For the most up-to-date information on use cases, see the PDF versions of the Use Case Guides on the RSA Archer Community on RSA Link at: https://community.rsa.com/community/products/archer-grc/archer-customer-partner-community/
Without an established taxonomy for defining IT risk, organizations struggle to maintain a complete catalog of assets and risks, establish clear ownership and accountability. Ultimately, these organizations suffer due to a lack of visibility to risk, with no a consolidated view of IT risk across their enterprise. Further hampering effective identification and management of risks are inconsistent and inadequate approaches to assessing IT risks. Burdensome manual risk assessment processes to identify, assess, decision and treat IT risks leave significant openings for serious impacts to the business.
Without a comprehensive view of IT risk and established accountability, the organization can suffer significant events such as disruption of IT services, reputational damage, financial losses, and security incidents. Inconsistent, duplicative efforts can also lead to delayed or irrelevant reporting on IT risk. With so much time required to perform IT risk assessments, the business has a significant challenge keeping pace, especially when considering the increasing reliance on third parties and extensive transition of business critical processes and services to the cloud.
RSA Archer IT Risk Management
RSA Archer IT Risk Management enables you to comprehensively catalog organizational hierarchies and IT assets to ensure all business critical connections are documented and understood in the proper context of IT risk management. This use case forms the basis for completeness when populating the included Risk Register with all relevant IT risks. Pre-built IT risk assessments, threat assessment methodology, and IT control repository enable you to document and assess IT controls. RSA Archer Issues Management allows any gaps or findings discovered during risk assessments to be tracked and managed through the remediation process.
With IT Risk Management, you gain clear visibility into your overall IT risk landscape. Streamlined assessments accelerate the identification of IT risks, and the linkage between risks and internal controls eases communication of IT control requirements, reducing compliance gaps and improving risk mitigation strategies. This agile risk management framework enables you to keep up with changing requirements within the business and focus resources on the most impactful IT risks.
- Centralized catalog of organizational and IT assets
- Repository and taxonomy for IT risks and controls
- Pre-built risk and threat assessments to manage risk assessment processes
- Consolidated issue management process
- Centralized tracking of gaps and remediation activities for compliance issues
- Exception management and governance through appropriate risk acceptance and sign-off
With IT Risk Management, you will see:
- Reduced overall IT risk
- Less time required to research and understand key risk and control requirements
- Improved visibility and reporting of IT risk throughout the enterprise
RSA Archer 6.5