Skip navigation
All Places > Products > RSA Archer Suite > Blog > Author: Christine Tran

RSA Archer Suite

10 Posts authored by: Christine Tran Employee

Many organizations establish policies to provide guidance regarding conflicts of interest when conducting business with outside organizations. A conflict of interest may occur when you have a personal or financial interest with the company or person you are conducting business with. As a part of managing conflicts of interest, it is important to manage and monitor the acceptance of gifts from both parties.  

 

Gifts, entertainment expenses, and charitable donations are used frequently to build and maintain good relationships between your organization and the companies you do business with. However, if not managed properly, conflicts of interest can impact judgement and the business relationship. Most organizations implement some form of anti-bribery or conflict of interest policy to ensure employees are conducting business in an honest and ethical manner when contemplating or entering into a transaction or arrangement that might benefit one party over the other. It is crucial to ensure that any gifts, entertainment expenses, or charitable donations are within the company's policies and do not pose a conflict of interest to protect the relationships between partners, customers, vendors, and anyone else you conduct business with.

 

On May 21st, the RSA Exchange introduced a new offering to help you address your organization's requirements for gift registration.  The RSA Archer Gift Registration app-pack helps monitor the risks against violations of conflict of interest with regards to gifts, entertainment expenses and charitable donations. In doing so, you can identify requests over the organization's threshold and manage the exceptions to identify areas with potential conflicts of interest and address the issue.

 

RSA Archer Gift Registration allows you to:

  • Track gifts, entertainment expenses, and charitable donations
  • Identify and manage non-compliant expenses
  • Manage and report exceptions for approved expenses outside of the organization’s threshold
  • Provide visibility into the status of the requests

 

Interested in learning more about the RSA Archer Gift Registration app-pack? Join us for a Free Friday Tech Huddle on Friday, May 31, for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller — or visit us at www.rsa.com.

 

RSA Archer Gift Registration Dashboard

Strategies drive the overall direction of a company; therefore, one of the top priorities for every organization is to ensure strategies are executed according as planned and in a timely manner. Understanding and preparing for risks that pose a threat to your organization's strategy execution is crucial. To aid in successful strategy execution, you must implement a process to identify, assess, and mitigate any strategic risks that may impact your organization's strategy.  Some of these risks include but are not limited to:   

  • Shifts in consumer demand and preferences
  • Legal and regulatory change
  • Competitive pressure
  • Merger integration
  • Technological changes
  • Senior management turnover
  • Stakeholder pressure

 

Proper strategy execution requires prioritization of the strategic risks. With the RSA Archer Strategic Risk Management app-pack, your organization will find comfort in a consistent and repeatable process for identifying and mitigating strategic risks, while understanding the level of preparedness against risks that impact your organization's strategies, minimizing the risks for successful strategy execution.

 

This new app-pack helps you get the most from both the Risk Catalog and the Strategic Planning app-pack. With the RSA Archer Strategic Risk Management you can relate the strategic risks to the strategies defined in the RSA Archer Strategic Planning app-pack to get a holistic view of your organization's strategies and how the strategic risks impact the organization. In addition, the existing Risk Catalog lets you build an inventory of your risks, from the enterprise level down to the operational level through the Risk Register. It allows you to roll-up individual risks into macro-levels for analysis and reporting at the most relevant level. With the addition of the RSA Archer Strategic Risk Management app-pack, you now have another layer of analysis available to you. Once you have identified risks in your hierarchy that tie back to Strategic Risks, you can track them together in the new app-pack while still maintaining the hierarchical structure in the Risk Catalog. That way, you have insights both on how individual risks roll-up throughout the organization AND on how each risk can influence the strategic risks.

 

RSA Archer Strategic Risk Management allows you to:

  • Identify strategic risks within the organization
  • Relate strategic risks to organizational strategies
  • Conduct a Strategic Risk Assessment to determine risks, impacts, and level of preparedness
  • Implement Action Plans to remediate strategic risks outside of the organization’s tolerance levels
  • Monitor strategic risks to identify opportunities to mitigate risks 

 

Interested in learning more about the RSA Archer Strategic Risk Management app-pack? Join us for a Free Friday Tech Huddle on Friday, May 31, for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller — or visit us at www.rsa.com.

 

 

RSA Archer Strategic Risk Management

Strategic Risk Manager Dashboard

In the RSA Exchange R6 release, we introduced the RSA Archer Speak Up app-pack which empowers your first line of defense to Speak Up regarding concerns in the form of ideas, issues, or complaints.  Using the RSA Archer Speak Up app-pack, your employees don't have to worry about how to classify the information or where to submit it and you can receive insights from your organization to improve the business.

