For the most up-to-date information on use cases, see the PDF versions of the Use Case Guides on the RSA Archer Community on RSA Link at: https://community.rsa.com/community/products/archer-grc/archer-customer-partner-community/
Governance, risk and compliance processes create scattered lists of issues and findings in various documents. Management, GRC teams and business managers have no consolidated view of outstanding issues related to audits, compliance reviews or risk assessments. Additionally, limited documentation on current and planned remediation efforts related to these issues leaves gaps in understanding about what is being done to mitigate and address open risks. Finally, not every issue can be addressed completely and some exceptions need to be accommodated. These exceptions can lack the proper review, approval and documentation to ensure the organization understands which exceptions or deviations are affecting the overall risk to the business.
The results of poor issues management starts with little to no visibility or accountability in addressing known risks. Missed issues can fall through the cracks, resulting in repeat audit findings, compliance violations, or significant risks and cost to the business. Remediation efforts can suffer as well, with missed deadlines or poorly coordinated plans to remediate identified risks.
RSA Archer Issues Management
RSA Archer Issues Management lays the foundation for your GRC program to manage issues generated by multiple groups, such as audit, risk, and compliance. The use case includes the Business Hierarchy to establish the corporate structure and accountability, and workflow and reporting to manage findings, remediation plans and exceptions.
With Issues Management, you can create a coordinated and consolidated view into known issues. An organized, managed process to escalate issues provides visibility into ownership through your established chains of command. Workflow for proper sign-off and approval of issues, remediation plans, and exceptions ensures identified issues are well managed. As a result, your organization will realize quicker resolution to emerging issues, creating a more secure and resilient environment while reducing costs.
- Consolidated issues management process
- Consolidated and coordinated lists of remediation plans and findings from risk, compliance, audits and other assessments
- Managed exceptions with appropriate risk sign-off/acceptance
With Issues Management, you will see:
- Reduced time to resolution on audit, risk and compliance issues
- Improved staffing management for remediating issues
- Reduction of overtime/reactive overload for business operations and IT responding to issues
- Reduced repeat findings
- Reduced overall risk
RSA Archer 6.5