Skip navigation
All Places > Products > RSA Archer Suite > Blog
1 2 3 Previous Next

RSA Archer Suite

431 posts

For a long time, we have received your feedback, “RSA Archer provides a fantastic set of features, but if only it had equally compelling User Interface…”

 

Well, the wait is over! With RSA Archer v6.7, we just delivered the first batch of many of the UI improvements we have planned for delivery in upcoming releases. We are excited about how new UI appearance and user interaction has turned out. And we want you to be equally excited, when you get to try it out!

 

So, what has improved?

 

Global Header, Navigation Menu and Environment Bar

We have replaced complex, monolithic, counterintuitive, access all-features-at-once Mega Menu with modern, responsive and easy to navigate Global Header and Navigation Menu. The simple yet efficient navigation will speed up the learning curve for new users and eliminate the fatigue of experienced users having to click through many places for frequent, repetitive activities. 

 

Re-organization of frequently used features that existed in Mega Menu plus addition of other frequently used features  such as Type ahead global search, recent activities, assigned tasks, Back office (administration) pages, contextual search, User Preferences, Home page, Workspaces, Flexible Workspace Management control as well as Master report list greatly improves ease of access from anywhere in RSA Archer with a single click.

 

In addition, ability to customize the background and text of the new Environment bar (located above the Global Header) will help you easily identify the environment you are working on and eliminate the mistakes of doing edits in the wrong environment.

 

Global Header and Nav Menu

 

Landing page iView for first line of Defense user

While we love RSA Archer for what it has to offer, navigating RSA Archer for a new user was a daunting experience. To tackle the problem, we have added a new "Landing page iView" type so that you can create a default landing page with links to frequently used features for the first line of defense users. You will also have opportunity to improve/customize the appearance with choice of adding an image as background to the iView.

 

First Line of Defense User Landing Page

 

Appearance and Record page updates

We have modified the appearance of the User Interface. Rather than you trying to set primary and secondary options and hope for color algorithm to churn out the right color combination (which rarely happened), now you have direct control over selecting the colors of your choice and modifying the appearance.

 

The User Interface uses the system defined neutral, high-contrast color scheme to display the content while allowing you to control the color selection for prominent locations in UI such as Nav Menu, Footer and Environment bar as well as the branding logo in Global Header and the background image in Landing page iView. For more insight on this topic, please visit our other blog.

 

We also updated the Record page header to give it a modern, clean appearance and improve visibility to frequently used functions. For the records associated with application that uses the Advance Workflow (AWF), the record header also optionally displays a progress tracker aka Workflow tracker.

 

 

Dashboard and iView improvements

Along with other UI changes, we also made number of changes to Dashboard and iView such as the layout of components, color, font size, padding and other related modifications including addition of Quicklink bar.

 

Dashboard and iViews improvements

 

For the demo and better insight to the Global Header, Navigation Menu, Record page header, Appearance, First line of defense landing page, Dashboard and iView improvements, please attend this week’s Free Friday Tech Huddle . We look forward to your attendance!

You’ve given us your input and shared your feedback on features and functionality. You’ve seen updates in customer product roadmap sessions. You’ve seen exciting sneak peeks at RSA Charge 2019. And today, it’s here – RSA Archer Release 6.7 is now available!

 

RSA Archer Release 6.7 delivers enhancements designed to modernize and simplify the user experience with the RSA Archer Suite, in support of the growing importance of a cohesive view of risk and compliance at all levels of an organization. This release is the next step in the evolution of the RSA Archer user experience, with cleaner, easier-to-use dashboards and more direct, intuitive navigation.

 

Updates in Release 6.7 provide improved usability and easier accessibility to key data. Improvements to the user interface allow business users to more quickly access the data they need and more easily interpret the data. Dashboard updates enable easier navigation, with a new Quick Links bar and links to frequently accessed user actions and dashboard options that remain at the top of the page when scrolling. A new “first line of defense” iView provides business users with a clean, simple dashboard and clear access to common tasks and reports. Reporting enhancements in Release 6.7 provide added graphical context for key data, more interactive functionality, and more chart type options.

