White papers, solution briefs & more

How to choose the right notifications
in Archer

Warren Rainey shares the advantages and limitations of each notification type available in RSA Archer, and advice for configuring effective notifications.

Shift your mindset for better BCM decisions

Melissa Cohoe outlines three approaches that you can take to start shifting your BCM mindset: focus on outcomes, aim for understanding over precision, and shift to business-driven risk management.

eBook: Getting Started with GRC

Each chapter in this series explores a concept that we’ve seen to be critical to the success of any GRC deployment, whether you already have a GRC tool in place or you’re starting from scratch. Written by Kirk Hogan, Iceberg’s senior GRC consultant.

Building a remarkable Archer team

How do you build a team to properly sustain your GRC program? What skills should you be looking for? How should you develop your resources? Melissa Cohoe offers some pointers based on our work with Archer customers and our own Iceberg team.

A Scalable Approach to Access Control in RSA Archer

In this document, Zhao Tian presents a role-based access control permission model for RSA Archer to allow for better security, reporting and user management.

Preparing for GDPR

The European Union General Data Protection Regulation (GDPR) will drive unprecedented changes in the way organizations handle personal data when it comes into effect in May 2018. To help organizations prepare, we’ve put together a resource page to help answer your questions.

Rethinking Vulnerability Management

To drive better business results from vulnerability management programs, companies need collaboration between IT and the business to share accountability for vulnerability management and the risk they impose on the business. Written by David White, a senior GRC consultant with Iceberg.

Getting a Grip on Application Risk

How a large North American financial institution used RSA Archer to centralize and automate their Application Risk Management process. They moved from spreadsheets to a centralized inventory of risk data, allowing for more confident, informed and effective decisions.

OVERVIEW: Vendor Risk Management

Companies partner with hundreds – or even thousands – of suppliers to deliver products and services. Every vendor, large or small, is a potential point of risk for the organization. Read how Iceberg helps organizations build strategic programs to deliver trusted, transparent and timely information on vendor risk, giving them the agility to make informed and effective business decisions.

Customer case studies

CASE STUDY: Building user acceptance and confidence to earn executive trust

Iceberg recently worked with a large commercial bank based in New England to rejuvenate their RSA Archer program. The solution is now expanding to become a trusted enterprise platform that’s a key tool for strategic risk management activities.

CASE STUDY: ServiceNow Audit & Compliance

How a Fortune Global 500 manufacturer leveraged ServiceNow to consolidate, automate and modernize the processes that support IT audit and compliance activities.

SUCCESS STORY: Iceberg APS for healthcare GRC

A project with a large California-based healthcare facility to make critical updates to their GRC solution and to mentor internal IT resources

CASE STUDY: Third Party Risk Management

Iceberg recently helped a large U.S. financial organization to centralize and automate Third Party Risk Management (TPRM) processes within a GRC solution.

Webinar archive

For more information please contact us at or call 855-595-0808 x261.

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign-up to our Risk Intelligence Newsletter for updates on new content, resources and events from the Iceberg team.

We promise to respect your time and inbox!

Thank you! Please check your email to confirm your subscription.