RSA Archer® Third Party Governance
Manage your third party relationships and engagements while reducing risks and monitoring performance.
- Automate and streamline oversight of vendor and other third party relationships.
- Fulfill regulatory obligations and implement best practices across the third party management lifecycle.
- Get an accurate picture of third party risk, quickly allocate resources to those that are most pressing, and make better business decisions.
Makes complex third party governance easier to understand and manage.
Facilitates fulfillment of regulatory obligations and brings third party risks into a governance, risk and compliance program.
Enables consistent identification, assessment, treatment and monitoring of third party supplier risks.
Enables better monitoring of third party engagements and performance metrics.
Understand your third party relationships
Catalog and assess which third parties your organization is using and how much risk they pose. Understand your third party dependencies and associated risk to optimize third party performance and prevent surprises and losses.
Monitor third party relationships
Stay current with new or updated vendor relationships and monitor material changes occurring in existing third party relationships. Ensure that no material risk with third party relationships exists.
Make decisions and take action
Make consistent decisions about third party risks in accordance with the risk appetite and tolerance of your organization. Ensure that risk treatments are implemented where appropriate. Consistently evaluate risk and apply controls and risk transfer techniques within your organization's risk tolerance.
RSA Archer Third Party Catalog
Document all of your organization’s third party relationships and associated contracts, as well as the business units and named individuals in your organization who are responsible for each vendor relationship. Use a single repository to aggregate all third party information, including profiles, third party business hierarchy, contacts, facilities, accountable third party contacts, and more.
RSA Archer Third Party Risk Management
Leverage a series of risk assessment questionnaires to assess third parties’ control environments and collect relevant supporting documentation for further analysis. Factor the results of these questionnaires into a determination of the organization’s residual risk across several risk categories.
RSA Archer Third Party Governance
Perform integrated third party risk and performance management. Document performance metrics and service level agreement metrics for each third party product and service to ascertain whether each engagement is being delivered in accordance with expected performance. Monitor a third party’s overall performance, document any risk and performance issues and establish remediation plans.
RSA Archer Third Party Engagement
Gain a holistic understanding of your organization’s dependency on various third parties across all of your business units. Catalog the products and services they deliver to your organization according to each business process and business unit they support. Perform inherent risk assessments across multiple risk categories and more.
We chose RSA Archer because of its ability to bring several platforms together. We can tie our vendor due diligence into the risks and controls surrounding that vendor, and then tie it into business continuity so that we know if a vendor fails what the impact would be to the bank. That also feeds into our policy and regulations. We can build authoritative sources, tie everything together and see how we’re working in tandem to meet one regulation. That ability to create a sort of GRC universe at Berkshire Bank was what attracted us to the Archer tool.
AVP, GRC Officer @ Berkshire Bank