 

RSA Archer Release 6.7 dashboard

 

For RSA Archer administrators, this release includes a number of updates to extend functionality and performance, including updates to the Data Gateway feature of the RSA Archer Platform. Introduced in Release 6.4, the Data Gateway allows organizations with large data sets in external systems to connect to RSA Archer. In Release 6.7, updates enable administrators to configure the Data Gateway without the need for professional services. The Data Gateway RESTful API provides commands to add, update, and delete Data Gateway connections, content mapping, and field mapping, and new documentation provides instruction for coding a Data Gateway connector. Other new administration features in Release 6.7 include automated deployment of packaging, secure connection for FTP data feeds, proxy bypass, and much more.

 

In addition to enhancements to the RSA Archer Platform, Release 6.7 includes updates for a number of RSA Archer use cases for Public Sector, Enterprise & Operational Risk Management, IT & Security Risk Management, and Third Party Governance.

 

To learn more about RSA Archer Release 6.7, please review details in the Product Advisory. RSA Archer customers are invited to join us for a Free Friday Tech Huddle on Nov. 1 (pre-registration is required). We'll have more Free Friday Tech Huddles over the next few months to take deeper dives into Release 6.7 features. You can also check out Release 6.7 documentation available on the RSA Archer Release 6.7 subspace on RSA Link.

One of the biggest commitments we at RSA make to our customers is to provide best-in-class security products that help manage digital risk.  Our goal is to do so with maximum reliability while also requiring minimum effort on your part.  However, we know, that even best-in-class products occasionally need help to install, use, and maintain them.  While we are continuously focused on improving our support services to ensure that every interaction you, our customers, have with us is positive and quick, we realize that even the best support interaction still requires time and effort on your part.  And what’s more valuable than time?

 

With that in mind, today I am happy to officially launch our Engineering Request dashboard within the RSA Case Management portal, which will allow you to monitor progress of Engineering Requests (ER) opened on your behalf*.  Not only will you be able to see progress of your ER’s, but you will be able to do so on your own, without the need to call support for an update. 

 

To access this information, navigate to the RSA Case Management portal by clicking on My Cases in the main menu on RSA Link.    Clicking on the Engineering Requests tab will display Engineering requests that have been opened on your behalf (linked to your support cases) since January 1, 2018.  For each of these, you will be able to see its Status to know when the issue has been addressed, and if a fix is included in a release, you’ll see the release number as well.

  

Click to enlarge

 

This is just another small improvement to your support experience.  Stay tuned for the more exciting upcoming changes.

 

In the meantime, if you have any feedback on this enhancement or other ideas to continue to improve your experience, please share! 

 

* This functionality is currently only available for the RSA Archer Suite and the RSA NetWitness Platform. Additionally, you will only be able to monitor Engineering Requests that were opened directly on your behalf and are not security issues that could have sensitive information.  We will encourage you to utilize the RSA Ideas portal to manage and monitor Enhancement requests.

RSA is pleased to announce that – once again -- Dell Technologies (RSA) has been named a Leader in the 2019 Gartner Magic Quadrant (MQ) for Business Continuity Management Program (BCMP) Solutions!

 

This comes on the heels of Leader designations for Dell Technologies (RSA) in the 2019 Gartner Magic Quadrant for Integrated Risk Management Solutions and the 2019 Gartner Magic Quadrant for IT Risk Management Solutions – making RSA the only vendor to be positioned as a Leader in all three of these Magic Quadrants!

 

RSA Named A Leader in 2019 Gartner Magic Quadrant for Business Continuity Management Program Solutions, Worldwide

 

In the BCMP Magic Quadrant report, Gartner states that “organizations need a consistent and repeatable process for all aspects of BCMP development and execution. With the growing focus on resilience in day-to-day business operations — rather than on out-of-band response and recovery activities only — BCMPs need to demonstrate maturity, status and effectiveness on an ongoing basis, not just once a year.” RSA Archer use cases for Business Resiliency bring together incident response; business impact analysis; recovery planning, testing and activation; and crisis management – all critical components of a program positioned to build resiliency throughout the organization.

