Use Case for Third Party Governance
RSA Archer® Third Party Risk Management employs a series of risk assessment questionnaires for third parties, enabling your organization to assess their internal controls and collect relevant supporting documentation for further analysis.
The use case employs Vendor Portal functionality to enable third parties to quickly respond to assessment and questionnaires requests via a dedicated interface and dashboard. Questionnaire results are factored into a determination of the residual risk of each engagement being delivered by the third party.
Residual risk is assessed across several risk categories—compliance/litigation, financial, information security, reputation, resiliency, strategic, sustainability and fourth-party risk. Risk results are depicted for each engagement and rolled up to the corresponding third party to obtain an overall view of the third party’s “aggregate” risk to your organization. Risk assessment findings can be automatically captured and managed as exceptions, and remediation plans can be established, assigned to accountable individuals and monitored to resolution.
- Representation of risk of each third-party relationship, across all product and service engagements delivered to your organization
- Capture, storage and monitoring of supplemental documents such as System & Organization Controls reporting, financial statements and PCI assessments
- View assessments from all vendors in a single dashboard using Vendor Portal
- Self-service provisioning of third-party accounts Reporting on overall third-party risk profiles, individual problems and remediations
With RSA Archer Third Party Risk Management provides, you can:
- Understand your third-party risk profile
- Leverage a methodical and standardized approach to risk assessment
- Manage and mitigate identified issues and respond more quickly to emerging risks
- Reduce third-party-related incidents and losses, repeat audit and regulatory findings and associated costs
For More Information
To learn more about RSA Archer Third Party Risk Management
To learn more about how RSA products, services, and solutions can help solve your business and IT challenges, contact your local representative or authorized reseller—or visit us at www.rsa.com. If you are an existing RSA Archer customer and have questions or require additional information about licensing, please contact RSA Archer at email@example.com.