 

In our most recent release of the RSA Exchange R7, we updated the RSA Archer Speak Up app-pack to allow capability for anonymous submissions.  Information can now be submitted anonymously to protect the identification of whistleblowers and management can solely focus on the issues at hand.

 

With the RSA Archer Speak Up App-Pack, you can:

  • Empower users within your organization to speak up regarding the business
  • Provide ownership and accountability for information reported
  • Employ a consistent governance process for reporting information
  • Be informed of organizational risks related to Speak Up requests
  • Inspire everyone to own risk

 

Interested in learning more about the RSA Archer Speak Up app-pack? Join us for a Free Friday Tech Huddle on Friday, April 12 for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller—or visit us at www.rsa.com.

 

Thorough due diligence is a necessity when entering into an agreement or contract with another party, especially in the case of mergers and acquisitions.  However, due diligence activities can apply to any business situation requiring an investigation where proof that a "diligent" effort was put forth to obtain pertinent information in a forthcoming matter.  In the case of mergers and acquisitions, due diligence is a vital activity and can take several months of intense analysis if the target firm is a large business with a global presence.  This process often unveils risk insights and can help your organization plan for impacts to the business.      

 

Organizations need a way to define what due diligence activities are required and to track the results of those activities.  The RSA Archer Due Diligence Management app-pack enables you to define and manage the due diligence activities required for a thorough investigation of the target entity. The offering defines a framework for all due diligence activities making it consistent and repeatable, while providing visibility into the status of due diligence activities.  The due diligence framework can be defined specifically for your organization to ensure everyone within the organization is conducting the required due diligence for every target entity.  Due diligence activities are assigned and reviewed to ensure all activities have been completed, resulting in lower risk mergers and acquisitions.

 

With the RSA Archer Due Diligence Management app-pack, you can determine the scope of each due diligence project, track the due diligence tasks to completion, confirm and verify information through investigation, and provide recommendations based off of factual data and reports.

 

RSA Archer Due Diligence Management allows you to:

  • Offer a consistent and repeatable process for conducting due diligence
  • Implement a structure for due diligence checklist
  • Obtain visibility into the status of the due diligence activities required

 

Interested in learning more about the RSA Archer Due Diligence Management app-pack? Join us for a Free Friday Tech Huddle on Friday, March 29 for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller—or visit us at www.rsa.com.

 

Recent high profile cyber attacks demonstrate that cyber incidents can significantly affect capital and earnings. Cyber incidents can have financial, operational, legal, and reputational impact. Costs may include forensic investigations, public relations campaigns, legal fees, consumer credit monitoring, and technology changes. As such, cybersecurity needs to be integrated as part of enterprise-wide governance processes.

 

With the increasing volume and sophistication of cyber threats and incidents, the Federal Financial Institutions Examination Council (FFIEC) developed the Cybersecurity Assessment Tool to help financial institutions identify their cyber risks and determine their level of cybersecurity preparedness. This assessment tool incorporates cybersecurity-related principles from the FFIEC's Information Technology Examination Handbook and maps back to the National Institute of Standards and Technology (NIST) Cybersecurity Framework.  The FFIEC developed this framework to help identify factors that contribute to your organization's cyber risks.  By understanding the factors that play into your organization's cyber risk, you can assess your level of preparedness and determine what risk management practices and controls are needed to mitigate and minimize your cyber risks.

 

The RSA Archer FFIEC-Aligned Cybersecurity Framework app-pack aligns with the FFIEC and NIST standards to provide a consistent and repeatable process for determining your organization's inherent risk levels and evaluating your cybersecurity maturity level. Using RSA Archer FFIEC-Aligned Cybersecurity Framework, action plans can be created and tracked to minimize inherent risk levels or achieve a desired cybersecurity maturity level.

 

With the RSA Archer FFIEC-Aligned Cybersecurity Framework offering, financial institutions can assess and measure their cybersecurity posture, address gaps, and report on cybersecurity posture in a meaningful way that is understood by all stakeholders.  

 

RSA Archer FFIEC-Aligned Cybersecurity Framework allows you to:

  • Offer a common language to communicate requirements and progress among stakeholders (internal, partners, contractors, suppliers)
  • Provide a method to understand larger cybersecurity ecosystem
  • Apply FFIEC best practices of risk management to improve cybersecurity and resiliency of critical infrastructure

 

Interested in learning more about the RSA Archer FFIEC-Aligned Cybersecurity Framework app-pack? Join us for a Free Friday Tech Huddle on Friday, March 8 for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller—or visit us at www.rsa.com.