 

Gartner also states that “the critical capabilities of BCMP solutions center on providing business leaders with a more effective means of evaluating operational risks and business impacts, as well as planning for, responding to, recovering from and restoring after a business disruption.” The RSA Archer Business Resiliency solution integrates with operational risk management, security and third-party risk use cases to dramatically improve coordination, alignment, and visibility across these often-separate functions.

 

Finally, Gartner defines “optimal BCMP solutions as holistic, addressing the following critical capabilities: ease of use and configuration; dashboarding and reporting; and BCM tool integration.” RSA Archer offers out-of-the box capabilities that are highly configurable, along with best-in-class dashboarding and reporting. The RSA Archer Business Continuity & IT Disaster Recovery Planning and RSA Archer Crisis Management use cases are integrated with emergency mass notification and mobile partners, to put RSA Archer in the hands of people on the move during a disaster.

 

We sincerely thank our customers for sharing their valuable insights and experiences working with RSA Archer Suite with Gartner. Our community of active and enthusiastic users continue to be a driving force behind what we do, and we thank you.

 

 

 

Figure 1. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Dell RSA.

 

*Gartner, Magic Quadrant for Business Continuity Management Program Solutions, David Gregory, Roberta Witty, 12 September 2019

 

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Understanding how new regulations and standards impact your business is critical in order to reduce the risk of regulatory fines and ensure compliance of your organization. Unfortunately, the process is typically tedious, time consuming, and varies wildly depending on available resources.

 

When a new regulation is introduced, an analyst must read the new regulation and use past experience and knowledge of the organization’s internal controls and how they map to similar regulations to map controls to the requirements. In other words, this takes a lot of organizational knowledge and expertise to be done well -- and even then, it’s a spreadsheet exercise that’s a lot of copying and pasting.  While the analyst will get better at this task over time, their knowledge is lost when they move on from this position and new personnel will essentially be starting over.

 

If this were just an occasional task, this approach might be ok. But the regulatory burden for organizations has continued to grow at an increased pace over the past 20 years. Additionally, companies are making changes in their business -- geographical expansion, the addition of new kinds of business, or a digital transformation -- that open them up to new regulatory burdens..


To make this process more efficient and accurate, RSA has introduced the RSA Archer Regulatory Content Analysis use case. Utilizing machine learning and Natural Language Processing (NLP), Regulatory Content Analysis provides analysis of how you have demonstrated compliance with previous regulations by looking at the Controls in place for the requirements defined in them. Utilizing this library of information, the Regulatory Content Analysis algorithm provides you with personalized regulatory analysis, suggesting control matches for the new regulation. It also shows you analogous requirements from existing regulations to help analysts understand the similarities. All of this information is displayed in an intuitive interface that assists analysts through mapping and makes the entire process more efficient and more consistent.

 

RSA Archer Regulatory Content Analysis provides:

  • Automatically suggested controls for new regulations based on your compliance program
  • Natural language processing and machine learning to process and analyze text-based regulations
  • Highlights of similar new and existing regulations for analyst reference
  • Manually matching of content utilizing advanced search and mapping features

 

The RSA Archer Regulatory Content Analysis use case can be utilized with the RSA Archer Policy Program Management use case to demonstrate the effectiveness of the organizational controls you have in place. This combination delivers a complete solution for managing your compliance to the broad and changing landscape of regulations applicable to your organization.

Interested in learning more about RSA Archer Regulatory Content Analysis? Join us for a Free Friday Tech Huddle on Friday, September 27 for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller — or visit us at www.rsa.com.

