The RSA Archer Policy Library includes a set of 19 best-practice policies developed by RSA Archer in cooperation with leading Fortune 1000 organizations and aligned with the International Organization for Standardization (ISO) and International Electro-Technical Commission's (IEC) 27001 codes of practices.
A Policy is a broad statement of principle that presents the management position for a defined area. These statements are long-term directives that guide the development of more specific rules to address particular situations. Policies are interpreted and supported by Standards and Procedures. Policies are relatively few in number, must be approved and supported by executive-level management, and must provide overall direction to the organization.
To make communication with your employees easy, RSA Archer designed these policies using a three-level structure. The purpose of this structure is to allow employees to quickly locate policies based on a high-level name, an area of focus, or a specific section. For example:
A Policy is the highest-level item in the Policy framework. Policies include high-level statements of management expectations regarding an issue (for example, 8.0 Access Control).
An Area is the second-highest level in the Policy framework. Areas include more specific language regarding the policy, describing the area of focus and the intent of the main level policy. Areas act as a categorical stepping stone to help users navigate to the Sections that they are looking for (for example, 8.1 User Enrollment and Authorization).
A Section is the third level of policy in the Policy framework. Sections provide an additional level of grouping (for example, 8.1.4 Password Management Systems).
The following list details each of the 20 policies available in the RSA Archer Policy Library:
Security Monitoring and Response
Business Continuity Management
Legal, Compliance and Regulatory
IT Event, Incident and Problem Management
Financial Services Management
Healthcare Services Management
The RSA Archer Policy Library is available in the following languages:
The RSA Archer Policy Content Library is available with the use of the RSA Archer Policy Program Management and/or the RSA Archer IT Policy Program Management use cases. No additional license is required.
For More Information
To learn more about theRSA Archer Policy LibraryContent:
To learn more about this content, please contact your Account Rep for additional details. For technical support questions, please open a support case or contact RSA Archer at firstname.lastname@example.org for more information.