Archer^® Product Advisories

RSA announces availability of RSA Exchange Release R12.

RSA announces availability of RSA Exchange Release R12. This release includes new and updated offerings:

• App-Packs – pre-built applications addressing adjacent or supporting Integrated Risk Management processes (e.g. niche, industry, geo-specific)
  • Archer Scripts Timesheet enables users to quickly enter time on a weekly view and integrates with records in existing RSA Archer applications.
  • ComplyTec NERC Compliance Management has been updated to improve the user experience and to add advanced workflow to the Events application, introduced the Reliability Standard Audit Worksheet mail merge template, added calculated functionality for review Frequency and Next Review Data, and a NERC Procedure Assessment and NERC Evidence Assessment questionnaires.
  • Crowe Pandemic Response aggregates external data, including government mandates, closures, virus cases and more, and correlates it with an organization’s internal data, such as employees, vendors, customers, products and facilities. This tool centralizes the data executives need to identify emerging risks, adapt business initiatives and, most importantly, care for their employees.
  • NTT ISMS Risk Assessment extends the NTT ISMS Control Assessment app-pack and helps automatically define, prioritize and track risks.
  • RSA Archer IIC-Aligned IoT Security Maturity Assessment documents security maturity assessments and action plans to address security gaps in IoT implementations.

• Integrations - pre-built data exchange configurations bringing data into and pushing data out of the RSA Archer Platform
  • AWS Security Hub integration with RSA Archer IT Controls Assurance use case creates a centralized view for security and compliance posture across multiple AWS services or partner offerings.
  • Qualys Vulnerability Management integration with the RSA Archer IT Security Vulnerabilities Program use case has been updated to leverage the Application Managed Output Writer for JavaScript Transporter.
  • RiskRecon Own Enterprise Monitoring integration with RSA Archer IT Security and Vulnerabilities Program has been updated to support changes with JavaScript code and ingestion of RiskRecon Network Filtering issues.
  • RiskRecon Third Party Security Risk Monitoring integration has been updated to support changes in the JavaScript code and data feed and integrates with the following use cases:
    • RSA Archer Third Party Catalog
    • RSA Archer Third Party Engagement
    • RSA Archer Issues Management
  • SecurityScorecard integration with the RSA Archer Third Party Catalog use case has been updated to include enhanced data structures, automated data feeds, event log module, and triggered assessments and notifications.
  • Supply Wisdom integration with the RSA Archer Third Party Catalog use case has been updated to reduce the number of required on-demand applications, full integration with Supply Wisdom's API for automatic content updates, email notifications, and alert triage and tracking status. 
  • Thomson Reuters integration with the RSA Archer Corporate Obligations Management use case includes a number of updates.
  • Wolters Kluwer NILS™ Insource ® integration with the RSA Archer Corporate Obligations Management use case imports regulatory content for the insurance industry directly into RSA Archer. 

• Content - pre-mapped collection of best-practice policies, control standards, legal and regulatory requirements, industry standards, and assessments
  • AICPA Privacy Maturity Model provides organizations with a means of assessing their privacy program.
  • Cybersecurity Maturity Model Certification Framework (CMMC) encompasses multiple maturity levels for CyberSecurity.
  • E.U. Regulatory Technical Standards for Authentication establishes requirements for payment service providers to implement security measures.
    
  • HITRUST CSF™  rationalizes relevant regulations and standards into a single overarching security and privacy framework for organizations to manage risk and regulatory compliance.
  • Hong Kong Monetary Authority Principles of Artificial Intelligence provides guidance to the banking industry on the use of artificial intelligence (AI) applications. 
  • Hong Kong Monetary Authority E-banking Regulation provides guidance on the risk management of E-banking to Authorized Institutions (AIs).
  • Industrial Internet Consortium (IIC) IoT SMM Framework provides a framework to assess the security maturity for IoT implementations.
  • Maine - An Act To Protect the Privacy of Online Customer Information requires internet service providers in the state of Maine to get permission from their customers before selling or sharing their data with a third party.
  • Microsoft Software Development Lifecycle has been updated to 5.2 version.
  • Nevada - CHAPTER 603A – Security and Privacy of Personal Information prohibits website operators, or anyone who runs an online service, from selling certain information on a consumer to data brokers without that consumer's permission.
  • RSA Archer Third Party Pandemic Preparedness Assessment is a questionnaire used with the RSA Archer Third Party Risk Assessment use case to assess a third parties pandemic plan.
  • U.K. NCSC Cyber Assessment Framework provides a systematic and comprehensive approach to assessing the extent to which cyber risks to essential functions are being managed by the organization responsible.
  • U.K. Network and Information Systems Regulations 2018 provides legal measures aimed at boosting the overall level of security (both cyber and physical resilience) of network and information systems for the provision of essential services and digital services.
  • U.S. HHS/CDC Business Pandemic Influenza Planning Checklist provides a questionnaire developed by the U.S. Department of Health and Human Services (HHS) and the Centers for Disease Control and Prevention (CDC) to help organizations plan for a pandemic influenza.
  • U.S. Sarbanes-Oxley Master Controls has been updated to support the new RSA Archer Financial Controls Monitoring use case (formerly Controls Monitoring Program Management).

For additional documentation, downloads, and a listing of all RSA Exchange offerings, visit the RSA Exchange on RSA Link.