• Reduce the likelihood and impact of negative events, lost opportunities and surprises by gaining a clear, consolidated view of enterprise and operational risks across your business.

  • Engage business units as your first line of defense, helping to identify and assess known and emerging risks that may impact their operations and objectives.

  • Deliver an accurate, real-time picture of enterprise and operational risks to your board of directors and executive management team.

  • Address your most critical operational risk issues by aligning resources and risk management activities with business priorities.

  • Address enterprise risk management (ERM) and operational risk management (ORM) consistently across your business, with a common language and standard measurements, controls, rating scales and reporting.

  • Gain the ability to quickly report on and respond to risks that impede your organization’s objectives as they emerge.

What Is Operational Risk Management?

A subset of enterprise risk management, operational risk management (ORM) is a discipline that provides risk professionals with tools and frameworks for identifying, evaluating, monitoring and controlling operational risks. The Risk Management Association defines operational risk as “the risk of loss resulting from inadequate or failed internal processes, people, and systems, or from external events.” Examples of operational risks include catastrophic events, cyber attacks, fraud and non-compliance. Operational risk does not include strategic, reputational or financial risk, which fall under the broader umbrella of enterprise risk.

RSA Archer Enterprise & Operational Risk Management

Elevate operational risk management (ORM) as a new source of competitive advantage for your organization. RSA Archer Enterprise & Operational Risk Management offers specific use cases to help you identify, monitor and manage risks; perform risk assessments and root cause analysis; and much more.

RSA Archer Risk Catalog

Record and track risks across your enterprise and establish accountability for them. Take a top-down, qualitative approach to assessing inherent and residual risk and enable a three-level rollup of risk, from a granular level up through enterprise risk statements.

RSA Archer Top-Down Risk Assessment

Document risks and controls throughout your organization. Perform risk assessments on new products and services, business processes, and mergers and acquisitions. Execute automated risk assessment campaigns using pre-built forms. Manage and report on identified risk issues and remediation progress.

RSA Archer Loss Event Management

Track and report on loss events, perform root cause analysis, and establish accountability across your enterprise. Manage the loss event lifecycle to understand where and how your operational risk management (ORM) program needs to be strengthened. Automate the review and analysis workflow for loss events.

RSA Archer Key Indicator Management

Manage the key indicator lifecycle to monitor and report on insights to business risks. Establish and monitor metrics related to each business unit within the organization. Associate metrics with risks, controls, strategies, objectives, products, services and business processes to monitor quality assurance and performance.

RSA Archer Bottom-Up Risk Assessment

Implement a consistent risk assessment program to more effectively identify operational risks within your business. Document projects and create questionnaires from the extensive library in RSA Archer. Conduct fraud assessments and risk assessments of new products, services, business processes, or M&A targets.

RSA Archer Operational Risk Management

Understand the business context of risk with an aggregated view of operational risks across the business. Engage business managers in using consistent methodologies to identify and manage the risks and controls under their purview.

RSA Archer Enterprise Risk Management

Manage risks to strategic business objectives for an edge in today’s competitive market. Consolidate all risks into one view across your enterprise for reporting and analytics, and to help prioritize limited resources. Capture loss events and perform root cause analysis, document and monitor key risk indicators, and perform risk assessments.