Skip navigation
All Places > Products > RSA Archer Suite > Blog > Author: Corey Carpenter

RSA Archer Suite

2 Posts authored by: Corey Carpenter Employee

Financial controls compliance programs are an essential part of any publicly traded company.  The Sarbanes-Oxley Act ("SOX") of 2002 set requirements for all US public companies in order to curb fraud in corporate financial reporting.  This law provides requirements to help ensure that financial information is certified and accurately reported, reducing opportunities for corporate fraud and setting severe penalties for companies that do not meet the requirements.  Many countries around the world have also adopted similar measures that mirror or closely follow SOX requirements.  


In RSA Archer 6.8 Release, we introduced the RSA Archer Financial Controls Monitoring use case to help customers manage their financial compliance programs in RSA Archer.  While some of the controls, processes and testing approaches that are part of financial compliance are shared with other programs, there are specific elements that are necessary to meet the guidelines of financial compliance regulations. The Financial Controls Monitoring use case is a refresh of the former RSA Archer Controls Monitoring Program Management use case.   The updates allow companies to perform the program-specific actions for a Financial Compliance program in tandem with other compliance initiatives.  This supports the common set of controls and "test-once/apply-many" approach across multiple compliance programs built on the Controls Assurance Program Management architecture implemented within RSA Archer. 


In addition to these architectural changes the RSA Archer Financial Controls Monitoring use case includes new applications/questionnaires and leverages features and functionality of the RSA Archer Platform that were not previously available in the former Controls Monitoring Program Management.  Capabilities of Financial Controls Monitoring have been expanded to allow for a full lifecycle of documenting, testing and updating Process Narratives, tracking the Provided/Prepared By Client ("PBC") requests and improved scoping to manage sending/communicating information with a company's External Auditors.



RSA Archer Financial Controls Monitoring provides:

  • Management of end-to-end financial compliance program for regulations such as Sarbanes-Oxley (SOX)
  • Management of data requested and provided to external auditors
  • Tracking for changes and approvals of any modifications to key processes, controls and evidence utilized as part of a financial compliance program
  • Streamlining financial compliance obligations alongside other compliance programs


Interested in learning more about RSA Archer Financial Controls Monitoring? Join us for a Free Friday Tech Huddle on Friday, June 5, 2020 for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller - or visit us at

Understanding how new regulations and standards impact your business is critical in order to reduce the risk of regulatory fines and ensure compliance of your organization. Unfortunately, the process is typically tedious, time consuming, and varies wildly depending on available resources.


When a new regulation is introduced, an analyst must read the new regulation and use past experience and knowledge of the organization’s internal controls and how they map to similar regulations to map controls to the requirements. In other words, this takes a lot of organizational knowledge and expertise to be done well -- and even then, it’s a spreadsheet exercise that’s a lot of copying and pasting.  While the analyst will get better at this task over time, their knowledge is lost when they move on from this position and new personnel will essentially be starting over.


If this were just an occasional task, this approach might be ok. But the regulatory burden for organizations has continued to grow at an increased pace over the past 20 years. Additionally, companies are making changes in their business -- geographical expansion, the addition of new kinds of business, or a digital transformation -- that open them up to new regulatory burdens..

To make this process more efficient and accurate, RSA has introduced the RSA Archer Regulatory Content Analysis use case. Utilizing machine learning and Natural Language Processing (NLP), Regulatory Content Analysis provides analysis of how you have demonstrated compliance with previous regulations by looking at the Controls in place for the requirements defined in them. Utilizing this library of information, the Regulatory Content Analysis algorithm provides you with personalized regulatory analysis, suggesting control matches for the new regulation. It also shows you analogous requirements from existing regulations to help analysts understand the similarities. All of this information is displayed in an intuitive interface that assists analysts through mapping and makes the entire process more efficient and more consistent.


RSA Archer Regulatory Content Analysis provides:

  • Automatically suggested controls for new regulations based on your compliance program
  • Natural language processing and machine learning to process and analyze text-based regulations
  • Highlights of similar new and existing regulations for analyst reference
  • Manually matching of content utilizing advanced search and mapping features


The RSA Archer Regulatory Content Analysis use case can be utilized with the RSA Archer Policy Program Management use case to demonstrate the effectiveness of the organizational controls you have in place. This combination delivers a complete solution for managing your compliance to the broad and changing landscape of regulations applicable to your organization.

Interested in learning more about RSA Archer Regulatory Content Analysis? Join us for a Free Friday Tech Huddle on Friday, September 27 for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller — or visit us at

Filter Blog

By date: By tag: