This presentation provides highlights of RSA Archer Suite Release 6.9, including RSA Archer Controls Assurance Program Management, RSA Archer IT Controls Assurance, and RSA Archer Cyber Risk Quantification use case updates. The presentation was given at the September 11, 2020 Free Friday Tech Huddle by Corey Carpenter and Antoine Damelincourt. Please review the video demonstration for additional information from this Free Friday Tech Huddle.
Questions and Answers:
Q: What are the licensing and pre-requisite use case requirements for the Cyber Risk Quantification (CRQ) and RiskLens integration?
A: In order to use this integration you need a RiskLens license, which can be obtained directly from RiskLens or through RSA by purchasing our Cyber Risk Quantification use case.
You also need to have one of the following use-cases as a pre-requisite: Operational Risk Management, Top-Down Risk Assessment, IT Risk Management, Information Security Management System.
If you already have a RiskLens account and one of the required use cases, you can download the data feed and implementation guide from the RSA Archer Exchange here: https://community.rsa.com/docs/DOC-79518.
Q: What is the sync frequency between RiskLens and Archer? How can we set up the real-time sync back from RiskLens to Archer?
A: The sync between the two environments is managed by and Archer data feed. An Archer Admin can define the frequency at which the feed is ran. The same feed manages the data exchange both from and back to Archer.
Q: Does the RiskLens assessment include estimates for both inherent and residual risk?
A: Risk Lens helps you calculate your residual risk by taking into account your mitigating factor such as your resistance strength. You then get a breakdown of primary and secondary losses estimates. You can also break down the delta between threat event frequency and loss event frequency to gauge the effectiveness of your control environment.
Q: Do you have to be on the Archer 6.9 platform to use CRQ?
A: The Risk Lens integration can be used with Archer 6.8 and later.
Q: Can we report on the factors and sub-factors assessed in RiskLens and their estimated dollar value for each in Archer using the data pulled in through the out-of-the-box data feed as is?
A: The current integration only supports the return of the macro results to Archer: 10th percentile, 90th percentile, most likely loss. We are working on a deeper integration through a new Risk Lens API which would let us return more detailed information from Risk Lens, including data for each individual scenario.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.