Complaints are inevitable for any organization.  Complaints management is required by various regulations and standards, including the Office of the Comptroller of the Currency (OCC) in the United States and the Office of the Superintendent of Financial Institutions (OSFI) in Canada, just to name a couple.  If not managed correctly, tracking complaints can be difficult and not resolved in a timely manner, which can result in risk to your organization.  Some of these risks include reputational damage or financial impacts to your organization.  Regulations and standards require organizations to adhere to their guidelines on how to handle the complaints, deal with them in a timely manner and report that information back to the governing body.  

 

On August 20th, the RSA Exchange introduced a new offering to help you minimize the risk of impact from complaints, internal and external to your organization.  With the RSA Archer Complaints Tracking app-pack, you can have a consistent and repeatable process for tracking and managing complaints so you can minimize dissatisfaction from employees and customers while ensuring compliance with regulatory requirements in regards to how complaints are handled and how long it takes to resolve the complaints.  

 

RSA Archer Complaints Tracking allows you to:

  • Document complaints internal and external to the organization
  • Conduct an Investigation to determine impacts to the organization
  • Document findings and determine a course of action for resolution
  • Monitor complaint resolution and satisfaction
  • Report complaints for regulatory requirements

 

In addition, the RSA Archer Complaints Tracking app-pack can be utilized with the RSA Archer Speak Up app-pack to allow the ability to submit complaints anonymously to support whistle blower regulatory requirements.  To learn more about the RSA Archer Speak Up app-pack, please visit RSA Archer Speak Up on the RSA Exchange. 

 

Interested in learning more about the RSA Archer Complaints Tracking app-pack? Join us for a Free Friday Tech Huddle on Friday, August 23, for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller — or visit us at www.rsa.com.

 

RSA Archer Complaints Tracking

Complaint Owner Dashboard

Conflicts of interest exist in the commercial world and cannot be avoided.  Every organization conducts business with another organization or individuals.  We must understand and identify conflicts of interest and the importance of managing those conflicts of interest.  Conflicts of interest arise when an individual or organization has a competing obligation, personal or financial interest, with the individual or organization in which they are conducting business with.  Examples of relational private or personal interests include, but are not limited to, family and other relatives and personal relationships in the workplace, board or industry association memberships, investments and shareholders, secondary employment, personal relationships with suppliers, third parties, and vendors.  In addition, monetary conflicts of interest include gifts and hospitality, which are not addressed with this offering.  However, it is addressed using the RSA Archer Gift Registration app-pack.  For more information on how to manage conflicts of interest regarding gifts, entertainment, and charitable donations, visit RSA Archer Gift Registration on the RSA Exchange.  

 

Failure to manage conflicts of interest can have negative consequences for your organization.  If these conflicts of interest are not identified and mitigated properly, it could put your organization at risk which could result in reputational damage, non-compliance with regulatory requirements, and even, financial loss.

 

On August 20th, the RSA Exchange introduced a new offering to help you address conflicts of interest in your organization.  With the RSA Archer Conflicts of Interest Management app-pack, you can have a consistent and repeatable process for identifying and managing relationships internal and external to the organization while understanding the risks that may occur from those relationships and be able to mitigate and prioritize those risks.

 

RSA Archer Conflict of Interest Management allows you to:

  • Create a Conflict of Interest Profile identifying conflicts of interest within the organization
  • Conduct an Assessment to determine risks and impacts regarding conflicts of interest
  • Document findings and determine a course of action to remediate conflicts of interest
  • Monitor conflicts of interest to minimize risks

 

Interested in learning more about the RSA Archer Conflict of Interest Management app-pack? Join us for a Free Friday Tech Huddle on Friday, August 23, for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller — or visit us at www.rsa.com.

 

RSA Archer Conflicts of Interest Management

Conflict of Interest Owner Dashboard

Today, we’re pleased to announce availability of the RSA Exchange Release R9. Today also marks the 2nd anniversary for the RSA Exchange.  Let’s recap:

  • 2 years
  • 9 releases
  • 215+ offerings
  • 11 RSA Exchange Technology Partner offerings
  • 20 app-packs
  • 9 tools & utilities
  • 66 integrations
  • 120+ content offerings

The RSA Exchange is seeing amazing momentum, increasing our offering count with a release every quarter! We're so excited to share new app-packs, integrations, content, and much more to help you expand your journey with Integrated Risk Management (IRM).  

 

The RSA Exchange Release R9 continues to expand on our last release by adding another use case to support conflicts of interest.  In the RSA Exchange Release R8, we launched an offering to manage gifts, entertainment expenses, and charitable donations.  With this release, we expanded the conflicts of interest use case by developing an offering to manage conflicts of interest as it pertains to relationships internal and external to the organization.  In addition, we added another offering to manage complaints internal and external to the organization, while supporting whistle blower capabilities using the previously released RSA Archer Speak Up offering.

 

We have made lots of updates to existing content and integrations while continuing to add new content and integrations.  We previously released an integration with RiskRecon to help you monitor third party security risks within your organization.  With the RSA Exchange R9 release, you can now monitor your own company with the RiskRecon Own Enterprise Risk Monitoring integration.

 

Here is a full list of the new and updated offerings available in Release R9.

 

 

 

 

 

To learn more about what Release R9 has to offer, start by reviewing the product advisory to learn a bit more about each of the new and updated offerings.  Don't forget to check out our Free Friday Tech Huddle on Friday, August 23 for an overview of the RSA Exchange Release R9 offerings. I'll be providing a demonstration of the new RSA Archer Complaints Tracking and RSA Archer Conflict of Interest Management app-packs.

 

Lastly, there is a wealth of documentation, downloads, and more on the RSA Exchange on RSA Link.  I recommend that you bookmark the listing of all RSA Exchange offerings. And if you have new ideas for the RSA Exchange, please send them our way on RSA Ideas!  Also, don't forget to visit us at RSA Charge at the RSA Exchange booth to learn more about all our offerings to date! 

Last year about this time, I reported that Gartner had named Dell / RSA Archer a Leader in its inaugural Magic Quadrant for Integrated Risk Management. It has happened again! For the second consecutive year, Gartner positioned Dell Technologies (RSA) as a Leader in its 2019 Magic Quadrant for Integrated Risk Management Solutions. We believe this positioning speaks to the strengths of the RSA Archer® Suite in addressing today’s complex and fast-moving digital risks.

 

Gart

 A Big Thank You to Our Customers!

Participation in these analyst evaluations requires a significant commitment of time and resources, and we could not have achieved this Leader position without the support of our customers acting as references in Gartner’s evaluation. Our sincere thanks to all of you that have acted as a reference on our behalf.

 

I look forward to seeing you all at RSA Charge in September to celebrate in person!

 

Magic Quadrant for Integrated Risk Management; Published: 15 July 2019; Analyst(s):Brian Reed,  Jie Zhang

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document.
 

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

I am happy to share that for the fourth time, RSA has been positioned as a Leader in the just-published Gartner Magic Quadrant (MQ) for IT Risk Management (ITRM) Solutions

 

The field for this year’s Gartner MQ for ITRM is comprised of ten vendors. Based on Gartner analysts’ evaluation of RSA Archer Release 6.5, which included an in-depth questionnaire, product demonstration, and interviews with RSA Archer customers, Dell Technologies / RSA was positioned highest in "Ability to Execute.”

 

 

We would like to sincerely thank our customers for sharing with Gartner their valuable insights and experiences using RSA Archer solutions. Our customers and community of users are truly what continues to make RSA Archer great!

 

The Garter MQ for ITRM is the first of four Gartner MQs this year that will include RSA Archer, including MQ reports for Integrated Risk Management and Business Continuity Management Planning in the coming months, as well as IT Vendor Risk Management Tools later this year.

 

If you are just beginning to explore IT risk management, or if you are already managing a successful integrated risk management program, we encourage you to read the full report.

 

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Dell Technologies.

