TrustRadius Insights
RSA Archer Integrated Risk Management Platform has proven to be a valuable tool for organizations across various departments and …
Overview
What is Archer?
RSA Archer, from the security, governance, and risk division of RSA Security is an integrated risk management / GRC platform.
Recent Reviews
Popular Features
- Risk management (11)10.0100%
- Incident management (13)10.0100%
- GRC policy management (13)9.999%
- Common repository of GRC items (12)8.787%
Pricing
N/A
Unavailable
What is Archer?
RSA Archer, from the security, governance, and risk division of RSA Security is an integrated risk management / GRC platform.
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
76 people also want pricing
Alternatives Pricing
What is Egnyte?
Egnyte provides a unified content security and governance solution for collaboration, data security, compliance, and threat detection for multicloud businesses. More than 16,000 organizations trust Egnyte to reduce risks and IT complexity, prevent ransomware and IP theft, and boost employee…
What is ManageEngine DataSecurity Plus?
ManageEngine's DataSecurity Plus is a software solution to help users find, analyze, and track sensitive personal data—also known as PII/ePHI— residing in Windows file servers and failover clusters.
Features
Return to navigation
Product Details
- About
- Tech Details
- FAQs
What is Archer?
Archer Technical Details
| Operating Systems | Unspecified |
|---|---|
| Mobile Application | No |
Frequently Asked Questions
RSA Archer, from the security, governance, and risk division of RSA Security is an integrated risk management / GRC platform.
Reviewers rate Risk management and Incident management highest, with a score of 10.
The most common users of Archer are from Enterprises (1,001+ employees).
Comparisons
Compare with
Reviews and Ratings
(49)
Community Insights
TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!
- Business Problems Solved
- Pros
- Cons
RSA Archer Integrated Risk Management Platform has proven to be a valuable tool for organizations across various departments and functions. Users have reported using the software to streamline business processes, improve efficiency, and address governance and compliance issues.
One of the key use cases of RSA Archer is in the field of security operations. Users have found it effective in monitoring and implementing controls against cyber attacks and threats. The software integrates with all sources of security alerts and incidents, aiding in prevention, detection, and reaction to security incidents impacting confidentiality, availability, and overall security. It provides a comprehensive solution for managing security operations and helps organizations stay vigilant in protecting their assets.
Another significant use case of RSA Archer lies in its ability to address governance and compliance challenges across the enterprise. Users have reported utilizing the platform for policy and business continuity governance, as well as network monitoring through Security Analytics. The software also aids organizations in meeting external legal, regulatory, and contractual information security requirements by providing tools for compliance management. Additionally, RSA Archer helps manage vendor relationships, contracts, and risk policy exceptions, allowing organizations to effectively manage vendor risk.
Internal audit departments have found RSA Archer to be an invaluable tool for tracking company controls, processes, policies, standards, and changes. The software streamlines the internal audit process by providing visibility into controls design and operating effectiveness throughout the entire organization. It also helps track audit finding remediation and facilitates questionnaire completion during the financial reporting process. Through its approval workflow capabilities, RSA Archer improves accuracy and audit trail when dealing with international footprint.
Organizations seeking consolidation of their systems have found value in implementing RSA Archer. By consolidating their in-house built systems onto a common platform, teams benefit from reporting consolidation and collaboration. This allows for more efficient risk management practices across different departments within an organization.
Overall, users have found that RSA Archer Integrated Risk Management Platform provides a comprehensive solution to address various organizational needs such as security operations management, governance and compliance, internal audit, and system consolidation. The software has proven its effectiveness in streamlining processes, improving efficiency, and aiding organizations in meeting their risk and compliance requirements.
Integration Capabilities: Multiple users have expressed their satisfaction with RSA Archer's integration capabilities, stating that it seamlessly connects with various enterprise systems. This has greatly streamlined business processes and eliminated the need for manual data entry.
Comprehensive Control Standards: Many reviewers have commended RSA Archer for its robust control standards and procedures. They appreciate how the platform provides a framework to address multiple regulatory sources, ensuring compliance with various requirements.
User-friendly Interface: Several users have praised RSA Archer as a user-friendly platform with an easy-to-navigate interface. They find it highly accessible and appreciate the ability to customize the platform without requiring programming skills, allowing them to tailor it to their specific business needs.
Insufficient Documentation for Administrators: Users have found the documentation provided for administrators to be lacking, particularly in areas such as workflows, exporting data, and generating reports.
Challenges with User Interface: Many reviewers have criticized the user interface of the Archer platform, stating that it is not intuitive or user-friendly, especially for non-IT users.
Attribute Ratings
Reviews
(1-13 of 13)Companies can't remove reviews or game the system. Here's why
December 20, 2021
Archer - Risk Manager
RSA - Archer Integrated Risk Management Platform used for security PIN to login into the secure firm network, to avoid any data breaches or unauthorized access to the systems.
