Skip navigation
All Places > Products > RSA Archer Suite > Blog > 2020 > June
2020

The Payment Card Industry Data Security Standard (PCI DSS) was developed to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally. PCI DSS provides a baseline of technical and operational requirements designed to protect account data. PCI DSS applies to all entities involved in payment card processing—including merchants, processors, acquirers, issuers, and service providers.

 

RSA Archer PCI Management enables organizations to streamline the compliance process, simplify stakeholder participation, and reduce overall compliance effort and cost. It allows organizations to jumpstart a PCI compliance program by conducting continuous assessments and providing visibility to manage and mitigate risk.

 

The PCI Standard Security Council (PCI SSC) released a new content set in the latest PCI DSS version 3.2.1. RSA Archer Release 6.8 includes updates to the RSA Archer PCI Management use case to leverage new content and self-assessment questionnaires (SAQs) available with PCI DSS version 3.2.1.

 

RSA Archer PCI Management guides merchants through the completion of relevant self-assessment questionnaires (SAQs). It also provides packaging and export of compliance program results and attestation articles in a properly formatted PCI Report on Compliance (RoC) for easy submission and review.

 

 

Customers can show compliance to the latest version of PCI DSS 3.2.1 by:          

  • Using the new content for PCI DSS 3.2.1 available in the Authoritative Sources, Control standards, Master Controls, Question library applications.
  • Completing the required, new PCI 3.2.1 Self-Assessment Questionnaire (SAQ). 
  • Performing a full Report on Compliance (RoC) assessment which has been updated to reflect version 3.2.1.
  • Using an update to the PCI Internal Stakeholder dashboard, which includes a new landing page iView and incorporates some of the new charting capabilities that were added in RSA Archer Release 6.7.
  • Leveraging documentation updates.

Financial controls compliance programs are an essential part of any publicly traded company.  The Sarbanes-Oxley Act ("SOX") of 2002 set requirements for all US public companies in order to curb fraud in corporate financial reporting.  This law provides requirements to help ensure that financial information is certified and accurately reported, reducing opportunities for corporate fraud and setting severe penalties for companies that do not meet the requirements.  Many countries around the world have also adopted similar measures that mirror or closely follow SOX requirements.  

 

In RSA Archer 6.8 Release, we introduced the RSA Archer Financial Controls Monitoring use case to help customers manage their financial compliance programs in RSA Archer.  While some of the controls, processes and testing approaches that are part of financial compliance are shared with other programs, there are specific elements that are necessary to meet the guidelines of financial compliance regulations. The Financial Controls Monitoring use case is a refresh of the former RSA Archer Controls Monitoring Program Management use case.   The updates allow companies to perform the program-specific actions for a Financial Compliance program in tandem with other compliance initiatives.  This supports the common set of controls and "test-once/apply-many" approach across multiple compliance programs built on the Controls Assurance Program Management architecture implemented within RSA Archer. 

 

In addition to these architectural changes the RSA Archer Financial Controls Monitoring use case includes new applications/questionnaires and leverages features and functionality of the RSA Archer Platform that were not previously available in the former Controls Monitoring Program Management.  Capabilities of Financial Controls Monitoring have been expanded to allow for a full lifecycle of documenting, testing and updating Process Narratives, tracking the Provided/Prepared By Client ("PBC") requests and improved scoping to manage sending/communicating information with a company's External Auditors.

 

 

RSA Archer Financial Controls Monitoring provides:

  • Management of end-to-end financial compliance program for regulations such as Sarbanes-Oxley (SOX)
  • Management of data requested and provided to external auditors
  • Tracking for changes and approvals of any modifications to key processes, controls and evidence utilized as part of a financial compliance program
  • Streamlining financial compliance obligations alongside other compliance programs

 

Interested in learning more about RSA Archer Financial Controls Monitoring? Join us for a Free Friday Tech Huddle on Friday, June 5, 2020 for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller - or visit us at www.rsa.com.

Filter Blog

By date: By tag: