RSA Archer IT Security Risk Management Use Cases Deep Dive

Document created by Elizabeth Maloney Employee on Sep 26, 2016Last modified by Connor Mccarthy on Dec 13, 2017
Version 11Show Document
  • View in full screen mode

OnDemandLabDetails

Register

 

 

 

In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us

 

Summary

The RSA Archer IT Security Risk Management Use Cases Deep Dive on-demand lab provides a closer look at ten use cases:

  • Issues Management
  • IT Security Policy Program Management
  • IT Regulatory Management
  • IT Controls Assurance
  • PCI Management
  • RSA Archer Information
  • Security Management System
  • IT Security Vulnerabilities Program
  • IT Risk Management
  • Security Incident Management
  • Security Operations and Breach Management

 

Overview

This self-paced on-demand lab is part of a series that offers a deeper look into specific use cases within the RSA Archer GRC product. The use cases within the IT Security Risk Management solution area include: Issues Management, IT Security Policy Program Management, IT Regulatory Management, IT Controls Assurance, PCI Management, RSA Archer Information Security Management System, IT Security Vulnerabilities Program, IT Risk Management, Security Incident Management, and Security Operations and Breach Management. Many of these use cases build on each other to help provide organizations with a quick win and faster return on investment as their processes mature.

 

Within this on-demand lab students will have the opportunity to view demo videos, review documentation, and observe a sample design session that gives the viewer some insight into things that should be considered prior to implementing an IT Security Risk Management solution.

 

Lab exercises provide students with the ability to practice what they have learned. To maximize the value of your learning experience, this course also includes access to RSA University’s virtual environment.

 

Audience

RSA Archer Partners, RSA Customer Support, Professional Services and Customers.

 

Delivery Type

On-Demand Lab

 

Duration

Estimated time to complete is 8 to 10 hours. Exact time required to complete all lab exercises will vary based on the existing Archer experience level of each learner.

 

Note: RSA University’s virtual lab environment is provided for 10 hours of overall practice time over a 14-day period.

 

Accessing the Lab Environment

Lab exercises are performed in the RSA University virtual lab environment. The downloadable Lab Guide provides detailed instructions on access the environment.

 

For more information please view the document Access RSA University Virtual Labs – available on the RSA University site:RSA University Content

 

Prerequisite Knowledge/Skills

RSA Archer Solutions Overview and knowledge about the GRC industry.
RSA Archer Solutions Area: IT Security Risk Management.
Also recommended: RSA Archer Platform Fundamentals for Business Users OR
RSA Archer Reporting & Navigation.

 

Learning Objectives

Upon completion of this training, the learner should be able to do the following for the use cases within the IT Security Risk Management solution area:

  • Explain the business purpose of each use case
  • Define the individual Archer Components that make up each use case
  • Navigate the components that make up each use case
  • Complete common actions performed within each use case
  • If applicable, engage others in dialog needed to clarify implementation needs of each use case
  • Navigating the components that make up each use case
  • Completing common actions performed within each use case
  • Clarifying implementation needs of each use case

 

Course Outline

  • IT Security Policy Program Management unit includes:
    • Documentation
    • Demo Video
    • Sample Design Session
    • Knowledge Check

 

  • IT Security Policy Program Management lab – includes practice in managing:
    • Findings
    • Remediation Plans
    • Exception Requests

 

  • IT Security Policy Program Management unit includes:
    • Documentation
    • Demo Video
    • Sample Design Session
    • Knowledge Check

 

  • IT Security Policy Program Management lab – includes practice in:
    • Managing corporate policies in a consistent format
    • Reviewing exception requests

 

  • IT Regulatory Management unit includes:
    • Documentation
    • Demo Video
    • Sample Design Session
    • Knowledge Check

 

  • IT Regulatory Management lab – includes practice in managing:
    • Regulatory Intelligence Items
    • Regulatory Intelligence Review

 

  • IT Controls Assurance unit includes: 
    • Documentation
    • Demo Video
    • Sample Design Session
    • Knowledge Check

 

  • IT Controls Assurance on-demand lab – includes practice in:
    • Documenting assets and prioritizing related controls
    • Performing control testing
    • Addressing gaps found during testing

 

  • PCI Management unit includes:
    • Documentation
    • Demo Video
    • Sample Design Session
    • Knowledge Check

 

  • PCI Management lab – includes practice in:
    • Defining the scope of your PCI program
    • Evaluating controls Completing a Self-Assessment Questionnaire

 

  • Information Security Management System unit includes:
    • Documentation
    • Demo Video
    • Sample Design Session
    • Knowledge Check

 

  • Information Security Management System lab – includes practice in:
    • Documenting an IS system and the related stakeholders and responsible parties
    • Attaching risk related policies, projects, and mitigation plans
    • Documenting and exporting a statement of applicability

 

  • IT Security Vulnerabilities Program unit includes:
    • Documentation
    • Demo Video
    • Sample Design Session
    • Knowledge Check

 

  • IT Security Vulnerabilities Program lab – includes practice in:
    • Managing vulnerability scans and results
    • Interpreting trends that appear as a result of scans

 

  • IT Risk Management unit includes:
    • Documentation
    • Demo Video
    • Sample Design Session
    • Knowledge Check

 

  • IT Risk Management lab – includes practice in:
    • Creating a Risk Project to assess risk on groups of business components
    • Creating a Threat Project to assess new or existing technologies

 

  • Security Incident Management unit includes:
    • Documentation
    • Demo Video
    • Sample Design Session
    • Knowledge Check

 

  • Security Incident Management lab – includes practice in:
    • Documenting a security incident and tracking it to resolution
    • Leveraging the Incident Response Procedure Library to ensure a consistent approach to addressing incidents is followed

 

  • Security Operations and Breach Management unit includes:
    • Documentation
    • Demo Video
    • Sample Design Session
    • Knowledge Check

 

  • Security Operations and Breach Management lab – includes practice in:
    • Documenting and assessing a data breach
    • Tracking Training and Certification of team members
    • Formalizing shift handover procedures

 

  • Final Assessment over all use cases is available to test your knowledge

 

An additional set of documents echoes the Sample Design Session video showcased in the materials of this course, and provides an opportunity for the learner to experiment implementing the sample company’s design.

 

OnDemandLabDetails

Register

 

 

 

In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us

Attachments

    Outcomes