(Authored by Steve Schlarman, Portfolio Strategist, RSA)

It was Mark’s big shot. He finally had a meeting with Sharon, the CIO. Her schedule was so busy it was legendary, and for her to spend time with a risk analyst was a clear indicator she recognized the new challenges facing their company. Although he only had 15 minutes, Mark was prepared  – notepad at the ready, brimming with nervous energy. After some brief chit chat, he got down to business – ready to drill into a conversation about their company’s biggest obstacles; the most impactful concerns; the top of mind issues; the coup de grace that could spell disaster for the organization. He took a deep breath and went to his big money question… ‘So, what keeps you up at night? What are you worried about?’ 

Sharon beamed. She spun around to her whiteboard and spewed a litany of projects fueling their company’s digital transformation – an IoT project, SalesForce.com implementation, a massive VMWare migration and their hybrid cloud, the new employee work-at-home program, the impending customer mobile portal…

While that question got Sharon started, let’s think about this a bit differently.

With all the benefits the new digital world offers, there are a host of risks that must be managed. The major areas of risk remain the ‘usual suspects,’ such as security, compliance, resiliency, inherited risks from third parties and operational risk. However, digital business amplifies uncertainty for organizations today.  For example:

  • Digital business, by its very nature, increases the threat of cyber incidents and risks around your intellectual property and customer data.
  • The expanded connectivity and expectations of the ‘always on’ business stresses the importance of resiliency.
  • Business has evolved into an ecosystem of internal and external services and processes leading to a complex web of ‘inherited’ risks.
  • The disappearing perimeter and digital workforce is challenging how organizations engage their customers and employees.

Factors such as these are why digital initiatives are forcing organizations to rethink and increasingly integrate their risk and security strategies. 

The objective for today’s risk professional is not just about defending against the bad. Just like Mark discussing the parade of initiatives with Sharon that clearly impact their company’s future, you must be ready to help usher in a new age of digital operations. Merely riding the buzzword wave – IoT, social media, big data analytics, augmented reality... – is not enough. 

You must look at opportunities to enable innovation in your business while building trust with your customers and throughout your enterprise. Your business must be comfortable embracing risk and aggressively pursuing market opportunities offered by new technology. To do that, risk associated with the use of emerging or disruptive technology in transforming traditional business processes needs to be identified and assessed in the context of fueling innovation. You also must keep focus on the negative side of risk. Your business today demands an open, yet controlled, blend of traditional and emerging business tactics. You must help manage the ongoing risk as these transformed business operations are absorbed into the organization fully, i.e., the new model becomes the normal model of doing business.

Risk is, by definition, uncertainty. Everyone is concerned about uncertainty in today’s world. However, if we go back to the simple equation (risk = likelihood * impact), risk should be something we can dissect, understand, and maybe even calculate. While you are helping your organization embrace the advantages (positive risk) of technologies like IoT, data analytics, machine learning, and other emerging digital enablers, the volatile, hyperconnected nature of digital business amplifies the negative side of risk. It is anxiety about the unknown that leads us into that executive conversation, but it shouldn’t lead to worry.

Worry is about fear. Your executives shouldn’t be afraid in today’s world. They should have informed concerns. And you – as the security or risk person in the room – should be feeding insights to raise their visibility of the likelihood of events and diminish their distress on the negative impacts. Risk is part of riding the waves of business opportunities.

Risk is not something you should WORRY about... it is something you should ACT on.

***********

To learn more about digital risk management, click on our new Solutions Banners located in the right-hand column of each RSA product page: Third Party Risk, Cloud Transformation, Dynamic Workforce, and Cyber Attack Risk.

Many organizations establish policies to provide guidance regarding conflicts of interest when conducting business with outside organizations. A conflict of interest may occur when you have a personal or financial interest with the company or person you are conducting business with. As a part of managing conflicts of interest, it is important to manage and monitor the acceptance of gifts from both parties.  

