Skip navigation
All Places > Products > RSA Archer Suite > Blog > Author: Susan Read-Miller

RSA Archer Suite

14 Posts authored by: Susan Read-Miller Employee

Welcome to 2021! Feel free to join me in expressing a collective sigh of relief!  The Archer Exchange team and our partners are excited to start the year off with new offerings for you, along with updates to some of your favorite existing offerings.


Through the Archer Exchange, we strive to provide you with capabilities that address specific needs for your industry, geographic location, and more.  I am very excited to share that Archer Exchange Technology Partners are now sharing Content offerings --pre-mapped collection of best-practice policies, control standards, legal and regulatory requirements, industry standards, and assessments -- via the Archer Exchange. Cogris is the first to provide region-specific content, with the addition of the Turkish Regulation on Banks' Information Systems and Electronic Banking Services authoritative source to the Archer Exchange content library.  We look forward to bringing you new, regional and localized content in future announcements for the Archer Exchange via our Archer Exchange Technology Partners! 


This quarterly announcement highlights a total of 33 new and updated offerings to the Archer Exchange, including:



  • Tools & Utilities: Archer is excited to introduce a new favorite tool & utility – Archer Data Feed Initiator. The Archer Professional Services team developed this offering to enable execution of a data feed on-demand within the Archer interface.




With 33 new and updated Archer Exchange offerings this quarter, we know that is a lot to take in at one time. Not to worry! The Archer Exchange team will be hosting several Free Friday Tech Huddles over the next month to highlight new and updated offerings and provide additional details and demonstrations.  Please join us to learn more! 


Note:  Free Friday Tech Huddles are available to existing Archer customers. If you are not yet a customer but interested in learning more, please contact your local representative or authorized reseller.

With today’s launch of RSA Exchange Release R8, we’re excited to bring you new offerings that can help you in continuing to advance in your integrated risk management (IRM) journey.


One RSA objective for this year is delivering advanced IRM capabilities to help your organization achieve greater visibility and insights. RSA Exchange Release R8 is one of our largest releases to date and brings to market new capabilities in managing tax risk and strategic risk, as well as managing your organization’s conflict of interest policies with gift registration. In addition, 13 new and updated integrations offer enhanced insight from industry-leading software providers, and 6 new authoritative sources can help widen your view of risk.


The RiskRecon integration has been updated to optimize the new RSA Archer Third Party Security Risk Monitoring use case, which is now generally available.


Here is a full list of the new and updated offerings available in Release R8.






There are so many new capabilities available in Release R8, and I know it can be overwhelming.  My suggestion is to start by reviewing the product advisory to learn a bit more about each of the new and updated offerings.


Next, I invite you to join me for a Free Friday Tech Huddle on Friday, May 31 for an overview of the RSA Exchange Release R8 offerings. Christine Tran will also provide a demonstration of the new RSA Archer Strategic Risk Management and RSA Archer Gift Registration app-packs.


Lastly, there is a wealth of documentation, downloads, and more on the RSA Exchange on RSA Link.  I recommend that you bookmark the listing of all RSA Exchange offerings. And if you have new ideas for the RSA Exchange, please send them our way on RSA Ideas

It seems hard to believe, but it’s been ONE YEAR since we re-launched the RSA Exchange in August 2017!


Over the past 12 months, we’ve completed 5 quarterly releases with 8 app-packs, 6 tools & utilities, 41 integrations, and added the RSA Archer Content Library – WOW! With nearly 120,000 views of RSA Exchange offerings, it’s clear that the RSA Exchange is a big hit with RSA customers like you. And there’s much more to come!


Today, RSA is pleased to announce availability of RSA Exchange Release R5. This release includes a new app-pack, three new tools & utilities, four new integrations, and eight content offerings. Release R5 also includes updates to several existing offerings.


