RSA Archer Cybersecurity Framework Management App-Pack

Document created by Susan Read-Miller Employee on Aug 16, 2017Last modified by Susan Read-Miller Employee on Aug 14, 2018
Version 17Show Document
  • View in full screen mode

RSA Archer Suite

Cybersecurity threats exploit the increased complexity and connectivity of critical infrastructure systems, which places national security, the economy, and public safety at risk. To combat these cyber risks, NIST (National Institute of Standards and Technology) has developed a risk-based Cybersecurity Framework to provide government agencies and the private sector with industry standards and best practices to help manage cybersecurity risks. In May 2017, the U.S. Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure was signed, holding agencies, as well as owners and operators of critical infrastructure in the U.S., accountable for managing cybersecurity risks.


RSA Archer Cybersecurity Framework Management provides straightforward guidelines for addressing and managing cybersecurity risks. Profile owners can catalog the current state, prioritize and scope profile elements, and define their desired or targeted state outcomes for their organization’s cybersecurity program. Assessors then evaluate these profiles against the Cybersecurity Framework categories. Previous assessments can be archived for comparison with current Profile and measure progress. Reports and dashboards provide clear insight to the cybersecurity current state and progress being made toward the desired cybersecurity state. 


With the RSA Archer Cybersecurity Framework Management offering, government agencies and private sector businesses can assess and measure their cybersecurity posture, address gaps, and report on cybersecurity posture in a meaningful way that is understood by all stakeholders.

Key Features

  • Prioritize and scope the organization's business objectives and priorities
  • Create a Current Profile that indicates progress being made toward target outcomes
  • Automate scope for cybersecurity assessments based on business process
  • Risk assess the operational environment and identify the likelihood and impact of a cybersecurity event
  • Identify a Target Profile that describes the organization's desired cybersecurity outcomes
  • Analyze the Current Profile against  the Target Profile by function, category, level or business process to determine gaps
  • Track NIST Cybersecurity Framework library versions for cybersecurity assessments
  • Approve cybersecurity profiles using electronic signatures
  • Implement an Action Plan to identify necessary steps  to remediate gaps


  • Concise methodology allows organizations to understand  how your cybersecurity efforts stack up relative to NIST’s guidance and authoritative sources
  • Common language ensure clear communication of requirements and progress across all  stakeholders, including the IT security team, management, partners, contractors, suppliers, and others
  • Application of NIST Cybersecurity Framework version 1.1, released in April 2018, and risk management best practices improves cybersecurity and resiliency of critical infrastructure, regardless of organization size or level of cybersecurity sophistication
  • Designed to assist government and critical infrastructure entities manage cybersecurity requirements in keeping with the U.S. Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure



This offering requires several applications including:

  • Business Units
  • Business Processes
  • Applications
  • Devices
  • Authoritative Sources


These applications can be found in several Use Case offerings. Please review the implementation guide for a full list of the applications, use cases and prerequisite dependencies that are required for this offering.


Supported Platform Version

RSA Archer Cybersecurity Framework Management was developed for and validated on RSA Archer Platform release 6.4 SP1 and above.


RSA Archer On-Demand Application (ODA) Licenses

Three (3) RSA Archer On-Demand Application (ODA) licenses are required for RSA Archer Cybersecurity Framework Management.


For More Information

To learn more about RSA Archer Cybersecurity Framework Management:


For Additional Support

To learn more about this offering, please contact your Account Rep for additional details. For technical support questions regarding this offering, please open a support case or contact RSA Archer at for more information.


RSA Archer Cybersecurity Profile Owner Dashboard

Cybersecurity Framework Profile Owner Dashboard


Cybersecurity Profile Assessment

Cybersecurity Framework Profile Assessment