TrustRadius Insights for Archer Integrated Risk Management Platform are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.
Pros
Integration Capabilities: Multiple users have expressed their satisfaction with RSA Archer's integration capabilities, stating that it seamlessly connects with various enterprise systems. This has greatly streamlined business processes and eliminated the need for manual data entry.
Comprehensive Control Standards: Many reviewers have commended RSA Archer for its robust control standards and procedures. They appreciate how the platform provides a framework to address multiple regulatory sources, ensuring compliance with various requirements.
User-friendly Interface: Several users have praised RSA Archer as a user-friendly platform with an easy-to-navigate interface. They find it highly accessible and appreciate the ability to customize the platform without requiring programming skills, allowing them to tailor it to their specific business needs.
RSA - Archer Integrated Risk Management Platform used for security PIN to login into the secure firm network, to avoid any data breaches or unauthorized access to the systems.
Pros
Verify User Authenticity
Quanitfies the business risks presented on a clear dashboards
Eliminates the use of multiple third party software's to address risk parameters.
Cons
Online Help system & monthly updates available for users
Option to link all the firm standards software's to be launched through SSO
Risk Patches to be embedded in firms custom built applications.
Likelihood to Recommend
It's a well-developed application to address risk issues encountered by firms, especially in the advanced cyber security vulnerable situation.
VU
Verified User
Manager in Finance and Accounting (10,001+ employees)
The risk management process at our organization is driven from the top. The board and executive team are aligned with risks we as a company are exposed to and what are the steps we are taking to mitigate or minimize them. The goals and targets are set for various key functions and stakeholders involved to manage risks. The scope of RSA Archer is not just limited to one or two departments, it is being used by the entire organization.
We are a highly compliance driven organization who deals with sensitive data of our clients across variety of industries globally. We are also exposed to multiple checks and reviews based on various standards, regulations and contracts throughout the year. Hence governance, risk and compliance is a mission-critical to our business strategy. RSA Archer helps us manage it effectively across the organization.
Pros
Visibility into key risks areas help manage budgets in addition to better decision making capability.
Policy management reduces workload of HR and Compliance and providing them better visibility in the system.
Automation of various processes including policy management, internal audit and contractual compliance is helping internal functions to reduce human factor and also to increase efficiency.
Dashboard view for management now helps review risks in real time.
Cons
User interface has improved over last few versions but it still has a room to improve.
Likelihood to Recommend
It is well suited for functions/business where processes are defined and stress testing has been done on them for effectiveness. It is not easy to use it for cases where processes are either fractured or doesn't align with business.
VU
Verified User
C-Level Executive in Information Technology (1001-5000 employees)
The whole organization uses RSA Archer across multiple subsidiaries to document relationships, risks, assets and controls. It effectively links issues to vendor relationships and assets while automating assessments within workflows. The dashboard capability allows for a wide range of customization for multiple types of users, offering a rich KPI experience.
Pros
RSA Archer provides robust ad-hoc reporting.
RSA Archer provides very detailed control over workflows and their customization.
RSA Archer provides multiple systems for the different needs of corporate governance.
RSA Archer doesn't have pop-up windows or peek windows into hyperlinks.
Likelihood to Recommend
RSA Archer is fantastic at cataloguing, personalizing assessments, raw reporting, and capacity to add custom fields. It is a little clunky around adding contextual information to notifications, peeking into data before attempting to load pages, quick navigation or determining linked (or sub-linked) relationships. These are all concerns that can either be worked around with an appropriate data scheme or with careful administration of the sub-routines.
This software allows us to track our audit finding remediation and complete questionnaires during our financial reporting process. It is administered and was selected by our internal audit group for their primary needs of finding remediation. They offered its use to Finance (no additional cost), for us to complete our financial reporting questionnaires and certifications with our controllers and functional leaders. It solves the business problem of approval workflow for our international footprint. I can’t speak much to the ROI, but can say that the accuracy and audit trail has improved.
Pros
Approval workflow.
Response rating for exceptions.
Statistics reporting.
Cons
Color scheme difficult to read.
Eliminate the instance number login.
Better navigation.
Likelihood to Recommend
Well suited for audit finding remediation and questionnaires for business users. Less appropriate when you expect exceptions to be raised because it isn’t interactive enough to send comments in a dialog. We tell users to have the dialog over email to communicate issues. Once everything is communicated and resolved, this tool allows them to sign off and provide an audit trail and reporting.
VU
Verified User
Manager in Finance and Accounting (10,001+ employees)
RSA Archer is being used by four major departments in the organization which require compliance and governance. It manages routine tasks, client profile creation, policy management, etc. It is a tool to adhere to compliance and e-governance in the organization. The tool is not built for small scale companies and, in my opinion, mammoth firms can achieve great benefits from this.
Pros
The auditing feature is amazing and, also, it is the basis to opt for RSA Archer.
One can configure and create processes as the department needs.
In disaster recovery exercises, it is one of the best tools available in the market.
Cons
They release time to time updates, which causes issues in the GUI. However, one has to be careful while installing the update.
There is no open and free academy to learn more about the tool.
One cannot stay to a particular product version, they have to move to the next version to keep up with the changes.