New offerings include: 

  • App-Pack - pre-built applications addressing adjacent or supporting GRC processes (e.g. niche, industry, geo-specific)


  • Tools & Utilities - pre-built functions enabling administrators to more easily manage their RSA Archer implementations




Release R5 also includes updates to existing RSA Exchange offerings and content, including:


  • App-pack: RSA Archer Cybersecurity Framework Management
    • Support for NIST Cybersecurity Framework version 1.1, including informative reference relationships to authoritative sources
    • Track NIST CSF version for cybersecurity assessments
    • Automate cybersecurity assessment scoping based on business process
    • Select multiple functions, categories, or sub-categories for the cybersecurity assessment
    • Analyze capability gaps at the category level
    • Identify business processes with cybersecurity profile gaps
    • Approve cybersecurity profiles user electronic signature capabilities


  • Tool & Utility: Archer Experts Records Retention
    • Export attachments in bulk from applications, questionnaires, and sub-forms
    • Schedule one-time or recurring content exports



Content library packages are available on the RSA Exchange Documentation & Downloads subspace. All offerings are available via the RSA Exchange on RSA Link. We’ve also added a complete list of all RSA Exchange offerings, including implementation guides, demo videos, and installation guides where available.


Be sure to stop by the RSA Exchange demo area at RSA Archer Summit 2018 in Nashville to see the new offerings in action. !f you have ideas for future RSA Exchange offerings, be sure to submit them to RSA Ideas.


See you in Nashville!

RSA Exchange Release R4 is now available! We’re excited to introduce two new app-packs and nine new integrations. Plus, we’re introducing the RSA Archer Content Library on the RSA Exchange.


As you’ve likely heard, the RSA Exchange helps you easily access and download best-practice App-Packs, Integrations, and Tools & Utilities. The RSA Exchange features offerings that leverage On-Demand Applications created by RSA and RSA SecurWorld Partners, known as App-Packs, via the RSA Link online community. It also highlights RSA Ready certified Integrations that enable you to pass risk data between the RSA Archer Platform and third party software, as well as Tools & Utilities to help administrators manage the Platform.


The newest RSA Exchange offerings in Release R4 include:


  • App-Packs - pre-built applications addressing adjacent or supporting GRC processes (e.g. niche, industry, geo-specific)


  • Integrations – pre-built data exchange configurations bringing data into and pushing data out of the RSA Archer Platform

 RSA Exchange Offering Types


Interested in learning more about these Release R4 offerings? Check out details on the RSA Exchange and join us for these upcoming Free Friday Tech Huddles:

  • May 25 – RSA Exchange Release R4 overview
  • June 8 – Introduction to the RSA Archer Strategic Planning and RSA Archer Model Risk Management app-packs
  • June 15 – Introduction to the Tableau Web Data Connector integration
  • June 22 – Introduction to the BigID integration
  • June 29 – Introduction to the Wolters Kluwer integration


Please note, Free Friday Tech Huddles are available to existing RSA Archer customers. If you are not yet a customer but interested in learning more, please contact your local representative or authorized reseller.

It’s that time again - the third release for the RSA Exchange is here!


We’re introducing a new App-Pack for document request tracking and a new Tool & Utility for user profile and contact synchronization, along with 12 new Integrations.


We’re very pleased that the RSA Exchange has been such a big hit, with more than 40,000 views to-date! Since we kicked off the RSA Exchange in August 2017, we’ve delivered five App-Packs, four Tools & Utilities, and 27 Integrations as offerings via the RSA Exchange.RSA Exchange Offering Types


In case you haven’t heard about or checked out the RSA Exchange yet, it helps you easily access and download best-practice App-Packs, Integrations, and Tools & Utilities. The RSA Exchange features offerings that leverage On-Demand Applications created by RSA and RSA SecurWorld partners, known as App-Packs, via the RSA Link online community. It also highlights RSA Ready certified Integrations that enable you to pass risk data between the RSA Archer Platform and third party software, as well as Tools & Utilities to help administrators manage the Platform.


Let’s get to the good stuff -- here are details for the RSA Exchange Release R3 offerings:

  • App-Pack: RSA Archer Documentation Request Tracking provides an automated governance process for capturing and approving requests for documentation. Internal teams can request official documentation or legal reviews for internal teams, customers or vendors. The app-pack captures requester contact information, request priority, and documents the impacted business units, process, applications, products, and services. Upon request approval, the documentation can be shared by the approver or subject matter expert.   Documentation Request Tracking also helps your organization measure and manage request expected delivery and SLA timeframes.


  • Tools & Utilities: RSA Archer User Profile and Contact Synchronization provides an automated method for connecting and synchronizing the User Profile system data with the Contacts application. This offering uses the RSA Archer RestAPI and a data feed to synchronize key attributes such as first and last name, user name, email address, phone number, language, and more. 



Interested in learning more about these latest offerings? Check out the details on the RSA Exchange and join us for these upcoming Free Friday Tech Huddles:

  • March 9 – RSA Archer Release R3 overview
  • March 23 – Symantec Control Compliance Suite (CCS) integration demonstration

Congratulations, your use case is live! You have successfully automated your business process with RSA Archer. After a team high-five and a few moments of contemplation of your team’s shear awesomeness, you hear the “ding” of your email inbox wind up like a month-long holiday radio station. Upon reviewing said inbox, you note a growing list of requests asking:

  • Would you grant access to this great new business process for my whole team?
  • Can I request a data import to speed up the data entry process?
  • I love this report…but could we tweak it to add X value?
  • Can we add another status option to field Y?
  • Can we use RSA Archer to manage Z risks? How about our Friday donut club?
  • Oops! I accidentally added this record. Could you delete it for me?


In the RSA Archer world, a successful risk and compliance program can feel like you’ve climbed the highest peak. And past the peak, that success can overwhelm your team post-implementation with a snowball of requests for enhancements, access requests, and more. Complicating matters, these requests are usually emailed to the GRC team or business process owner and often lack the necessary details needed to adequately define the request’s requirements. Large volumes of these type of requests can overwhelm business process owners and Archer admins who are typically responsible for reviewing the requests, evaluating their impact to the existing business process, and determining their priority to the business. Organizations must establish a governance process to manage and prioritize these requests as their volume increases.


At RSA Charge in October, one of our amazing presenters provided an all too familiar example highlighting the need for a change request program. As their team prepared a business process demonstration for the on-site bank examiners, they noticed a field in their application records suddenly appeared blank. After careful review, it was determined that another team using this “shared” application in RSA Archer decided they weren’t using that particular field…and deleted it.


Unfortunately, this is not an uncommon scenario. But there are two steps that your organization can take to minimize the potential this scenario will happen to you.


Step 1: Institute an RSA Archer Control Board

Business processes require oversight and governance; so does the technology that automates and manages those business processes. A Control Board can ensure that any enhancements or changes to the business process complement or enhance the current risk management process within your organization. An RSA Archer Control Board is responsible for your organization’s RSA Archer roadmap and can review short term minor changes as well as plan for larger projects in the future that may involve more staffing and investment.


The Control Board reviews proposed requests and evaluates the impact the requested change may have to other business processes, applications, questionnaires, calculations, reports, iViews, workspaces, and more. In addition, this team can prioritize the requests based on business need, impact, legal review, effort, and more.


Fortunately, there are many mountain climbers that have forged a successful path ahead and can offer guidance on setting up Archer Control Boards. In fact, several presenters provided their best practices and lessons learned at RSA Charge 2017 and their presentations are available (here and here) on the RSA Archer community. (Please note, these links require access to the RSA Archer Customer/Partner Community.)


Step 2: Automate Your Support Request Process

Managing change requests for your RSA Archer implementation is simply a governance business process. So, why not automate it?


The good news: RSA Archer has done all of the hard work for you! On November 14, we released the RSA Archer Support Request app-pack to capture end user requests for enhancing RSA Archer business processes. Organizations can easily manage their business teams’ ideas including:RSA Archer Support Requests Business Process Owner Dashboard

  • Business process improvements, innovations, or changes;
  • Suggestions for new reports or changes to existing reports;
  • Requests to delete records;
  • Proposals for updating dashboards and iViews;
  • Enhancements application layouts;
  • User access requests, and more.


In addition, the RSA Archer Support Requests app-pack assists business process owners in defining enhancement requirements, level of effort, and prioritizing incoming requests. Once the request has been approved, the RSA Archer Administrator can manage the development status and document progress as the request is being developed and deployed. 


With RSA Archer Support Requests, your Control Board can track, prioritize, and implement requested changes to your RSA Archer implementation allowing your organization to quickly respond to business requests and minimizes disruption to the system and existing business processes.


Interested in learning more about the RSA Archer Support Requests app-pack? Join us for a Free Friday Tech Huddle on December 1, 2017. In addition, a demonstration video is available on the RSA Exchange. Check it out and let us know what you think!


RSA Archer Support Request - Request for Access

RSA Archer Support Request for Access


RSA Archer Support Request - Completed Request for a Report Enhancement

Completed Request for a Report Enhancement

In regulated industries such as financial services, banking, insurance, and energy, periodic examinations by regulators and auditors are a regular occurrence. They might follow up on a workers compensation complaint; investigate misleading marketing and advertising of products, fraudulent sales practices, or inappropriate underwriting practices; complete a periodic SEC or FINRA exam; or follow up on violations found in a previous exam.


These regulatory examinations can result in costly penalties and fines and unwanted publicity. For example, in 2017 alone, the Financial Industry Regulatory Authority (FINRA) alone has assigned more than $31 million in fines and restitution.


In addition, the process of identifying, locating, and gathering all required documentation for the examiners is a time consuming and often manual process. The data required is owned by a variety of teams across the organization, which requires a great deal of coordination to collect. There are also many systems used to capture necessary evidence and retain records.  Once the exam is complete, tracking the progress and completion of exam findings and remediation actions is executed using email and spreadsheets providing little visibility on findings status and progress.


All of these challenges can be addressed with RSA Archer technology. This week, RSA Archer released the RSA Archer Exam Management app-pack on the RSA Exchange. This new app-pack helps organizations prepare for, document, and manage the processes for conducting a regulatory examination. It provides a centralized process to manage scoping, data collection, collaboration, and the post-analysis phase of an exam. Organizations can:

  • Track the phases of an exam
  • Assign, collect, and track information requests
  • Log hours worked on each phase
  • Maintain visibility into related loss eventsRSA Archer Exam Management - Exam Manager Dashboard


Using RSA Archer Exam Management, organizations benefit with the ability to:

  • Simplify collaboration and the data collection process of evidence for regulatory examinations
  • Reduce the amount of time it takes to prepare for and respond to regulatory examinations
  • Eliminate duplicate requests for information
  • Increase likelihood examiner receives accurate and complete information
  • Efficiently identify and communicate with Information Owners
  • Improve exam finding remediation
  • Enable exam owners analyze past examination results and trends to augment preparation and response to current and future exams
  • Provide visibility into exam and findings status as well as post exam data analysis to identify key trends and patterns
  • Analyze staffing costs to justify required headcount for future exams


Interested in learning more about the RSA Archer Exam Management app-pack?  Join us for a Free Friday Tech Huddle on December 1, 2017. In addition, a demonstration video for this app-pack is available on the RSA Exchange. Check it out and let us know what you think! 


RSA Archer Exam Management - Exam Record

As promised, we’re ready to offer our quarterly release for the RSA Exchange!


If you haven’t heard, the new and improved RSA Exchange helps you easily access and download best-practice ODA App-Packs, Integrations and Tools & Utilities on the RSA Exchangeofferings created by RSA and RSA SecurWorld partners, known as App-Packs, via the RSA Link online community. It also highlights RSA Ready certified Integrations that enable you to pass risk data between the RSA Archer Platform and third party offerings, as well as Tools & Utilities to help administrators manage the Platform.


First, I’d like to welcome two new partners to the RSA Exchange Technology Partner Program. This program enables RSA SecurWorld Partners to develop and offer best practice App-Packs and Tools & Utilities on the RSA Exchange. RSA Exchange Release R2 includes the first offerings from our RSA SecurWorld partners:


I am very excited to bring our partner’s offerings to you and help begin our partner’s journey with the RSA Exchange. Be sure to check out them out on the RSA Exchange.


