
The Service area, they have been very useful. ARIS suite is covering number of applications. ARIS engine is very powerful and robust. The tool can be configured in many ways which can be beneficial but can be a curse at the same time. As a user, you need to apply this flexibility with care.
We just recently started using TrustArc for data privacy requests and I can already speak to the fact that TrustArc is a more confusing platform once there. The positives of ServiceNow would be that a majority of our URL's drive to owned websites which our employees are very comfortable with using versus pushing them to another website that feels unsafe.
