Improve Enterprise Risk Management (ERM)

Technology disruption. New, more nimble competitors. Rising global regulations. Risks abound in today’s complex, rapidly changing environment. Take control of them with ERM software from RSA Archer® and reap the rewards.

Identifying, evaluating and monitoring enterprise risks is growing increasingly difficult, in part because of the volatile business environment and also because risk information is frequently spread across siloed systems. Get a holistic picture of the risks facing your enterprise with products and professional services from RSA Archer.

RSA Archer Ignition Program

Jump start a business risk management program with the streamlined, fast time-to-value approach provided by the RSA Archer Ignition Program. This special offering consists of core RSA Archer use cases for Issues Management, Business Impact Analysis, Risk Catalog and Third Party Catalog. Fixed-price deployment and implementation services help you quickly stand up your environment.

RSA Archer Enterprise & Operational Risk Management

Gain a clear, consolidated view of risks across your business. RSA Archer Enterprise & Operational Risk Management aggregates data from siloed risk repositories—improving your risk management team’s ability to identify, assess, evaluate, treat and monitor risks, and helping you drive a consistent, standardized process for enterprise risk management.

RSA Archer IT & Security Risk Management

Bring business discipline, best practices and strategic insight to management of IT and security risks. RSA Archer IT & Security Risk Management gives you capabilities to: rank business assets in terms of business criticality, identify and remediate security deficiencies, establish and communicate security policies and standards, and detect and respond to cyber attacks.

RSA Archer Regulatory & Corporate Compliance Management

Minimize regulatory compliance risks and establish a sustainable, repeatable and auditable regulatory compliance program with RSA Archer Regulatory & Corporate Compliance Management. Gain a clear view of compliance across your organization, document the impact of regulations on your business, prioritize compliance activities, and more.

RSA Archer Business Resiliency

Improve your organization’s ability to anticipate and respond swiftly to crisis situations and other unexpected events with RSA Archer Business Resiliency. This use case allows your organization to develop detailed business continuity and disaster recovery plans. It also provides a centralized repository for documenting critical business processes, assets and supporting infrastructure.

RSA Archer Third Party Governance

Mitigate third-party risks by automating and streamlining oversight of vendor relationships across your business. RSA Archer Third Party Governance provides best practices for managing the entire third-party lifecycle, as well as a strong mechanism for monitoring third-party risk and performance across your business.

RSA Risk Management Practice

The RSA Risk Management Practice delivers strategic consulting services to help you optimize your organization’s enterprise risk management program. It also offers staff augmentation and support services to help you plan, implement, deploy and upgrade RSA Archer GRC solutions.

What is Enterprise Risk Management?

Enterprise risk management is a discipline that provides leaders with tools and frameworks for identifying, evaluating, monitoring and controlling the range of risks that could interfere with their organization’s objectives. These risks may be strategic, operational, financial, regulatory or legal. According to COSO, the benefits of enterprise risk management include a reduction in surprise events and related losses, improved capital allocation, better planning and decision-making, improved ability to deal with uncertainty, and much more.

ERM software solutions from RSA Archer can provide you with a holistic picture of the risks facing your organization and help you advance your enterprise risk management program.


​Reduce the likelihood and impact of negative events, lost opportunities and surprises while improving your business’s ability to meet its goals and objectives.

​Realize efficiencies that free up your risk management team to focus on more important issues than program administration.

​Gain the ability to better prioritize risks across your business, more efficiently deploy resources to address the most critical problems, and elevate enterprise risk management as a new source of competitive advantage.

​Standardize the risk management program across your enterprise and establish a common language, measurement approach and rating scales.

​Enhance the engagement of business units in the process of identifying, evaluating, monitoring and managing enterprise risks.

​Strengthen the effectiveness of your enterprise risk management program by assuring that your risk data is accurate and complete, and that your business unit managers are taking responsibility for their risks and internal controls.


White Papers

  • The 6 Dimensions (& Obstacles) of Risk Management Overcoming the barriers to an integrated risk management program requires a strategy that is built around key principles of risk management, coupled with an understanding of the nuances of your business. The end goal of risk management is to help the business achieve objectives and improve decision-making. However, the implementation of a risk management program is not a simple “step 1, step 2, step 3” type of process. View the white paper to learn more about the six fundamental dimensions of risk management that should be examined to assess overall effectiveness when establishing your risk management program. Each of these dimensions is associated with a barrier to success – and when building your strategy, it is beneficial to understand and plan for these obstacles.
  • The 4 Phases of Your Risk Management Journey No organization can achieve complete visibility into risk. There is no crystal ball that will magically outline opportunity, map risks and provide a distinct, unobstructed path to success. However, there are specific stages organizations can move through in building an integrated risk management program. View the white paper to discover how the RSA Archer® maturity-driven approach enables organizations to create a road map for the course of their GRC program, allowing them to track the progress of their journey toward risk management maturity.
  • The 10+1 Guiding Principles of Business Risk Management Your business risk management program should add strategic value to the organization—enabling the business to focus on strategic objectives and optimize performance, not just simply meet compliance requirements. Ultimately, business risk management is about making decisions— decisions to manage, accept, transfer or avoid risk.
  • How GRC Can Help You Stay a Step Ahead of Ransomware With ransomware growing at 350% annually,* many federal, state and local governments, and private-sector businesses, are focused on the question of how to better prepare for the next attack. View the white paper to discover the important role that governance, risk and compliance (GRC) solutions can play in helping organizations prepare for and respond to the next ransomware assault on IT systems. *Cisco 2017 Annual Cybersecurity Report (2017)
  • 5 Things to Know When Researching Risk Management Platforms Embarking on a journey to implement a platform to support your risk management initiatives requires a significant investment. Given the complexity of risk in today’s enterprise, risk management programs must rely on a solid technology infrastructure to establish accountability, collaboration and efficiencies across multiple operational functions. Download the white paper for the key questions to consider when building your strategy and looking at the wide variety of risk management technology choices on the market.
  • Financial Institutions: Managing Operational Risk with RSA® Archer® As a board-level discussion topic at all financial institutions (FI) today, operational risk is real and public disclosure of significant operational risk events has become an all too common occurrence. The growing complexity of FI activities, changing workforce, expansive and shifting regulatory requirements, and dependencies on third parties can dramatically impact an FIs operational risk profile in the absence of an effective operational risk management strategy.



  • RSA Archer Enterprise and Operational Risk Management Ad hoc risk management approaches often overwhelm risk management teams without the ability to provide a consistent, real-time risk picture for the executive team and Board. RSA Archer Enterprise & Operational Risk Management allows you to understand the business context for operational risk, identify, assess and track emerging and operational risks, establish policies and standards, and implement and monitor operational controls. Watch to learn how RSA Archer provides the foundation to extend operational risk management processes to security, resiliency, regulatory compliance, audit, and third party governance.
  • Business Risk Management Part 2: 7 Steps to Build a GRC Framework Look at information security through the lens of business risk, and you’ll begin to make decisions about security in light of their impact on the business. A GRC framework for business risk management can help you identify key business priorities and align them with security information and decisions. View part two of this on-demand webcast series. This session details a seven-step methodology for a GRC-based business risk management framework, including tips for: Defining what information needs to be protected and identifying the location and amount of important information Documenting processes and enterprise risk controls—documenting the activities as business processes and documenting the risks associated with the processes Determining levels of inherent and residual risk and answering the question of what to do with a residual risk level that exceeds risk tolerance and appetite