 

What would you do if you heard an advertisement on the radio misrepresenting a product your company offered?  I'd like to share a true story and how RSA Archer helped this organization's first line of defense own risk.

 

Sally was listening to the radio on her drive to work when she heard an advertisement about her company but the information was incorrect and misleading.  When she got to work, she didn't know who to report the information to but knew that if she didn't report it, it could cause huge impacts to their organization.  After approaching several people, she decided to call the IT help desk.  While the IT help desk typically "helps" many, they are typically a little further downstream from the risk evaluation process. After some digging, the IT help desk sent the request to the Risk Management team, who then connected Sally with the third party risk team to address the issue with the third party. 

 

When our customer approached RSA, we decided to provide a method via RSA Archer that not only addresses the problem but enables your organization to own risk.  But we took it a bit further than just a risk reporting tool. There are often brilliant ideas that could positively impact your organization. There may also be specific issues or incidents that conflict with your organization's corporate policies and procedures and someone within your organization has the knowledge needed to help avert or mitigate those issues early on. 

 

The RSA Archer Speak Up app-pack provides a mechanism within RSA Archer for the first line of defense to communicate information to your management or risk management team while leveraging workflow to review and approve the information and get it to the right team to take action.

 

RSA Archer Speak Up allows you to:

  • Submit ideas to improve the business;
  • Report issues to responsible authorities or management team within the organization; and
  • Document concerns regarding potential ethics violations, incidents, breaches, issues with third parties, and more.

 

With the RSA Archer Speak Up app-pack, your employees are empowered to speak up and own risk.  And, your management team is empowered with accountability and a consistent governance process for addressing risks.

 

RSA Archer Speak Up Business User Dashboard

Interested in learning more about the RSA Archer Speak Up app-pack? Join us for a Free Friday Tech Huddle on Friday, February 8 for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller—or visit us at www.rsa.com.

Managing Third Party contracts can be a daunting task, let alone tracking changes and approval during the negotiation process.  Between your legal department and the third party's legal department, the changes and approvals are horrendous to track and inefficient for all parties involved.  What if you had standardized contract language that was pre-approved by your legal organization?  What if you could use RSA Archer to track the clause changes and the change approvals? 

 

RSA Archer Contract Clause Management is the solution for you.  We've developed a solution to address small to mid-sized companies who do not need an entire contract management suite to assemble contracts and manage their clauses while tracking changes and approvals.  This app-pack can help you establish standard clauses to utilize in contracts.  It also tracks and manages the development, changes, and approvals of the contract clauses used in your contracts. 

RSA Archer Contract Clause Management Clause Owner Dashboard

 

With the RSA Archer Contract Clause Management App-Pack, you will have a central repository for storing standard contract clauses and contract clauses that are used in agreements with third parties, have a consistent process for creating and approving the clauses while providing visibility into changes within contracts and clauses.

 

Interested in learning more about the RSA Archer Contract Clause Management app-pack? Join us for a Free Friday Tech Huddle on Friday, January 11 for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller—or visit us at www.rsa.com.

With the increase in Cybersecurity threats in today’s world, organizations that are considered a part of our national critical infrastructure pose a much greater risk of being attacked which can place national security, the economy, and public safety at risk.  The National Institute of Standards and Technology (NIST) created the Cybersecurity Framework (CSF) as a standard and best practices in which government agencies and private sector organizations can utilize to manage their cybersecurity risks.  NIST CSF has become even more widely adopted by all types of organizations across the U.S. and worldwide.

 

The RSA Archer Cybersecurity Framework Management app-pack, released in August 2017, provides organizations with the methodology to assess and measure their cybersecurity posture, address gaps and report on cybersecurity.  The app-pack enables profile owners to catalog the current state, prioritize and core profile elements, and define their desired or targeted state outcomes for the organization’s cybersecurity program.  Assessors can then evaluate these profiles against the NIST CSF categories.  Previous assessments can be archived for comparison with a Current Profile and measure progress.  Reports and dashboards provide clear insight into the cybersecurity current state and progress being made toward the desired cybersecurity state. 

 RSA Archer CybersecurityFramework  Profile Owner Dashboard

Based on customer feedback, the RSA Archer Cybersecurity Framework Management app-pack has been enhanced and incorporates the newest version of the NIST Cybersecurity Framework that was released in April 2018.  With the updated version, customers can now automate the scope for their cybersecurity assessments based on the selected business process and analyze the Current Profile against the Target Profile not just by the NIST functions but by the NIST category or business processes.  The RSA Archer Cybersecurity Framework Management app-pack will now track the NIST Cybersecurity Framework versions for cybersecurity assessments and related authoritative sources.  In addition, Cybersecurity Profiles can now be approved using electronic signature capabilities.

