RSA Archer Exchange Release August 2020 Offerings Help Manage Security and Risk

We're excited to share some updates. First, we have a new name - the RSA Archer Exchange - that emphasizes that our offerings, integrations and content are part of RSA Archer Suite. Second, we are simplifying the release naming convention and moving from "Release R#" to "Release Month Year," making "Release August 2020" the name for the latest Exchange release. Finally, following this release, we will begin working on a continuous release cycle. This means that we will be making RSA Archer Exchange offerings available as soon as the release activities for a particular offering have been completed.

With today's launch of RSA Archer Exchange Release August 2020, we're delivering new and updated offerings to help you manage security and risk. In today's environment, cybersecurity threats exploit the increased complexity and connectivity of critical infrastructure systems and NIST has developed a risk-based Cybersecurity Framework to combat these cyber risks. NIST has also introduced a Privacy Framework. We've created the new RSA Archer NIST-Aligned Privacy Framework app-pack to allow customers to streamline the workflow and assess privacy and cybersecurity to identify gaps.

Release August 2020 includes new integrations that enable customers to prioritize documents and manage third party information in RSA Archer. In addition, we've released the RSA Archer Multi-Record Publisher tool to help customers look for records that have been marked ready for publication, and then publish and merge multiple records at the same time.

This release is packed with many new partner offerings and updates to existing offerings. Here is a full list of the new and updated offerings available in Release August 2020:

• App-Packs – pre-built applications addressing adjacent or supporting Integrated Risk Management processes (e.g. niche, industry, geo-specific)
  • Evalto Inactive User Reporting helps organizations report on inactive users assigned to records in RSA Archer.
  • RSA Archer NIST-Aligned Cybersecurity Framework has been updated to streamline the workflow and conduct assessments against the NIST Privacy Framework.
  • RSA Archer NIST-Aligned Privacy Framework helps organizations assess privacy to identify gaps and implement action plans to better protect individuals' privacy and minimize impacts to the organization.
  • RSA Archer Request & Response Tracker helps organizations track requests for information from internal or external Requestors.

• Tools - pre-built functions enabling administrators to more easily manage their RSA Archer implementations
  • RSA Archer Multi-Record Publisher triggers the mail merge process for multiple records.

• Integrations - pre-built data exchange configurations bringing data into and pushing data out of the RSA Archer Platform
  • Compliance.ai helps organizations prioritize documents through customized alerts and filters and integrates with the following use cases:
    
    • RSA Archer Issues Management
    • RSA Archer Policy Program Management
    • RSA Archer Corporate Obligations Management
  • Panorays integrates with the RSA Archer Third Party Catalog use case to synchronize cybersecurity risk, questionnaire status, and third party information and ratings between Panorays and RSA Archer.
  • RiskLens Gen 3 has been updated to leverage the new features introduced as part of the RiskLens Gen 3 platform and integrates with the following use cases:
    
    • RSA Archer IT Risk Management
    • RSA Archer Operational Risk Management
    • RSA Archer Top-Down Risk Assessment
    • RSA Archer Information Security Management System 
  • Tenable.sc integration with RSA Archer IT Security Vulnerabilities Program has been updated to leverage the Application Managed Output Writer for JavaScript Transporter.

• Content - pre-mapped collection of best-practice policies, control standards, legal and regulatory requirements, industry standards, and assessments
  • Australian Government Information Security Manual (ISM) has been updated to the latest version.
  • California Consumer Privacy Act of 2018 (CCPA) has been updated as a new Authoritative Source for the September 2018 (final) version of the law.
  • Center for Internet Security (CIS) - Critical Security Controls (requires CIS subscription) provides a recommended set of actions for cyber defense that provide specific and actionable ways to thwart attacks.
  • Financial Services Sector Coordinating Council (FSSCC) Cybersecurity Profile provides a scalable assessment that financial institutions of all types can use for internal and external cyber risk management.
  • HITRUST CSF™ has been updated to include all levels of controls and mappings to the Archer Control Framework.
  • NERC CIP has been updated to the latest version.
  • NIST 800-171 Rev 2 has been updated to the latest version.
  • NIST 800-53 Rev 5 Draft presents a proactive and systemic approach to developing comprehensive safeguarding measures for all types of computing platforms. This is the current draft version available and will be updated to the final version when released by NIST.
  • Secure Controls Framework (SCF) provides a comprehensive catalog of controls designed to enable companies to design, build and maintain secure processes, systems and applications. It addresses both cybersecurity and privacy.
  • U.S. State Breach Notification Laws has been updated to include the SHIELD Act for New York State.

For an overview of the RSA Archer Exchange Release August 2020 offerings, please join us at 11:00 am Eastern Time on Friday, August 21 for a Free Friday Tech Huddle (pre-registration required; available to customers only).

There is a wealth of documentation, downloads, and more on the RSA Archer Exchange on RSA Link. I recommend that you bookmark the listing of all RSA Archer Exchange offerings. And if you have new ideas for the RSA Archer Exchange, please submit them on RSA Ideas!