Archer^® Exchange Documentation

RiskRecon enables you to control third-party risk by providing vendor security assessments that are comprehensive, actionable and available on demand. We can evaluate the security program of any organization -- SaaS, outsourcer or an in-house provider. With RiskRecon, you will obtain a verifiable assessment of each organization’s security practices. You can then establish a base level of trust and identify specific areas for further discussion and investigation. In addition to using this data for monitoring third party risk, organizations can also obtain independent monitoring of their own enterprise's external security posture, known as Own Enterprise Monitoring.

The Archer Third Party Security Risk Monitoring use case, powered by RiskRecon, delivers transparent security measurements, analytics, and analyst-level insight to dramatically improve your Own Enterprise Monitoring risk management program. It provides organizations with visibility, insight and actionable intelligence into risk environments. Own Enterprise Monitoring discovers and analyzes each company’s IT footprint using artificial intelligence (AI) to automatically measure the value of each asset. This enables analysts to quickly identify each specific system that poses the greatest risk, based on vulnerability severity and asset criticality.

Integration Features

RiskRecon Own Enterprise Monitoring Integration enables organizations to:

• Receive an actionable view of security issues for each company.
• Pinpoint potential exposures and root causes for 50+ security criteria.
• Obtain on-demand assessments of any organization's security practices.
• Demonstrate risk control quality to regulators and standards bodies.
• Proactively identify common exposures throughout your web-facing presence.
• Gain objective insight into your security performance and IT landscape.
• Continuously monitor security performance.
• Optimize use of analysts’ time and outside auditor resources.
• Allocate risk resources to where they are needed most, to focus on high-value, low-performing assets.

Solution and Platform Information

• Solution Area:  Archer IT & Security Risk Management 
• Impacted Use Cases: 
  • Archer IT Security Vulnerabilities Program
  • Archer Third Party Security Risk Monitoring
• Supported Platform Version: This offering has been validated on the following platform versions:
  • Archer Platform release 6.4 SP1 P1 
  • Archer Platform release 6.7

For More Information

To learn more about the RiskRecon Own Enterprise Monitoring Integration RSA Ready certified integration:

• Review the Implementation Guide and Installation Package for Archer release 6.4 SP1 P1.
• Review the Implementation Guide and Installation Package for Archer release 6.7 and above.

For Additional Support

To learn more about the RiskRecon Own Enterprise Monitoring integration or the Archer Third Party Security Risk Monitoring use case, please contact your Archer Account Manager.  For technical support questions please open a support case or contact Archer at archersupport@rsa.com.