RSA Archer Control Standards Library Content

Document created by Susan Read-Miller Employee on Apr 27, 2018Last modified by Susan Read-Miller Employee on May 18, 2020
Version 8Show Document
  • View in full screen mode

RSA Archer Suite Logo


The RSA Archer Control Standards library consists of over 1,200 best-practice control standards organized through a custom GRC taxonomy developed specifically to align with multiple best-practice external standards and benchmarks.


Control standards specify a particular course of action or response to a given situation. They are topical rather than tactical, serving as management level guidelines that provide specifications for the implementation of corporate policies intended to drive compliance with internal and external corporate objectives.


The Archer Control Standards library is linked to several other Archer libraries such as Policies, Authoritative Sources, and Control Procedures. This provides both a common connection fabric and aggregation point for measuring performance of policy and compliance activities.  For example:

  •  Control standard "ATCS-027: Risk Assessment Process" is mapped to hierarchical policy record 0 Risk Management Policy > 02.3 Risk Assessments > 02.3.01 Risk Assessment Process.
  • This same control standard is also cross-mapped to several hundred different authoritative source references, such as ("FFIEC Information Security Booklet > 0 Information Security Risk Assessment").


The benefit of this mapping process is it allows organizations to:

  •  Understand which controls they need to implement to comply from a regulation standpoint, or from a corporate policy and best practice
  •  Identify and manage key stakeholder ownership and automate both the process of implementing industry standards across the organization, and training employees on those best
  •  Simplify risk and compliance performance measurement, monitoring and



This content is available in the following languages:

  • English
  • French
  • German
  • Italian
  • Japanese
  • Portuguese
  • Russian
  • Simplified Chinese
  • Spanish.



Mappings for the RSA Archer Control Standard Library are mapped to policies and authoritative sources which are available in the RSA Archer Policy Library and authoritative source content packs.

Licensing Restrictions

The RSA Archer Control Standard Library is available with the use of the RSA Archer Policy Program Management, RSA Archer IT Policy Program Management, and/or RSA Archer Authorization and Assessment use cases. No additional license is required.


For More Information

To learn more about the RSA Archer Control Standard Library Content:


For Additional Support

To learn more about this content, please contact your Account Rep for additional details. For technical support questions, please open a support case or contact RSA Archer at for more information.