 

Gifts, entertainment expenses, and charitable donations are used frequently to build and maintain good relationships between your organization and the companies you do business with. However, if not managed properly, conflicts of interest can impact judgement and the business relationship. Most organizations implement some form of anti-bribery or conflict of interest policy to ensure employees are conducting business in an honest and ethical manner when contemplating or entering into a transaction or arrangement that might benefit one party over the other. It is crucial to ensure that any gifts, entertainment expenses, or charitable donations are within the company's policies and do not pose a conflict of interest to protect the relationships between partners, customers, vendors, and anyone else you conduct business with.

 

On May 21st, the RSA Exchange introduced a new offering to help you address your organization's requirements for gift registration.  The RSA Archer Gift Registration app-pack helps monitor the risks against violations of conflict of interest with regards to gifts, entertainment expenses and charitable donations. In doing so, you can identify requests over the organization's threshold and manage the exceptions to identify areas with potential conflicts of interest and address the issue.

 

RSA Archer Gift Registration allows you to:

  • Track gifts, entertainment expenses, and charitable donations
  • Identify and manage non-compliant expenses
  • Manage and report exceptions for approved expenses outside of the organization’s threshold
  • Provide visibility into the status of the requests

 

Interested in learning more about the RSA Archer Gift Registration app-pack? Join us for a Free Friday Tech Huddle on Friday, May 31, for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller — or visit us at www.rsa.com.

 

RSA Archer Gift Registration Dashboard

Strategies drive the overall direction of a company; therefore, one of the top priorities for every organization is to ensure strategies are executed according as planned and in a timely manner. Understanding and preparing for risks that pose a threat to your organization's strategy execution is crucial. To aid in successful strategy execution, you must implement a process to identify, assess, and mitigate any strategic risks that may impact your organization's strategy.  Some of these risks include but are not limited to:   

  • Shifts in consumer demand and preferences
  • Legal and regulatory change
  • Competitive pressure
  • Merger integration
  • Technological changes
  • Senior management turnover
  • Stakeholder pressure

 

Proper strategy execution requires prioritization of the strategic risks. With the RSA Archer Strategic Risk Management app-pack, your organization will find comfort in a consistent and repeatable process for identifying and mitigating strategic risks, while understanding the level of preparedness against risks that impact your organization's strategies, minimizing the risks for successful strategy execution.

 

This new app-pack helps you get the most from both the Risk Catalog and the Strategic Planning app-pack. With the RSA Archer Strategic Risk Management you can relate the strategic risks to the strategies defined in the RSA Archer Strategic Planning app-pack to get a holistic view of your organization's strategies and how the strategic risks impact the organization. In addition, the existing Risk Catalog lets you build an inventory of your risks, from the enterprise level down to the operational level through the Risk Register. It allows you to roll-up individual risks into macro-levels for analysis and reporting at the most relevant level. With the addition of the RSA Archer Strategic Risk Management app-pack, you now have another layer of analysis available to you. Once you have identified risks in your hierarchy that tie back to Strategic Risks, you can track them together in the new app-pack while still maintaining the hierarchical structure in the Risk Catalog. That way, you have insights both on how individual risks roll-up throughout the organization AND on how each risk can influence the strategic risks.

 

RSA Archer Strategic Risk Management allows you to:

  • Identify strategic risks within the organization
  • Relate strategic risks to organizational strategies
  • Conduct a Strategic Risk Assessment to determine risks, impacts, and level of preparedness
  • Implement Action Plans to remediate strategic risks outside of the organization’s tolerance levels
  • Monitor strategic risks to identify opportunities to mitigate risks 

 

Interested in learning more about the RSA Archer Strategic Risk Management app-pack? Join us for a Free Friday Tech Huddle on Friday, May 31, for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller — or visit us at www.rsa.com.

 

 

RSA Archer Strategic Risk Management

Strategic Risk Manager Dashboard

Wouldn’t it be great if the size and resources of your third-party risk management team actually kept pace with your growing number of third parties? Hey, it never hurts to dream. But in case that dream never becomes a reality, RSA Archer has got your back.

 

Third-party relationships aren’t just growing in number and complexity -- they’re also growing in their potential impact to your business. As innovative companies lean into digital transformation, they’re increasingly leveraging third parties to host new infrastructure, improve customer experiences, and fuel digital-native products. So as our reliance on third parties grows, we have to ask ourselves how our risk management can work better, smarter, and faster.

 

Third-party risk management has traditionally been limited to questionnaires. These assessments remain important today, but they leave several gaps in effective risk management. First, they only tell you the risk at the "point in time" the assessment is conducted. Second, they only tell you what the third party knows and wants you to hear. They do nothing to illuminate security gaps that a vendor isn’t aware of. They tell you which controls are in place, but leave you with no assurance that those controls are operating effectively. And lastly, they’re just downright time-consuming for everyone involved, from respondents to reviewers. In a world where third parties are critical to bringing new products to market, that means hindering the pace of progress for the entire business.  

 

So how can we do risk better? The key is to maximize efficiency and minimize risk. Doing that means focusing on protecting value at risk. This requires having context for what matters to the business and where the value lies. But it’s not enough to just identify risk. Effective risk management also requires action.

 

That’s why we’re so excited to announce the new RSA Archer Third Party Security Risk Monitoring use case. While questionnaires and risk rating services alone only provide a partial view of risk, RSA Archer now enables you to build the complete picture. This new RSA Archer use case brings together business context, technical valuation powered by machine learning, objective verification of operating effectiveness, and actionable workflow to provide the most efficient, effective approach to risk management.

 

With both questionnaire-based assessments and new continuous monitoring of a third party’s internet presence, you can focus on how risk is actually implemented and operated. Prioritizing actions based on inherent business risk, asset value, and known defficiencies keeps you focused on what matters most. RSA Archer’s powerful workflow engine then ensures that the most critical issues get triaged both internally and externally for immediate response. As part of the broader RSA Archer platform for integrated risk management (IRM), you can also maximize the business value of your risk management program by providing a single place to share third party risk dashboards with stakeholders from the first line of defense, compliance, business resiliency, information security, and more.

 

Interested in taking your third-party risk program to the next level? Join us on Wednesday, May 22, 2019 at 11:00 AM Eastern for our webinar, "Third Party Risk Management: Making Sense of Your Vendor Data." To sign up, register here. Learn more about the new RSA Archer Third Party Security Risk Monitoring use case and be sure to join us for a Free Friday Tech Huddle on June 14, 2019.

With today’s launch of RSA Exchange Release R8, we’re excited to bring you new offerings that can help you in continuing to advance in your integrated risk management (IRM) journey.

 

One RSA objective for this year is delivering advanced IRM capabilities to help your organization achieve greater visibility and insights. RSA Exchange Release R8 is one of our largest releases to date and brings to market new capabilities in managing tax risk and strategic risk, as well as managing your organization’s conflict of interest policies with gift registration. In addition, 13 new and updated integrations offer enhanced insight from industry-leading software providers, and 6 new authoritative sources can help widen your view of risk.

 

The RiskRecon integration has been updated to optimize the new RSA Archer Third Party Security Risk Monitoring use case, which is now generally available.

 

Here is a full list of the new and updated offerings available in Release R8.

 

 

 

 

 

There are so many new capabilities available in Release R8, and I know it can be overwhelming.  My suggestion is to start by reviewing the product advisory to learn a bit more about each of the new and updated offerings.

 

Next, I invite you to join me for a Free Friday Tech Huddle on Friday, May 31 for an overview of the RSA Exchange Release R8 offerings. Christine Tran will also provide a demonstration of the new RSA Archer Strategic Risk Management and RSA Archer Gift Registration app-packs.

 

Lastly, there is a wealth of documentation, downloads, and more on the RSA Exchange on RSA Link.  I recommend that you bookmark the listing of all RSA Exchange offerings. And if you have new ideas for the RSA Exchange, please send them our way on RSA Ideas

Filter Blog

By date: By tag: