RSA Archer® IT Risk Management
Identify, assess and monitor IT risks.
- Gain a consolidated view of IT risks across your enterprise with consistent approaches and automated processes for identifying, assessing and treating those risks.
- Maintain a complete catalog of IT assets and risks and establish clear ownership and accountability for them.
Improve your organization’s overall risk posture with a clear view of your IT risk profile and structured processes for continuously monitoring emerging IT risks.
Reduce the risk of business disruption due to outages, cyber attacks, improperly configured software, and other IT-related events and issues, whether cloud based or on premise.
Improve communication and understanding of IT control requirements to reduce compliance gaps and improve risk mitigation strategies.
Accelerate processes for researching and understanding key risk and control requirements. Clearly articulate the organization’s IT risk posture to management and regulators.
Streamlined IT risk assessments accelerate identification of IT risks and linkages to internal controls.
Keep pace with the rapidly changing risk landscape and shifting business requirements using an agile risk management framework.
Central Asset Catalog
Provides a means for creating a centralized catalog of organizational business and IT assets.
Includes pre-built IT risk assessments and a cyber threat assessment methodology, as well as an IT control library to enable documentation and assessment of IT controls.
Facilitates exception management and governance through appropriate risk acceptance and sign-off.
Offers a repository and standard taxonomy for IT risks and internal controls.
Provides a consolidated issue management process.
Enables centralized tracking of gaps and remediation activities for compliance issues.
One of the challenges we had before implementing Archer were that we had a difficult time finding a single, factual source of information. With the implementation of Archer, we can pull one piece of information together to share with the business, or to use for strategies and planning.
Chief Information Security Officer @ SAIC