A short and sweet review about RSA Archer
June 17, 2016

A short and sweet review about RSA Archer

Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Overall Satisfaction with RSA Archer

RSA Archer is being used by my organization within the Internal Audit department to track various company controls, processes, policies, standards, and changes. Additionally, my organization uses RSA Archer to streamline the internal audit process. This helps Internal Audit to have visibility into all controls and their design and operating effectiveness across the entire organization.
  • Makes it easier to streamline running reports.
  • Consolidates various modules into one tool - Change Management, Access Management, Key Frameworks (FFIEC, ISO 27001/2, NIST, etc.).
  • Everyone can see the information in real-time to ensure team collaboration.
  • Very complex and can present a steep learning curve initially.
  • May be difficult for non-technical users to understand the process flow of the tool for various modules.
  • Documentation for the product is sometimes incorrect or has missing information that is needed to understand how a process works within the application.
  • RSA Archer provides an excellent ROI by increasing efficiency in company processes, reducing time for tasks, and reducing errors.
  • The tool provides an automated process (e.g. notifications) that allow employees to have assurance that company processes are followed (e.g. approvals workflow - change management, access management, incident management, etc.).
  • The tool takes care of a lot of tasks that would otherwise be labor intensive (e.g. requiring lots of staff hours to perform).
RSA Archer is better suited for an environment that has at least some maturity in its program. To effectively use this tool, the organization must first understand its various processes and controls in place as they have to be indicated within the tool. Although RSA Archer has "out of the box" templates for these areas, it is essential for the organization to understand these details to properly customize the tool to operate in their environment.

Archer Feature Ratings

Common repository of GRC items
Risk management
Integration with Corporate Performance Management (CPM) systems
GRC policy management
Incident management