At RSA Charge 2017 last month, I heard many stories about your risk and compliance successes, as well as the amazing response your organizations have had to GRC programs using RSA Archer technology.  One of the most common questions was “how do you handle the large volume of enhancement and new use case requests?”  Many organizations have created an on-demand application (ODA) to handle these requests.  In addition, RSA Archer has been asked to help provide a more formal process for handling the data collections process for regulatory examinations. To help address these business issues, RSA Exchange Release R2 introduces two new App-Packs:

  • RSA Archer Support Requests captures end user requests and recommendations for enhancing RSA Archer business processes and use cases. Organizations can easily manage their business teams’ ideas for process improvements and innovations by enabling end users to submit business process changes, ideas for new reports, requests to delete records, proposals for updating dashboards and iViews, specifications for enhancing application layouts, requests for user access, and more.
  •  RSA Archer Exam Management  helps organizations prepare for, document, and manage the processes for conducting an audit examination. This offering provides a centralized process to efficiently manage scoping, data collection, collaboration, and the post analysis phase of an exam. Organizations can track the phases of an exam; assign, collect, and track information requests; log hours worked on each phase; and maintain visibility into related loss events.


RSA Exchange Release R2 also highlights several new RSA Ready-certified integrations:


Interested in learning more about these offerings? If you are planning to attend the RSA Archer Summit in London this week, drop by the RSA Exchange demo pod to learn more! We also invite you to join us for a Free Friday Tech Huddle on December 1, 2017 that will highlight these offerings.  And, as always, you can visit the RSA Exchange for all of the details.

It’s back and it’s better than ever! Introducing the bigger and better RSA Exchange, formerly known as the RSA Archer Exchange or RSA Archer Focused Solutions.


RSA Archer use cases provide the foundation to help you quickly get risk management programs up and running. But oftentimes, your program requires an industry or geographic-specific business process outside the scope of RSA Archer use cases. You then create new applications from scratch using on-demand applications (ODAs) to manage adjacent or supporting risk and compliance processes.

RSA Exchange Offering Types


The new and improved RSA Exchange helps you easily access and download best-practice ODA offerings created by RSA and RSA SecurWorld partners, known as App-Packs, via the RSA Link online community. In addition, RSA Exchange highlights RSA Ready certified Integrations that enable you to pass risk data between the RSA Archer Platform and third party offerings, as well as Tools & Utilities to help administrators manage the Platform.


In our first release of the RSA Exchange, we introduced two new App-Packs:

  • RSA Archer Cybersecurity Framework Management - providing government agencies and private sector businesses a method to assess and measure their cybersecurity posture, address gaps, and report on cybersecurity in a meaningful way that is understood by all stakeholders
  • RSA Archer Project Management - offering a simple framework for managing multiple large-scale projects simultaneously, accounting for milestone scope and delivery timelines within the allotted budget, and documenting team tasks and related expenses


RSA Exchange App-Packs leverage ODAs for licensing. Each of these offerings indicates pre-requisite use cases and the number of required ODAs.


The RSA Exchange Release R1 also highlights several new RSA Ready-certified integrations including:


And there are more to come! The RSA Exchange is an integral part of the RSA Archer ecosystem, providing a faster and more flexible development cycle for RSA and RSA partners to deliver value-add offerings for your RSA Archer implementation. Look for new offerings and updates to our existing offerings on a quarterly basis.


Interested in learning more about the RSA Exchange offerings? Check out the site to learn more about the great offerings mentioned above. In addition, the RSA Exchange team will at RSA Charge! Come visit us next week, October 17-19, at the RSA Exchange demo pod in the RSA Charge Innovation Zone to learn more!

As the saying goes, “Everything is BIGGER in Texas”.











Hilton Anatole in Dallas, Texas

And RSA Charge!


This event is the biggest gathering of the RSA Archer community and risk professionals in the world. And the RSA team is ecstatic that we get to host this BIG event in the BIG state of Texas.


As a teenager, I spent my summers visiting my sister who worked and lived in Dallas. We toured the 6th Floor Museum, Six Flags, the Dallas Zoo, Reunion Tower, the Fort Worth Botanical Gardens, and J.R.’s ranch, Southfork from the hit TV show Dallas. There are so many BIG and fun attractions to guide your stay while you’re in the Dallas - Fort Worth area for RSA Charge. I’m very excited to plant my boots back in this great city that holds so many memories.


