RSA makes Archer risk and compliance suite easier for business users

In large enterprises business units are increasingly taking on the job of identifying, assessing and remediation of risk to ensure regulatory compliance.

To help risk officers there’s a wide range of solutions — by one count, over 50 — to chose from which are constantly adding new features and capabilities.

The latest is RSA’s Archer governance, risk and compliance suite, which has been updated to version 6.0 with improvements to help business users, risk managers, and the audit team complete their tasks.

The company said Wednesday the new suite, to be released Nov. 10, includes a workflow engine and user interface across all of the suite’s 13 modules that allows uses to drag and drop steps needed to finish an operation.

For example, customers that use Archer for incident management can more easily design workflows that give staff a screen with a small number of fields for reporting an incident, with increasingly more fields as the report goes up the chain.

“Customer can configure workflows based on their individual business requirements.” Steve Schlarman, an RSA [NYSE:EMC]  governance, risk, compliance strategist, explained in an interview.

Another change aimed at making it easier for business owners who have to perform regular risk assessments to do things faster involves an improvement to the operational risk management module that a number of Archer solutions are built around.

“We’ve built a whole new lifecycle for risk and control self-assessment that helps the business owner go through their catalogue of risks, look at what controls map to those risks, provide an insight of whether or not those controls are effective and perform a self- assessment,” Schlarman said.

Also new are task-driven landing pages, which consolidates all tasks a user has to perform across all areas.  For example, a system administrator can see a vulnerability identified on a system that needs to be remediated, an upcoming compliance assessment needed to be finished and a new asset or group of assets has been assigned.

There’s no shortage of GRC-related solutions. They include Agiliance RiskVision, BPS Resolver, Brinqa, CheckPoint Software’s Compliance Blade, IBM OpenPages, MetricStream, Modulo, SAS Enterprise GRC, SAP Risk Management and Thomson Reuters Accelus Risk Manager to name a few.

These are not for the faint of heart. As Blue Hill Research, an industry analyst firm, noted in a recent report on implementing GRC solutions, “the expansive reach and complexity of GRC platforms adds to the challenge of implementation and deployment. Often, GRC provides a basic solution framework that must be adapted to an organization’s individual needs and use cases.”

In a study of 21 GRC implementations at very large organizations (medium size 5,700 seats) it found costs ranged between US$75,000 and US$700,000, with a median implementation cost of approximately US$485,000. Time required for implementation fell between three and sixteen months.

Among its recommendations:

— involve IT at the earliest stage of the investment

–build from a clear vision of business needs and process change;

— align implementation milestones to business value requirements and

— seek configurability over customization, where possible.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now