(The latest in our new “GRC Best Practices” series is a contribution from Warren Rainey, a GRC Solution Developer at Iceberg. Here’s an excerpt from his article. You can sign up to our Risk Intelligence Newsletter for updates when new articles from this series are posted.)
Ensuring that the right people in an organization get the information that they need, when they need it, is essential for supporting an effective risk management program. Like every GRC solution, RSA Archer offers a variety of notification types and configuration options. Notifications can be sent to anyone with an email address, and it can be configured with third-party tools to send text messages or integrate with other messaging systems. With all of these options, the challenge is making the most effective use of what’s available to ensure that all stakeholders are engaged with GRC activities.
The different notification types in Archer cater to different forms of implementation with each having its own strengths and weaknesses. Different types of notifications can allow users to address different people inside and outside of Archer, set a schedule for distribution, provide visuals and reports, link back into the Archer platform itself and even provide notifications to admins about the platform. We’ve created a reference chart showing the advantages and limitations of each type of notification available.