Old and outdated product, needs an overhaul
July 02, 2018
Old and outdated product, needs an overhaul
Score 2 out of 10
Vetted Review
Verified User
Overall Satisfaction with RSA Archer
We use Archer to manage vendor relationships, vendor contacts, vendor contracts, risk/policy exceptions, and various other vendor risk uses. It is used enterprise-wide and is a key part of doing any work with a third party. We have used different versions of RSA Archer over the years and the team is trying to get the application to the most current platform/release.
- It provides a central point to store all vendor information, which for us includes the vendor name, contact info and related agreements/contracts.
- It provides a central point to store all IT Risk Policies and any active exceptions to those policies. This allows the user to manage their exceptions and submit new items as needed.
- It allows us to manage 3rd party risk via a questionnaire that is required for all new agreements with vendors.
- The technology is poor and seems very out of date. Drop down selections are horrible, the menu system is antiquated and you have to click next multiple times to see all possible choices.
- The interface is very hard to navigate and the functions and flow of the application does not make a lot of sense. When I interact with the application I feel like I am using old technology. The menu system and forms feel old and out of date. It is very hard to submit a form because it is impossible to identify the required fields until you try and submit the form.
- Workflows and email notifications are not intuitive or easy to understand. Once you submit a form and the workflow begins, the other participants can only approve or reject, there is no option to edit. So they end up rejecting and making you as the submitter edit and re-submit which starts the process again. The workflow piece of the app is very clunky and hard to work with, I would not recommend it to others.
- I feel like this tool's limits our ability to have updated policies and procedures. It seems like the application is so archaic that we have to scale our policies down so they will fit within the system. This is not an optimal way to run an IT organization.
- It has allowed us to standardize all vendor contact info and risk policies in one place. That is really the only value we are getting from the application.
- It also seems to have poor integration options with other apps. The data in RSA Archer should be sent to tons of other systems as it is important but this seems overly complex and limited options for actually achieving this.