RSA Archer Top-Down Risk Assessment

Document created by Susan Jessee Employee on Dec 1, 2015Last modified by Susan Jessee Employee on Oct 23, 2018
Version 26Show Document
  • View in full screen mode

Use case for Enterprise & Operational Risk Management

 

RSA Archer® Top-Down Risk Assessment enables practitioners to document risks and controls throughout the organization. Risks can be assessed on an inherent and residual basis, both qualitatively and across multiple risk categories using monetary values. Controls can be linked to the risks they treat for consideration as a part of a residual risk assessment. Risk and controls can be assigned to named individuals and organizational structure to establish appropriate accountability and to provide relevant reporting.

 

Key Features

  • Catalog a consolidated view of risks and internal controls within the organization
  • Map risks to business processes, controls, higher level risk statements, and scenarios
  • Establish a library of agreed upon scenarios and perform assessments on selected scenarios
  • Perform qualitative and monetary assessments of inherent and residual risk
  • Monitor risks against established tolerances and risk appetite
  • Enforce consistent terminology, risk assessment methodology, and rating scales
  • Organized, managed process to escalate issues to ensure proper sign-off/approval of issues
  • Operationalize accountability for risks, controls, business processes, scenarios, risk assessments and outstanding issues
  • Establish delegated authorities for approving risk and enforce those authorities by automatically routing risk decisions to the authorized individuals
  • Visibility into risk and control inventory and assessment progress via predefined reports and risk dashboards

 

Key Benefits

With RSA Archer Top-Down Risk Assessment, you can:

  • Catalog a consolidated view of risks and internal controls within the organization
  • Map risks to business processes and controls
  • Understand the linkage between risk register statements and enterprise risk statements
  • Perform qualitative and monetary assessments of inherent and residual risk
  • Monitor risks against established tolerances and risk appetite
  • Manage risk scenarios on a consolidated basis, performing risk assessments and relating them to the risk register
  • Make certain that risk decisions are accepted only by those individuals with the authority to do so
  • Enforce consistent terminology, risk assessment methodology, and rating scales
  • Ensure that all stakeholders are engaged in risk management commensurate with their scope of responsibility
  • Provide consistent risk and control reports from one consistent system of record
  •  Establish an organized, managed process to escalate, approve, and remediate issues

 

Prerequisites

 

For More Information

To learn more about RSA Archer Top-Down Risk Assessment:

 

To learn more about how EMC products, services, and solutions can help solve your business and IT challenges, contact your local representative or authorized reseller—or visit us at www.rsa.com. If you are an existing RSA Archer customer and have questions or require additional information about licensing, please contact RSA Archer at archersupport@rsa.com or call 1-888-539-EGRC.

 

Risk Inventory and Top-Down Assessment with border shadow.png

Attachments

    Outcomes