RSA Archer: IT and Security Risk Management

RSA Archer delivers trusted, aggregated and transparent IT risk information to enable more informed, confident and effective business decisions.

RSA logoHaving an accurate and up-to-date view of IT risk is fundamental for an organization to understand their ability to effectively deliver products and services.  However, many organizations still struggle with little visibility or confidence in their IT risk information.  Data and reporting is often spread out over multiple systems in various departments. Ownership and accountability is unclear, and there are inconsistent or duplicate processes for assessing risk.  IT risk assessments are often done with largely manual processes using spreadsheets, and they’re often incomplete or not done correctly.

What’s at stake?
Without a centralized view of IT risk, organizations could face disruption of services, reputational damage, financial losses, or major security incidents.  The significant resource requirements to perform IT risk assessments can leave a company challenged to react quickly to changes in the business environment.  As business relies more and more on IT systems to deliver products and services, these are becoming significant challenges.

How RSA Archer can help
Archer provides clear and centralized visibility into IT risk across an organization.  Risk and controls are linked, easing the communication of IT control requirements while reducing compliance gaps and improving risk mitigation strategies.  A streamlined assessment process accelerates the identification of risk, while reducing the burden on staff.  Ultimately, Archer allows organizations keep up with changing requirements, and focus their resources on the IT and technology risks that are the most impactful to their business.

Screenshot: RSA Archer IT risk management dashboard


RSA Archer Key Features

  • Centralized catalog of IT assets
  • IT controls repository and taxonomy
  • Pre-built risk and threat assessments
  • Risk repository and taxonomy
  • Ability to manage risk assessment processes
  • Consolidated issue management process
  • Consolidated list of findings from compliance audits and assessments
  • Consolidated list of remediation plans for compliance issues
  • Managed exceptions with appropriate risk sign-off/acceptance

Iceberg: Making a Difference
Our Archer Accelerator program can get you started on initial use cases with minimal configuration, typically in 60-90 days, helping organizations large and small to implement an effective GRC solution.

Read more:

To request a demo, or for more information, please fill out the form below or email