Likelihood to Recommend
RSA is an eGRC tool which represents governance, risk, and compliance. Moreover, these are the founding pillars of any organization. Disaster recovery department, business continuity, learning department, and security are the major customers for RSA Archer application. It makes their work much simpler and easier to follow. It makes users follow the company policy, and they have to follow it, or else the system will capture irregularities.
RSA Archer was implemented to consolidate over a dozen in-house built systems. It allowed us to consolidate reporting and move teams to a common platform.
Pros
Configurable User Interface
Hosted in Cloud
Economical Solution
Common Implementation/Training
Consolidated Reporting
Cons
Fully understand requirements before implementing, especially if looking for a common user experience
Can be supported with FTE's, but make sure you have a few trained to support the app, otherwise consulting support will be required.
Understand integration/connectors as these may add cost to your projects.
Likelihood to Recommend
It is a good tool and does the job well to consolidate home grown apps to a common platform.
VU
Verified User
Employee in Information Technology (10,001+ employees)
We use Archer to manage vendor relationships, vendor contacts, vendor contracts, risk/policy exceptions, and various other vendor risk uses. It is used enterprise-wide and is a key part of doing any work with a third party. We have used different versions of RSA Archer over the years and the team is trying to get the application to the most current platform/release.
Pros
It provides a central point to store all vendor information, which for us includes the vendor name, contact info and related agreements/contracts.
It provides a central point to store all IT Risk Policies and any active exceptions to those policies. This allows the user to manage their exceptions and submit new items as needed.
It allows us to manage 3rd party risk via a questionnaire that is required for all new agreements with vendors.
Cons
The technology is poor and seems very out of date. Drop down selections are horrible, the menu system is antiquated and you have to click next multiple times to see all possible choices.
The interface is very hard to navigate and the functions and flow of the application does not make a lot of sense. When I interact with the application I feel like I am using old technology. The menu system and forms feel old and out of date. It is very hard to submit a form because it is impossible to identify the required fields until you try and submit the form.
Workflows and email notifications are not intuitive or easy to understand. Once you submit a form and the workflow begins, the other participants can only approve or reject, there is no option to edit. So they end up rejecting and making you as the submitter edit and re-submit which starts the process again. The workflow piece of the app is very clunky and hard to work with, I would not recommend it to others.
Likelihood to Recommend
I just don't feel the solution is up to par with modern technology. We may use an older version, but overall the application is hard to interact with and it is very slow and not easy to get from start to end of the process. I feel like I am going back in time when I use the application because it is not intuitive and very clunky to use.
VU
Verified User
Project Manager in Information Technology (10,001+ employees)
In my own organization RSA Archer is used to manage Security operations center, manage the organizational assets, their Risk and compliance assessments.
It is being used by departments reporting to the CISO
The business problems that it helps solve is to monitor and implement controls against cyber attack’s and threats. The SecOps module of Archer helps with integrating with all sources of security alerts and incidents affecting the organizational assets, remediation activities required to prevent, detect and react to incidents impacting security (confidentiality, integrity availability) and thereby having the up-to-date information on the security posture of the organization
Pros
Integration capabilities to multiple enterprise systems
Control standards and Procedures to address multiple regulatory/authoritative sources, standards and frameworks enabling test once satisfy many requiremnts
Rapid application development and User friendly tool with configuration capability to customize easily without user requiring programming or coding skills
Cons
Periodic Updates to contents on controls standards and procedures based on updates additions authoritative source and standards
Effectively handle changes in advanced workflow to inflight records
Likelihood to Recommend
Suitable for any organization looking for effective risk and compliance management.
It might be less appropriate for organizations which don’t have any risk or compliance obligations and not regulated by authorities
RSA Archer is being used in the IT department to manage and provide governance over policies and business continuity. It is also being used for network monitoring through the Security Analytics solution. It addresses the governance issues across the enterprise. It allows us to manage all our our BCM documents in an executable and actionable framework.
Pros
Solution customization
Accessibility to information
User friendly interface
Cons
Workflows
Exporting Data
Reports
Likelihood to Recommend
RSA Archer is well suited in an environment where actionable governance exists and documentation is required ad-hoc for audit requests. The ability to maintain up to date information in an application allows accuracy to exist in ad-hoc reports.
RSA Archer is being used by my organization within the Internal Audit department to track various company controls, processes, policies, standards, and changes. Additionally, my organization uses RSA Archer to streamline the internal audit process. This helps Internal Audit to have visibility into all controls and their design and operating effectiveness across the entire organization.
Pros
Makes it easier to streamline running reports.
Consolidates various modules into one tool - Change Management, Access Management, Key Frameworks (FFIEC, ISO 27001/2, NIST, etc.).
Everyone can see the information in real-time to ensure team collaboration.
Cons
Very complex and can present a steep learning curve initially.
May be difficult for non-technical users to understand the process flow of the tool for various modules.
Documentation for the product is sometimes incorrect or has missing information that is needed to understand how a process works within the application.
Likelihood to Recommend
RSA Archer is better suited for an environment that has at least some maturity in its program. To effectively use this tool, the organization must first understand its various processes and controls in place as they have to be indicated within the tool. Although RSA Archer has "out of the box" templates for these areas, it is essential for the organization to understand these details to properly customize the tool to operate in their environment.
VU
Verified User
Consultant in Information Technology (10,001+ employees)