 

Interested in learning more about the RSA Archer Cybersecurity Framework Management app-pack? Join us for a Free Friday Tech Huddle on Friday, September 21 for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller—or visit us at www.rsa.com.

Mathematical models are increasingly being used to inform business decisions and estimate risk in a manner that is often material to the organization. Because these models can have material impact on an organization's business strategies and financial statements, it is imperative that the models are accurate at all times. This means the models are constructed in a sound and logical manner, can accurately produce real-world predictions, and are subjected to strong change controls to ensure the integrity of the model's performance at all times.

 

A bad model can create material financial misstatements, constrain revenue opportunities, result in poor strategic decisions, create regulatory violations, fines, and sanctions, damage an organization's reputation among its customers, employees, shareholders, and regulators, and more, depending on the purpose of the model. 

Released on May 22, 2018, the new RSA Archer Model Risk Management app-pack helps organizations establish sound governance processes around the models they use to run their business on a day-to-day basis.

 

With RSA Archer Model Risk Management, you can:

  • Document your organization’s model inventory and model documentation
  • Track model and model inventory changes
  • Track model validation and approvals
  • Formally certify the model inventory is complete and up to date
  • Document validation findings
  • Analyze model performance indicators
  • Decommission models as needed

 

Organizations can benefit from:

  • A consistent and repeatable process for documenting, validating, and managing changes to models
  • Reduced unauthorized changes to the model
  • Improved accuracy of models
  • Reduced likelihood of outdated information in the model
  • Reduced financial penalties, financial losses, or unforeseen risks due to model inaccuracies or insufficient testing
  • Improved visibility into the health and status of the model inventory

Interested in learning more about the RSA Archer Model Risk Management app-pack? Join us for a Free Friday Tech Huddle on Friday, June 8 for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller—or visit us at www.rsa.com.

Organizations often struggle with turning their corporate vision into reality, especially when change occurs that requires adjustment to strategies and plans. While organizational vision and mission are typically well-established and change infrequently, strategies and plans can change due to a wide variety of internal and external factors, requiring in a shift in an organization’s strategic direction.

 

Without a coordinated approach to manage strategies and plans, a breakdown in strategy execution can keep an organization from attaining its goals. We have seen organizations lack a consistent approach to managing its strategy, operational plans, and performance. Plans and performance are typically managed in silos on spreadsheets, documents, or emails, limiting visibility and accountability.  When changes occur, the organization is unable to determine the impact and provide clear strategic direction.

 

These challenges can be addressed with the new RSA Archer Strategic Planning app-pack, available now on the RSA Exchange on RSA Link. Released on May 22, 2018, the app-pack focuses on closing the gap between strategies formulated at the executive level and operational plans and tasks developed at the tactical level. The RSA Archer Strategic Planning app-pack establishes a consistent, centralized process for managing Strategic Planning to increase the consistency of development and execution of strategies and related plans.

 

With RSA Archer Strategic Planning, you can:

  • Simplify the process of developing and executing Strategies, Strategic Plans, Operational Plans and its activities
  • Provide an audit trail to capture who created, executed, and reviewed the Strategy, Strategic Plans, and Operational Plans
  • Track the performance of Strategies through metrics and periodic reviews
  • Provide role-based access control to restrict personnel to information and tasks necessary to perform their job
  • Reduce time associated with capturing the Strategy analysis, SWOT analysis, and financial information
  • Store all Strategy information in a centralized location controlled by access roles
  • Capture changes related to Strategy, Strategic Plans, and Operational Plans through change requests
  • Simplify the communication process via an automated notification process.

Organizations can benefit from:

  • A Structured Strategic Planning process that enables top down execution of Operational Plans
  • Increased likelihood of meeting objectives
  • Visibility into current state of business performance and Operational Plans
  • Increased likelihood the organization executes its strategies
  • A consistent method for evaluating performance across functional areas
  • Assurance that Strategies become an actionable Operational Plan
  • Achieving measurable actions within Operational Plans

 

Interested in learning more about the RSA Archer Strategic Planning app-pack? Join us for a Free Friday Tech Huddle on Friday, June 8 for a live demo.   Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller—or visit us at www.rsa.com.

Filter Blog

By date: By tag: