This solution brief provides an overview of RSA Archer Regulatory & Corporate Compliance Management, which includes use cases for Controls Assurance Program Management, Controls Monitoring Program Management, Corporate Obligations Management and Policy Program Management.
Implement workflow and change management based on regulatory changes.
Exception management and governance through appropriate risk acceptance and sign-off.
Regulatory intelligence feeds to drive review and response activities.
Impact analysis, change and issue management controls for corporate compliance obligations.
Reduces the time it takes to modify policies in response to changing regulations.
Improves your organization's ability to link regulatory requirements to internal controls and demonstrate compliance.
Decreases the time and effort required to research control requirements.
HIPAA is really the regulatory requirement that we have to attest to. HIPAA does not give a lot of detail as to what IT security needs to do. It just makes general statements like 'Protect your information.' We can go to a framework, such as NIST, that is a lot more prescriptive and gives us a lot more detail on how we can really accomplish that task. Archer enables us to map those two together, so whenever we attest to NIST we can also simultaneously attest to HIPAA.
Director of IT Security St. Luke's Health System
Want a Demo?
Sign up for a free demo today and watch our products in action.