RSA Archer, from the security, governance, and risk division of RSA Security is an integrated risk management / GRC platform.
N/A
Azure DevOps Services
Score 8.6 out of 10
N/A
Azure DevOps (formerly VSTS, Microsoft Visual Studio Team System) is an agile development product that is an extension of the Microsoft Visual Studio architecture. Azure DevOps includes software development, collaboration, and reporting capabilities.
$2
per GB (first 2GB free)
Pricing
Archer Integrated Risk Management Platform
Azure DevOps Services
Editions & Modules
No answers on this topic
Azure Artifacts
$2
per GB (first 2GB free)
Basic Plan
$6
per user per month (first 5 users free)
Azure Pipelines - Self-Hosted
$15
per extra parallel job (1 free parallel job with unlimited minutes)
Azure Pipelines - Microsoft Hosted
$40
per parallel job (1,800 minutes free with 1 free parallel job)
Basic + Test Plan
$52
per user per month
Offerings
Pricing Offerings
Archer
Azure DevOps Services
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
Archer Integrated Risk Management Platform
Azure DevOps Services
Considered Both Products
Archer
Verified User
Employee
Chose Archer Integrated Risk Management Platform
Both have similar functions, but it was decided that a separate application was desired for Risk and Compliance Systems. This was partly due to Line of Business Ownership and separation of duties.
RSA Archer is fantastic at cataloguing, personalizing assessments, raw reporting, and capacity to add custom fields. It is a little clunky around adding contextual information to notifications, peeking into data before attempting to load pages, quick navigation or determining linked (or sub-linked) relationships. These are all concerns that can either be worked around with an appropriate data scheme or with careful administration of the sub-routines.
ADO is well suited for the visibility of day-to-day tasks and responsibilities as well as things such as Features, user stories, etc. Off the top of my head, I can't think of any scenario where it might not be well suited, as you can customize ADO to your liking to a degree.
Integration capabilities to multiple enterprise systems
Control standards and Procedures to address multiple regulatory/authoritative sources, standards and frameworks enabling test once satisfy many requiremnts
Rapid application development and User friendly tool with configuration capability to customize easily without user requiring programming or coding skills
Flexible Requirements Hierarchy Management: AZDO makes it easy to track items such as features or epics as a flat list, or as a hierarchy in which you can track the parent-child relationship.
Fast Data Entry: AZDO was designed to facilitate quick data entry to capture work items quickly, while still enabling detailed capture of acceptance criteria and item properties.
Excel Integration: AZDO stands out for its integration with MS Excel, which enables quick updates for bulk items.
I don't think our organization will stray from using VSTS/TFS as we are now looking to upgrade to the 2012 version. Since our business is software development and we want to meet the requirements of CMMI to deliver consistent and high quality software, this SDLC management tool is here to stay. In addition, our company uses a lot of Microsoft products, such as Office 365, Asp.net, etc, and since VSTS/TFS has proved itself invaluable to our own processes and is within the Microsoft family of products, we will continue to use VSTS/TFS for a long, long time.
Good tool to get the information communicated, approval workflow, and easy to add new findings/questionnaires. Seems to be compatible with different browsers and little downtime. Only request for improvement is to add an export feature with fewer clicks. Maybe batch export.
Azure DevOps is a powerful, complex cloud application. As such there are a number of things it does great and something where there is room for improvement. One of those areas would be in usability. In my opinion it relies too much on search. There is no easy way to view all projects or to group them in a logical way. You need to search for everything.
Our RSA Archer team is dedicated to finding solutions for our organization. They haven't mentioned any issues with receiving support with deployment or bug fixes, and generally the platform is very dependable. They are always very excited about delivering a version upgrade and presenting any new features that provide more dashboards or chart types.
When we've had issues, both Microsoft support and the user community have been very responsive. DevOps has an active developer community and frankly, you can find most of your questions already asked and answered there. Microsoft also does a better job than most software vendors I've worked with creating detailed and frequently updated documentation.
It has been roughly 5 years since I have seen Securevue, so a lot can change, but to me it felt like several products were purchased and an attempt was made to piece them all together into a single solution (and I believe that may have been true). It also required agents on endpoints which did not fit the model I believed customers were looking for. MetricStream appeared to be difficult to install as it took their own engineers some time to get it installed in my lab environment. I did not think their web interface was as intuitive as RSA Archer. Customization to the platform was possible to some degree, but required a lot more work and technical skills than required by Archer. I did like the landing page for MetricStream which called out the important action items for the current user, but Archer v6.X now has this feature.
Microsoft Planner is used by project managers and IT service managers across our organization for task tracking and running their team meetings. Azure DevOps works better than Planner for software development teams but might possibly be too complex for non-software teams or more business-focused projects. We also use ServiceNow for IT service management and this tool provides better analysis and tracking of IT incidents, as Azure DevOps is more suited to development and project work for dev teams.