- Verify User Authenticity
- Quanitfies the business risks presented on a clear dashboards
- Eliminates the use of multiple third party software's to address risk parameters.
- Online Help system & monthly updates available for users
- Option to link all the firm standards software's to be launched through SSO
- Risk Patches to be embedded in firms custom built applications.
January 15, 2021
A strong and effective governance, risk and compliance solution
The risk management process at our organization is driven from the top. The board and executive team are aligned with risks we as a company are exposed to and what are the steps we are taking to mitigate or minimize them. The goals and targets are set for various key functions and stakeholders involved to manage risks. The scope of RSA Archer is not just limited to one or two departments, it is being used by the entire organization.
We are a highly compliance driven organization who deals with sensitive data of our clients across variety of industries globally. We are also exposed to multiple checks and reviews based on various standards, regulations and contracts throughout the year. Hence governance, risk and compliance is a mission-critical to our business strategy. RSA Archer helps us manage it effectively across the organization.
- Visibility into key risks areas help manage budgets in addition to better decision making capability.
- Policy management reduces workload of HR and Compliance and providing them better visibility in the system.
- Automation of various processes including policy management, internal audit and contractual compliance is helping internal functions to reduce human factor and also to increase efficiency.
- Dashboard view for management now helps review risks in real time.
- User interface has improved over last few versions but it still has a room to improve.
October 01, 2020
Third Party Relationship Records and Due Diligence
The whole organization uses RSA Archer across multiple subsidiaries to document relationships, risks, assets and controls. It effectively links issues to vendor relationships and assets while automating assessments within workflows. The dashboard capability allows for a wide range of customization for multiple types of users, offering a rich KPI experience.
- RSA Archer provides robust ad-hoc reporting.
- RSA Archer provides very detailed control over workflows and their customization.
- RSA Archer provides multiple systems for the different needs of corporate governance.
- RSA Archer scripts run particularly slow.
- RSA Archer doesn't leverage calculated fields efficiently.
- RSA Archer doesn't have pop-up windows or peek windows into hyperlinks.
September 15, 2020
Good software for audit findings and questionnaires
This software allows us to track our audit finding remediation and complete questionnaires during our financial reporting process. It is administered and was selected by our internal audit group for their primary needs of finding remediation. They offered its use to Finance (no additional cost), for us to complete our financial reporting questionnaires and certifications with our controllers and functional leaders. It solves the business problem of approval workflow for our international footprint. I can’t speak much to the ROI, but can say that the accuracy and audit trail has improved.
- Approval workflow.
- Response rating for exceptions.
- Statistics reporting.
- Color scheme difficult to read.
- Eliminate the instance number login.
- Better navigation.
May 29, 2019
RSA Archer-- eGRC Tool
RSA Archer is being used by four major departments in the organization which require compliance and governance. It manages routine tasks, client profile creation, policy management, etc. It is a tool to adhere to compliance and e-governance in the organization. The tool is not built for small scale companies and, in my opinion, mammoth firms can achieve great benefits from this.
- The auditing feature is amazing and, also, it is the basis to opt for RSA Archer.
- One can configure and create processes as the department needs.
- In disaster recovery exercises, it is one of the best tools available in the market.
- They release time to time updates, which causes issues in the GUI. However, one has to be careful while installing the update.
- There is no open and free academy to learn more about the tool.
- One cannot stay to a particular product version, they have to move to the next version to keep up with the changes.
July 26, 2018
Archer is a quiver full of functionality!
RSA Archer was implemented to consolidate over a dozen in-house built systems. It allowed us to consolidate reporting and move teams to a common platform.
- Configurable User Interface
- Hosted in Cloud
- Economical Solution
- Common Implementation/Training
- Consolidated Reporting
- Fully understand requirements before implementing, especially if looking for a common user experience
- Can be supported with FTE's, but make sure you have a few trained to support the app, otherwise consulting support will be required.
- Understand integration/connectors as these may add cost to your projects.
July 02, 2018
Old and outdated product, needs an overhaul
We use Archer to manage vendor relationships, vendor contacts, vendor contracts, risk/policy exceptions, and various other vendor risk uses. It is used enterprise-wide and is a key part of doing any work with a third party. We have used different versions of RSA Archer over the years and the team is trying to get the application to the most current platform/release.
- It provides a central point to store all vendor information, which for us includes the vendor name, contact info and related agreements/contracts.
- It provides a central point to store all IT Risk Policies and any active exceptions to those policies. This allows the user to manage their exceptions and submit new items as needed.
- It allows us to manage 3rd party risk via a questionnaire that is required for all new agreements with vendors.
- The technology is poor and seems very out of date. Drop down selections are horrible, the menu system is antiquated and you have to click next multiple times to see all possible choices.
