Make GRC experience great with RSA Archer
February 23, 2018

Make GRC experience great with RSA Archer

Gideon Manoharan | TrustRadius Reviewer
Score 10 out of 10
Vetted Review

Overall Satisfaction with RSA Archer

In my own organization RSA Archer is used to manage Security operations center, manage the organizational assets, their Risk and compliance assessments.

It is being used by departments reporting to the CISO

The business problems that it helps solve is to monitor and implement controls against cyber attack’s and threats. The SecOps module of Archer helps with integrating with all sources of security alerts and incidents affecting the organizational assets, remediation activities required to prevent, detect and react to incidents impacting security (confidentiality, integrity availability) and thereby having the up-to-date information on the security posture of the organization
  • Integration capabilities to multiple enterprise systems
  • Control standards and Procedures to address multiple regulatory/authoritative sources, standards and frameworks enabling test once satisfy many requiremnts
  • Rapid application development and User friendly tool with configuration capability to customize easily without user requiring programming or coding skills
  • Periodic Updates to contents on controls standards and procedures based on updates additions authoritative source and standards
  • Effectively handle changes in advanced workflow to inflight records
  • Helps accomplish Business driven risk and compliance management and achieve business objectives
  • Risk based decision making helps business to focus on what is priority and what is important
  • Continuous monitoring and improvement help sustain the business operations and continuous growth
RSA Archer stacks up against the other products in the following aspects;
Continuous innovation and improvement in user experience

Excellent support

High quality documentation on use cases for users as well as admins and practitioners

Great collaboration tools like RSA community, RSA Exchange, working groups

Frequent conventions, conferences, Summits
Suitable for any organization looking for effective risk and compliance management.

It might be less appropriate for organizations which don’t have any risk or compliance obligations and not regulated by authorities

Archer Feature Ratings

Common repository of GRC items
Risk management
Integration with Corporate Performance Management (CPM) systems
GRC policy management
Incident management