• Makes complex third party governance easier to understand and manage.

  • Facilitates fulfillment of regulatory obligations and brings third party risks into a governance, risk and compliance program.

  • Enables consistent identification, assessment, treatment and monitoring of third party supplier risks.

  • Enables better monitoring of third party engagements and performance metrics.


  • Understand your third party relationships

    Catalog and assess which third parties your organization is using and how much risk they pose. Understand your third party dependencies and associated risk to optimize third party performance and prevent surprises and losses.

  • Monitor third party relationships

    Stay current with new or updated vendor relationships and monitor material changes occurring in existing third party relationships. Ensure that no material risk with third party relationships exists.

  • Make decisions and take action

    Make consistent decisions about third party risks in accordance with the risk appetite and tolerance of your organization. Ensure that risk treatments are implemented where appropriate. Consistently evaluate risk and apply controls and risk transfer techniques within your organization's risk tolerance.

RSA Archer Third Party Catalog

Document all of your organization’s third party relationships and associated contracts, as well as the business units and named individuals in your organization who are responsible for each vendor relationship. Use a single repository to aggregate all third party information, including profiles, third party business hierarchy, contacts, facilities, accountable third party contacts, and more.

RSA Archer Third Party Risk Management

Leverage a series of risk assessment questionnaires to assess third parties’ control environments and collect relevant supporting documentation for further analysis. Factor the results of these questionnaires into a determination of the organization’s residual risk across several risk categories.

RSA Archer Third Party Governance

Perform integrated third party risk and performance management. Document performance metrics and service level agreement metrics for each third party product and service to ascertain whether each engagement is being delivered in accordance with expected performance. Monitor a third party’s overall performance, document any risk and performance issues and establish remediation plans.

RSA Archer Third Party Engagement

Gain a holistic understanding of your organization’s dependency on various third parties across all of your business units. Catalog the products and services they deliver to your organization according to each business process and business unit they support. Perform inherent risk assessments across multiple risk categories and more.