In addition to the boundless hospitality and attractions of Dallas, the RSA Charge event brings together the foremost thought leaders to tackle one of the BIGGEST topics for executives and board of directors – RISK. Whether we are talking about cyber risk, operational risk, third party risk, audit risks, resiliency risks, compliance risks, and more, the RSA Archer community at RSA Charge can discuss how they are addressing risk within their organization, learn best practices from their peers, and make new connections to help continue their organization’s risk management journey.


I have the privilege of overseeing the Risk and Compliance track Taking Command of Your Risk Management Journey. Sessions for this track are focused on approaches, strategies and recommendations to help build and mature your risk and compliance program. Over the years, I’ve watched the topics for this track mature as your programs and the risk community have matured. The sessions in this track are very well attended as our speakers are seasoned risk pros. And this year’s line-up is BIG! Here are a few highlights:

  • Our friends from AIG, ME Bank, and the BPAY Group will discuss how they are balancing their risk journey;
  • A financial services risk manager will share how their organization demonstrated value to senior leadership;
  • Lockton Companies and RSA will discuss the benefits of mitigating risk through cyber insurance;
  • Berkshire Bank and US Bank will highlight their change request programs; and
  • Duke Energy, Verizon, Raiffeisen Bank, and EY will talk about how they are using an Agile approach when implementing risk programs.


There are so many great topics in the Taking Command of Your Risk Management Journey track. Be sure to check them out and add these great sessions to your agenda. Not registered yet? Visit the RSA Charge site to register, schedule hotel accommodations, review sessions, and more.


I’ve been attending and moderating sessions for this BIG event since 2009. Having reviewed the sessions for this year’s event, I know that this is a BIG opportunity for you to learn from the best in the risk management industry and get the most out of your technology investment. I look forward to seeing you in Dallas!


RSA Charge 2017, the premier event on RSA® Business-Driven Security™ solutions, unites an elite community of customers, partners and industry experts dedicated to tackling the most pressing issues across cybersecurity and business risk management. Through a powerful combination of keynote speeches, break-out sessions and hands-on demos, you’ll discover how to implement a Business-Driven Security strategy to help your organization thrive in an increasingly uncertain, high-risk world. Join us October 17-19 at the Hilton Anatole in Dallas, Texas.

As this week’s RSA Conference 2016 wraps up, I’m struck by the transformation of this security conference over the past 10+ years. First, the enormity of RSA Conference, with early projections of more than 39,000 participants, is staggering compared with attendance 10+ years ago that was less than half that number.


Another striking difference is the people attending this conference today.  In the early to mid-2000s, RSA Conference drew a very technically savvy crowd.  Typical attire was relatively geeky t-shirts (with hysterical technical statements), jeans, and “Chucks.”  The security professional at that time was personified in the media and within organizations as “the Chicken Littles” of IT. Unfortunately, our “sky is falling” attitude  didn’t garner the type of attention we needed to help executives understand that cyber risks were inevitable and they needed to pay attention –  NOW.


Fast forward to 2016: today’s crowd is still dressed in t-shirts, jeans and “Chucks,” but you also see plenty of sport coats, khakis and suits. Not only are security professionals here to learn about the latest technology, but they’ve brought their IT management teams, business management teams, and C-level executives. These teams “get” that because cyber risks are business risks, they need to learn more about how to both avoid and address those risks. In addition, vendors are explaining their amazing technology here at the RSA Conference, using “Risk” as a shared concern and bridge between technical teams and executives.RSA Booth.JPG


Executives know that the digital technology strategies they’ve employed to grow their organizations have also introduced some level of risk. And they understand now more than ever that in order to be successful, they need a unified view of risk that factors in both cyber and business risk to drive their strategic business decisions. Coming to terms with the reality of today’s complex and changing risk landscape, security professionals, IT teams, executives and business management all understand that everyone within the organization must own risk.


Security teams now have a seat at the management table, as well as the attention of their executives. While I know all of us old school security folk try very hard not to pull out our “I told you so” card from “the sky is falling” days, we’re witnessing a revolution in “risk ownership” and it is evident here at RSA Conference 2016.


