As businesses chart a path into the next phase of the new normal, they face a myriad of risk management challenges. For some, settling into a future of full-time remote working is leading to a re-think on business process and cyber risk. For others, the complex task of transitioning employees back to physical locations means juggling safety, business continuity and regulatory requirements. For others, monitoring the health and well-being of onsite employees and ensuring strict social distancing measures at physical sites is creating significant burden.
Bundle that with the emerging business priorities that include minimising costs, running “lean” and simplifying operations, and leaders now have a lot to deal with. By the way – you may not be able to leave your house to achieve any of this.
With businesses rapidly shifting to digital to engage their customers and shifting to Software-as-a-Service (SaaS) to embrace cost savings and simplicity, it’s time risk teams do the same.
With that in mind, I’d like to present to you the business case for RSA Archer SaaS, an integrated risk management (IRM) solution delivered securely and efficiently in the cloud.
Why Digital for Risk Management?
Regardless of which “next normal” challenge you are working on right now, the one constant is that our operational business environment is going to continue changing. With the health crisis demanding a new approach for business operations, it’s obvious we also need a re-think on how to manage risk.
With the move to remote working, there are no more water-cooler moments, corridor conversations or café catch-ups. Like it or not, these were important engagement channels for the risk team and often helped them pick up on emerging issues and problems “on the ground.”
RSA believes that technology has a role to play in helping you engage your business for emerging matters that might otherwise go unreported – especially when those matters can’t simply “walk” into your office.
Having a digital solution in place that can underpin, standardise and automate elements of the organisation’s risk framework, while enabling rapid change, will be critical for any organisation that is serious about managing risk. RSA Archer is built on these principles.
Having a simple, approachable portal that makes it easy to engage the business in risk and compliance matters will be critical for bridging the gap created by remote and dispersed workforces. Whether it’s simple activities like reporting incidents, issues or ideas, or more sophisticated tasks like completing Risk & Control Self Assessments, RSA Archer SaaS makes it easy to deliver your risk methodology in any location – be it home, office or on the road.
Furthermore, being able to use the platform to integrate with other internal systems to automatically derive risk insights helps risk team further bridge this gap. RSA Archer provides the tools and techniques to ingest, analyse and report insights to the right people so that action can be taken.
In short, RSA Archer allows risk teams to extend their reach and support a positive risk culture in this increasingly virtual business environment.
Why SaaS for Risk Management?
SaaS offerings eliminate many of the costly and time-consuming activities associated with implementing and running business applications on-premises, such as purchasing and deploying hardware, administering upgrades and patching systems. Risk teams can achieve faster time to value with the rapid set-up and deployment that a SaaS model brings, compared to the significant lead times associated with getting your own infrastructure up-and-running on-premises.
Second, risk teams don’t have to wait for upgrades or for access to new, efficiency-boosting and experience-enhancing features. With SaaS offerings, upgrades are seamless and regularly scheduled, giving risk teams and business users the ability to access the latest features and capabilities more quickly.
Equally important, SaaS solutions generally scale more readily than on-premises applications. This is essential for the many organisations needing to rapidly provision access to their dynamic workforces. There is no need to have IT deploy and configure additional servers to accommodate more users or configure remote access. The fact that the solution is cloud-based means it’s accessible from anywhere, helping you extend your reach not just to your remote workforce, but to your extended enterprise of third-party suppliers.
In short, RSA Archer SaaS allows risk teams to focus on managing risk, rather than IT infrastructure.
But, is SaaS for Me?
The common questions I receive from risk and compliance leaders includes:
- “Will a SaaS solution comply with requirements for local data storage?”
- “Will it be as configurable as an on-premises system?”
- “What happens if a SaaS provider experiences an outage?”
While it’s true that data storage and configuration can be issues for some SaaS providers, RSA Archer SaaS offers an Asia-Pacific-based (Australian) hosting option and maintains the robust configurability that customers have come to expect from the RSA Archer Suite on-premises offering. We’ve been doing this for more than 10 years and have customers from all around the world, including Asia-Pacific, running RSA Archer in the cloud already.
In a Time of Crisis, RSA Archer Can Help
Amid an unprecedented global disruption, RSA Archer has proven to help customers globally, adapt for their next normal.
For example, when a large health insurance provider needed to activate its business continuity plan to quickly make risk-based decisions across its IT, supply chain and workforce, they relied on the RSA Archer Integrated Risk Management Suite. This customer was able to automate workflow and quickly analyse employee, process and risk data to execute its business continuity plan, order necessary equipment and prioritise how and when to activate appropriate recovery strategies.
Customers from Asia-Pacific have shared that having access to updated business impact analysis (BIA) information has helped them more confidently and effectively respond to the disruption itself, and the ability to keep their risk and compliance processes running during the crisis has been beneficial.
Embracing SaaS for IRM can bring agility, simplicity and cost flexibility. At RSA, we are proud to support many of our customers’ journeys to IRM maturity and to the cloud with RSA Archer SaaS.
Sam O’Brien is the Director of integrated risk management for RSA APJ.