RSA Archer Operational Risk Management

Document created by Susan Jessee Employee on Dec 1, 2015Last modified by RSA Link Admin on Sep 18, 2020
Version 23Show Document
  • View in full screen mode

Use Case for Enterprise & Operational Risk Management




RSA Archer® Operational Risk Management is a combination of use cases that are core to a typical operational risk management program, including: Top-Down Risk Assessment, Bottom-Up Risk Assessment, Loss Event Management, Key Indicator Management, Risk Catalog, and Issues Management. By integrating these use cases, RSA Archer helps risk managers implement a comprehensive operational risk management program that provides transparency through reporting, dashboards, and notification alerts. It also reinforces desired accountability and risk management culture throughout the organization.


RSA Archer Operational Risk Management enables you to catalog business processes and sub-processes, document risks associated with business processes, and mitigate controls. Risk assessments can be performed on a top-down basis through first line of defense self-assessments and through targeted bottom-up assessments. Loss events can be cataloged, and root-cause analysis can be performed and routed for review and approval. Key risk and control indicators can be established and associated with risk and control registers, respectively, and monitored to provide early warning of changes in the organization’s risk profile.


Key Features

  • Consolidated view into business processes, risks, controls, loss events, key indicators, and outstanding issues and how they are all related
  • Support for first line of defense self-assessments and top down and bottom up risk assessments
  • Efficient management of self-assessment campaigns by second line of defense stakeholders, including necessary workflow to vet and challenge first line of defense assessments
  • Capture and perform root cause analysis on internal losses and near misses, and relevant external loss events
  • Understand inherent and residual risk and observe changes in calculated residual risk while rolling up risks by business unit and enterprise risk statement
  • Robust key risk and control indicator program management to provide early warning and remediation
  • Consolidated issues management with a clear understanding at all times of the status of all open remediation plans and exceptions
  • Visibility into operational risk via predefined reports, risk dashboards, workflow, and notifications


Key Benefits

With RSA Archer Operational Risk Management, you can:

  • Gain a better understanding of risks throughout the organization
  • Improve risk management and risk culture by engaging business users to take ownership of their risks and controls
  • Quickly detect and manage changes in risk profile
  • Spend more time on analysis and less time on administration and reporting
  • Reduce time required to identify and resolve operational risk related problems
  • Reduce audit findings, surprises, loss events, and incidents
  • Demonstrate design and effectiveness of risk management program




For More Information

To learn more about RSA Archer Operational Risk Management:


To learn more about how RSA products, services, and solutions can help solve your business and IT challenges, contact your local representative or authorized reseller—or visit us at If you are an existing RSA Archer customer and have questions or require additional information about licensing, please contact RSA Archer at


RSA Archer Operational Risk Management use case screenshot 11-19-2019.jpg

1 person found this helpful