The EMEA GRC Community gathered in record numbers last week for our second annual RSA Archer GRC Summit in EMEA.  With over 300 attendees this year, we saw a huge increase in participation from our inaugural event last year – by far the largest GRC Summit in the Europe, Middle East and Africa region.  For everyone that attended, thank you for spending your valuable time to network with peers, share your knowledge and continue your Risk Intelligence journey.100642


This year’s GRC Summit featured:

    • 15 educational breakout sessions led by customers, partners and RSA subject matter experts covering topics such as GRC Program, IT & Security Risk, Operational and Enterprise Risk, Regulatory & Corporate Compliance, Business Resiliency and Third Party Governance.
    • Keynotes from Rob Gould (Vice President EMEA, RSA), Eric Erston (RSA Archer Go To Market, RSA), Malcolm Marshall (Partner, Global Leader, Information Protection, KPMG) and Ron “Chopper” Harris (Chelsea Legend, Chelsea FC) focused on the central theme of Risk Intelligence – harnessing risk and exploring opportunity.
    • 8 sponsors including KPMG (Gold Sponsor), Accenture and EY (Silver Sponsors) and Atos, WiPro, CSC, TUV Rheinland and NTT Communications (Bronze Sponsors) that shared and demonstrated their risk and compliance best practices.


100645We would like to thank all of our attendees, speakers, panelists, and exhibitors for making the RSA Archer GRC Summit EMEA such a wild success.  The educational breakout sessions have been posted on the RSA Archer Community (login is required) and pictures of the event are also available (use the password “Chelsea”).  Please take a look and share with other risk and compliance practitioners that were not able to join the event.


We look forward to seeing everyone next year!  Cheers!

The 2014 GRC 20/20 Value Award nomination process is underway.  The Value Awards recognize organizations that have implemented GRC solutions that have returned significant and measurable value.


This year, Michael Rasmussen with GRC 20/20 has many use case categories available in which you can submit a nomination including:

  • Audit Management & Analytics
  • Business Continuity Management86696
  • Compliance & Ethics Management
  • Enterprise GRC Architecture & Integration (cross department enterprise GRC strategy and implementation)
  • Enterprise Legal Management
  • Environmental Health & Safety
  • Identity & Access Governance/Management
  • Information Governance (classification & control of information)
  • Internal Control Monitoring & Assurance
  • Issue Reporting & Investigations
  • IT Security, Risk, & Compliance (IT GRC focused on information & technology)
  • GRC Data Integration, Modeling & Analytics (dealing with big risk and regulatory reporting needs in complicated environments)
  • Policy & Training Management
  • Risk Management (Enterprise or Operational Risk Management – but across organizational areas with differing risk analytic and reporting needs)
  • Third Party Management
  • Specific Issues/Risk/Regulations (e.g., Anti-Bribery & Corruption, Conflict Minerals, AML, Privacy, PCI, and hundreds or thousands more).
  • Specific issue/risk/regulation
  • Other


Nominations are due June 30, 2014.  Award recipients are notified in August and announcements will be made in early September. 


Please note that GRC 20/20 is looking for specific, quantifiable value for these use cases.  If you are interested in nominating your use case and would like some assistance, please feel free to contact Susan Read-Miller and I will be happy to provide some guidance.

RSA Archer was positioned as a Leader in the 2014 Forrester Wave: GRC Platforms report, issued last week by independent research firm Forrester Research. The Forrester Wave GRC report shows very positive evaluation of the RSA Archer GRC Platform across the board, with a focus on reviewing specific Platform features. It’s very clear that our customers once again provided Forrester with terrific feedback on the RSA Archer GRC Platform and solution offerings.


In addition to ranking GRC platforms, the Forrester report also noted the end of distinctly defined GRC Platform submarkets, such as IT GRC versus Enterprise GRC, due to growing customer interest in a consolidated platform for diverse use cases. Leaders were shown to support these diverse use cases and possess the flexibility to help customers address changing market and business demands.


We greatly appreciate the concerted efforts of our customers and various RSA Archer groups that came together to make the Leader ranking by Forrester possible.  We’re very excited that RSA Archer continues to be the only GRC solution provider rated as Leader across both the Forrester Wave GRC report and all Gartner reports for IT GRC, Enterprise GRC, and Business Continuity Management Planning.


We invite you to download Gartner reports on IT GRC, Enterprise GRC and Business Continuity Management.

Filter Blog

By date: By tag: