Archer offers a platform for holistic integrated risk management solutions that empower enterprise organizations to more effectively manage risk, ensure compliance, and address emerging challenges.
N/A
BWise
Score 7.5 out of 10
N/A
BWise is an Governance, Risk Management, and Compliance (GRC) platform formerly owned and supported by Nasdaq, acquired by SAI Global in April 2019.
N/A
Pricing
Archer Integrated Risk Management Platform
BWise
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Archer
BWise
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
Archer Integrated Risk Management Platform
BWise
Features
Archer Integrated Risk Management Platform
BWise
Governance, Risk & Compliance
Comparison of Governance, Risk & Compliance features of Product A and Product B
Archer Integrated Risk Management Platform
9.5
Ratings
23% above category average
BWise
8.3
Ratings
10% above category average
Common repository of GRC items
8.70 Ratings
8.70 Ratings
Risk management
10.00 Ratings
8.10 Ratings
Integration with Corporate Performance Management (CPM) systems
Archer is better suited for an environment that has at least some maturity in its program, whatever that program may be. If an organization does not know stakeholders involved, or the workflow for its own process, or has the technology in place to perform vulnerability scans, then Archer will probably not be much help. If an organization knows these items, but it's all paper based or in Excel spreadsheets, or they are struggling to report on them, or notify an individual when it is their time to take action in a process, then Archer can be a tremendous help.
- What does our organization aim to achieve with the application? - Who will be using the tool? - How mature is our organization in the areas/processes that will fall in scope? - Are our areas averse to change? - How flexible and prone are our areas to modify their way of doing business and processes/procedures to accommodate BWise? - After implementation, who and how will perform application maintenance and change management (e.g. how easy will it be to update user privileges, central catalogs, assessment configurations, etc).
Integration capabilities to multiple enterprise systems
Control standards and Procedures to address multiple regulatory/authoritative sources, standards and frameworks enabling test once satisfy many requiremnts
Rapid application development and User friendly tool with configuration capability to customize easily without user requiring programming or coding skills
Great reporting tool (uses SAP Business Objects). It is quite flexible on types of reports that can be created and supported. Also the reporting consultants are very competent and nice.
Highly customizable solution: almost everything can be tailored to an organization's needs, assessments, audits, issues, recommendations, tasks, etc. However, there's a trade-off between customization and the integration of different areas of the organization.
Increases visibility and efficiency in the organization. BWise offers centralized repositories (catalogs) that can be easily accessed and used by everyone in the organization (e.g. Process catalog, Policies and Procedures catalog, Risks, Controls, Laws catalogs, etc.). Also, the application allows findings on controls tested by Audit to be automatically reflected in controls monitored by SOX for example, without the need for SOX to retest them. So one area can leverage on the work of other areas increasing operational efficiency.
Increases integration and avoids silos. By choosing the correct design (e.g. Risk Workshops instead of Open Assessments), one area can see and benefit from another areas' work. An example was mentioned above; another would be Operational Risk area considering the results of Business Continuity, Vendor Management, Info Security, etc. assessments when carrying out theirs. Additionally, processes can be integrated: when contracting a new vendor for instance, one can include questions about data confidentiality and usage of models in the Vendor risk assessment. Answers to these could then trigger Info Sec / Model Risk assessments.
Increases accountability. Application provides full audit/change log with the type of change, name of executor, and date of change.
Easier follow-up. BWise sends automatic emails with reminders to the people required to take action on an issue, assessment, etc.
Good tool to get the information communicated, approval workflow, and easy to add new findings/questionnaires. Seems to be compatible with different browsers and little downtime. Only request for improvement is to add an export feature with fewer clicks. Maybe batch export.
Our RSA Archer team is dedicated to finding solutions for our organization. They haven't mentioned any issues with receiving support with deployment or bug fixes, and generally the platform is very dependable. They are always very excited about delivering a version upgrade and presenting any new features that provide more dashboards or chart types.
Microsoft Dynamics is a useful tool with easy integration to toolsets for analytics, and has a remarkable ease of use. The accessibility and discoverability in RSA Archer is more difficult, as sections get densely nested. The search capability in Dynamics is smoother but reliant on complete words being used, whereas RSA Archer searching is full Boolean.
Wasn't personally involved in the vendor selection process. I am aware that one of the main drivers for selecting BWise was cost (I believe BWise total project cost was several times lower than MetricStream's).