RSA Archer Third Party Engagement

Document created by Susan Jessee Employee on Dec 3, 2015Last modified by Christopher Dodge on Aug 24, 2017
Version 12Show Document
  • View in full screen mode

Use case for Third Party Governance



RSA Archer® Third Party Engagement allows you to catalog the products and services being delivered by your third parties. It also allows you to associate the product and service engagement to the business process and business units it supports, giving you a holistic understanding of your dependency on the third party. You can establish accountability for engagements, perform inherent risk assessments across multiple risk categories, catalog and assess the adequacy of proof of insurance for each supplier, evaluate the financial viability of the third party, and roll up all engagement inherent risk assessments to the third party delivering the engagement. This provides you with an understanding of the overall inherent risk associated with each third party.


Key Features

  • Catalog third parties, their business hierarchy, and the product and services engagements they deliver to your organization
  • Map third party products and services to the business processes they support
  • Enable business users to request third party products and services
  • Evaluate and manage third party sourcing requests, identify if existing approved relationships satisfy the requirements, or identify whether a new third party relationship should be established
  • Perform inherent risk assessments on engagements across seven different risk categories
  • Capture and analyze significant fourth party relationships
  • Analyze the financial wherewithal of each third party to continue operations
  • Roll up engagement inherent risk assessments to obtain an overall third party inherent risk profile
  • Catalog contracts and master services agreements associated with engagements
  • Execute contract risk assessments utilizing standardized questionnaires focused on minimum required contract language to mitigate and transfer risk
  • Capture the third party’s proof of insurance and evaluate the adequacy of the insurance relative to all of the engagements being delivered
  • Integrate the results of your business process impact analysis into your assessment of the inherent resiliency risk of each third party
  • Establish accountability for each third party engagement
  • Document and monitor remediation plans to bring risk within acceptable tolerance
  • Track exceptions related to third party engagements


Key Benefits


RSA Archer Third Party Engagement enables:

  • Efficient management of your third party relationships
  • Knowledge of where, how, and why third parties are being used throughout the organization, and who is responsible
  • Identification of inherently high risk third party products, services, and relationships
  • Better understanding of the adequacy of each third party’s proof of insurance, and fewer audit and regulatory findings
  • More efficient management of your third party risk management program and allocation of scarce resources based on the most significant priorities
  • Greater transparency into third party relationships using robust notifications and reporting
  • Positive assurance to senior management, the Board, and regulators regarding the adequacy of the organization’s third party governance program




For More Information

To learn more about RSA Archer Third Party Engagement:


To learn more about how EMC products, services, and solutions can help solve your business and IT challenges, contact your local representative or authorized reseller—or visit us at If you are an existing RSA Archer customer and have questions or require additional information about licensing, please contact RSA Archer at or call 1-888-539-EGRC.


Third Party Engagement with border shadow.png