- The interface is very hard to navigate and the functions and flow of the application does not make a lot of sense. When I interact with the application I feel like I am using old technology. The menu system and forms feel old and out of date. It is very hard to submit a form because it is impossible to identify the required fields until you try and submit the form.
- Workflows and email notifications are not intuitive or easy to understand. Once you submit a form and the workflow begins, the other participants can only approve or reject, there is no option to edit. So they end up rejecting and making you as the submitter edit and re-submit which starts the process again. The workflow piece of the app is very clunky and hard to work with, I would not recommend it to others.
February 23, 2018
Make GRC experience great with RSA Archer
In my own organization RSA Archer is used to manage Security operations center, manage the organizational assets, their Risk and compliance assessments.
It is being used by departments reporting to the CISO
The business problems that it helps solve is to monitor and implement controls against cyber attack’s and threats. The SecOps module of Archer helps with integrating with all sources of security alerts and incidents affecting the organizational assets, remediation activities required to prevent, detect and react to incidents impacting security (confidentiality, integrity availability) and thereby having the up-to-date information on the security posture of the organization
- Integration capabilities to multiple enterprise systems
- Control standards and Procedures to address multiple regulatory/authoritative sources, standards and frameworks enabling test once satisfy many requiremnts
- Rapid application development and User friendly tool with configuration capability to customize easily without user requiring programming or coding skills
- Periodic Updates to contents on controls standards and procedures based on updates additions authoritative source and standards
- Effectively handle changes in advanced workflow to inflight records
June 28, 2016
Archer, the audit findings destroyer!
RSA Archer is being used in the IT department to manage and provide governance over policies and business continuity. It is also being used for network monitoring through the Security Analytics solution. It addresses the governance issues across the enterprise. It allows us to manage all our our BCM documents in an executable and actionable framework.
- Solution customization
- Accessibility to information
- User friendly interface
- Workflows
- Exporting Data
- Reports
June 17, 2016
A short and sweet review about RSA Archer
RSA Archer is being used by my organization within the Internal Audit department to track various company controls, processes, policies, standards, and changes. Additionally, my organization uses RSA Archer to streamline the internal audit process. This helps Internal Audit to have visibility into all controls and their design and operating effectiveness across the entire organization.
- Makes it easier to streamline running reports.
- Consolidates various modules into one tool - Change Management, Access Management, Key Frameworks (FFIEC, ISO 27001/2, NIST, etc.).
- Everyone can see the information in real-time to ensure team collaboration.
- Very complex and can present a steep learning curve initially.
- May be difficult for non-technical users to understand the process flow of the tool for various modules.
- Documentation for the product is sometimes incorrect or has missing information that is needed to understand how a process works within the application.
June 13, 2016
Is it really worth the money?
RSA Archer will be implemented enterprise wide. There are several key obligations to meet, that are driving the business need to manage information security risks, legal and regulatory and contractual compliance.
- Meet external legal and regulatory and contractual information security and compliance requirements across all business units and in the more than 29 countries.
- Meet internal company policies and audit requirements for business process and technology improvement.
- Manage contractual third-party risks due to subcontractors and/or commercial vendors.
- Demand for security governance, risk and compliance services that cannot be met today.
- Archer does a very good job at reporting. Management likes to be able to view data in graphical format which Archer dashboards, iViews are easily created with data from across various applications so that management has a single view of all the data required to make informed decisions.
- Calculations across multiple applications that roll up to give you a risk appetite for the organization.
- Integrations to popular security tool, rss feeds, to identify possible data breaches before they become an incident.
- Ease of development of the application. Do not need a programmer or know how to code to customize the platform to your company's business needs and processes.
- Documentation for the product is sometimes incorrect or has missing information that is needed to understand how a process works within the application. No documentation for data feeds or how to build them on your own. Need to have professional services.
- Training of the application or platform administration does not go into enough depth. You really have to play around and see how Archer applications cross reference each other. Solution diagrams do not come out clearly in MS Visio.
June 08, 2016
RSA Archer - A Straight Shot Review
As an Archer consultant, I work with many different types of organizations who are deploying Archer for the first time, or are looking to build upon its capabilities. I have seen instances where it is leveraged both organization wide, or just for a particular department. Archer excels at introducing efficiency to any type of business process, from managing enterprise risk, to tracking non-IT incidents, to implementing a robust vulnerability management program.
- Introduces efficiency in business processes to reduce cost.
- Automation which reduces time and errors.
- An incredible amount customization capability for the platform.
- Archer is not great at getting data and/or reports back out. There are different options and sometimes they meet the requirements, but often times they come up short.
- Documentation for administrators could be more in depth.
December 11, 2015
Using RSA Archer to manage IT risks
RSA Archer is mainly used by the Technology Governance, Risk and Controls team to manage IT related risks.
- Reliable platform
- Good support
- Allow organizations to customize the tool accordinng to their own needs
- Be more user friendly (for non-IT users)
- Improve approval workflows