RiskRecon enables you to control third-party risk by providing vendor security assessments that are comprehensive, actionable and available on demand. We can evaluate the security program of any organization -- SaaS, outsourcer or an in-house provider. With RiskRecon, you will obtain a verifiable assessment of each third-party’s security practices. You can then establish a base level of trust and identify specific areas for further discussion and investigation.
Integration with RSA Archer stores and display RiskRecon’s security performance assessment ratings. RiskRecon provides ratings for both the company itself and any designated third parties. These ratings include overall score and measures a variety of specific security domains. These scores are updated on a scheduled basis using an Archer HTTP data feed and the RiskRecon API. Importing RiskRecon files in a CSV format is also supported to assist loading third party relationships into RSA Archer in cases where they don't already exist.
RiskRecon integration with RSA Archer enables organizations to:
- Obtain objective, continuous measurements of your third-parties’ security performance and compare to their attestation and questionnaire responses
- Rapidly triage your vendor portfolio and focus on most critical security issues in parallel with your existing annual assessment process
- Synchronize vendor information with security performance assessment ratings from RiskRecon
- Manage RiskRecon-related findings, remediation plans, and exceptions alongside RSA Archer third party findings
- Configure reports and alerts for rating changes
Solution and Platform Information
- Solution Area: RSA Archer Third Party Governance
- Impacted Use Cases: RSA Archer Third Party Catalog
- Supported Platform Version: This offering has been developed for and validated on RSA Archer Platform release 6.2.
For More Information
To learn more about the RiskRecon RSA Ready certified integration: