Traditionally, Governance, Risk and Compliance (GRC) functions have relied on manual, human-driven approaches to self-assess and assure that controls are deployed and implemented correctly. To assure a complete control set across all assets, a typical enterprise requires very large teams at considerable expense, or they’re only able to test a sample of controls and assets, on an infrequent basis, with the budget available. Additionally, the veracity of the results of this process is questionable because humans are prone to error. Finally, because the assessment process is manual and costly, it can’t be conducted frequently, leading to out-of-date and inaccurate results.
Panaseer has developed an integrated solution with RSA Archer for Automated Controls Assessment & Assurance. Combining Panaseer’s extensive data connector catalogue and scalable data platform, Panaseer can integrate directly with the control systems to collect data to generate complete device inventories and compute metrics that measure control deployment and control performance. These device inventories and metrics are automatically fed into RSA Archer for continuous controls assessment.