My primary use case for this solution is for the customizing and compliance system, especially for the first standard, ISO 27001, related to the information security management system.
CEO at Al Danah Information Systems Solutions
Simple to use product that gives a great return on investment
Pros and Cons
- "RSA Archer has reduced the time and effort required for meetings."
- "The product is expensive."
What is our primary use case?
How has it helped my organization?
RSA Archer has reduced the time and effort required for meetings because every person or department can enter their asset register by themselves. It's also useful that to get information on the spot, you don't need to have it in an Excel sheet to make it a compiler or a function. It is also a unified product, meaning that every person can enter any font or type of equation they need. It records information for several years, which means if I need to fix any observation from the past five years, I can do so on the system on the spot. Finally, it provides intelligent suggestions for solutions and risk management.
What is most valuable?
The most valuable feature of this solution is that risk mitigation and risk register are very easy - it's very simple to enter the data.
What needs improvement?
I would like to see a version of the product customized for small businesses, perhaps something cloud-based on a monthly basis. I would also like the product to be more easily integrated with the Arabic language.
Buyer's Guide
RSA Archer
December 2024
Learn what your peers think about RSA Archer. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
For how long have I used the solution?
I have been using RSA Archer for around two years.
What do I think about the stability of the solution?
This product is 100% stable, without a lot of bugs.
What do I think about the scalability of the solution?
The solution is scalable.
How was the initial setup?
The setup was complex, taking around three to six months.
What about the implementation team?
I used a vendor team.
What was our ROI?
First of all, we have gained time back that was previously wasted in management meetings. Secondly, approving any risk is much quicker with this solution, requiring only one click. RSA Archer has given us a return of investment on both time and money.
What's my experience with pricing, setup cost, and licensing?
The product is expensive, and there are additional costs if you need to integrate more licenses or want more features.
Which other solutions did I evaluate?
Before choosing RSA Archer, I evaluated MetricStream.
What other advice do I have?
I totally recommend RSA Archer for anything related to ERC for mid-to-large-sized businesses. I wouldn't recommend it for small businesses as it is very expensive. I would rate this solution as ten out of ten
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Specialist - RSA Archer at a tech services company with 10,001+ employees
Complete end-to-end solution that's easy to integrate and customize
Pros and Cons
- "Integration is another great aspect of RSA Archer. From the beginning, integration has been a central focus for RSA, and Archer has always integrated well with most tools on the market today."
- "RSA Archer might be a bit expensive for small companies because it's a vast tool."
What is our primary use case?
I'm an administrator for RSA Archer and a consultant, so I create platforms for various businesses based on their requirements. RSA Archer is a GRC tool, so RSA Archer controls and regulates different enterprise GRC solutions and IRM modules. I create those platforms for various business users according to their specifications. They provide us with the storyline, and then we advise them on ways to use RSA Archer to manage their processes. And then, once that is done, we create an RSA Archer platform.
How has it helped my organization?
RSA Archer has updated its UI many times. And the UI is now much more rich and user-friendly. That's one of the major things that they have changed recently. Our business users are much more comfortable with the latest UI. Also, the reporting mechanism inside RSA Archer is another thing that is very user-friendly. And all the business users, in most of the cases I've seen that they are very comfortable in using the reporting tools.
What is most valuable?
RSA Archer is a valuable tool because it can manage the end-to-end functioning of any enterprise GRC module, such as compliance and risk management or business continuity plans and the entire BCM module. RSA Archer also provides many out-of-the-box solutions, which are use cases derived from the standards for GRC or risk management, governance, and compliance. It provides an end-to-end mechanism for business users on a single platform. That includes reporting, managing workflow, creating documentation, or tracking a process where you need to get approval from the various levels within the organization's hierarchy.
Integration is another great aspect of RSA Archer. From the beginning, integration has been a central focus for RSA, and Archer has always integrated well with most tools on the market today. RSA Archer has its own APA that can be integrated into any other tools using Dorknet, Java, or any other language you can think of. So the APAs are excellent and easy to work with.
RSA is also increasing the scope of customization. When using a tool, consultants like us might need to customize it because the out-of-the-box solution does not perfectly match the client's requirements. So RSA is quickly incorporating those customizations and allowing us various ways to do that. In doing so, RSA is opening up more areas where Archer can be used. Vendor management is the latest example. They have already added one vendor management module. I'm not entirely familiar with it, but it can be integrated with other tools directly on a real-time basis. So that's one feature, which is very new to Archer, and I think it's going to be a breakthrough.
What needs improvement?
There are many small things that need improvement but on the whole, it is much better now than it was when I first started using it six years ago. They are putting out updates almost every day. The latest version came out just a few days ago, so they are constantly making minute fixes and tweaks based on input from different users. Users like us are developing applications on the tool, so when we have an issue, we open a ticket with RSA directly. If it is a new issue and they can't fix it, then they log it and provide a solution in the next release of their tool. They're also planning to move to a completely cloud-based solution, so they are providing all the support for RSA Archer to be easily hosted on the cloud and everything.
For how long have I used the solution?
I've been working with RSA Archer for the last six years.
What do I think about the stability of the solution?
Performance is always an issue with any coding system. And RSA Archer used to have more performance issues. It was completely on-prem, so there were some slowdowns because of that. However, they've upgraded their backend systems, the codes, supporting database structures, etc. So the speed has picked up lately. They have improved in the last few releases, and I hope they will also continue to do that.
What do I think about the scalability of the solution?
We have various mechanisms to scale up. For example, we already have the lab configuration in RSA Archer, so we can use their lab to get that directory from the organization. And whenever it changes or updates, that's automatically reflected in RSA Archer too. So that is a very straightforward thing and easy to maintain also. And we plan to increase usage. My company is an RSA Archer partner, so they're always looking to increase the number of projects in RSA Archer.
How are customer service and support?
RSA technical support is good. They're very approachable and provide quick solutions. Sometimes there may be a delay, but only if it is a very complex problem or one they might not have encountered earlier.
How was the initial setup?
RSA Archer is very deployment friendly because it is quick and straightforward. Migration and deployment aren't too complicated. RSA Archer can do it more quickly than most other GRC tools in the market right now, like SAP GRC. RSA Archer is one or two steps ahead because the migration is pretty smooth and can be done very quickly. One person can handle it pretty easily, but it also depends on the level of customization you want. Whenever we are customizing a tool, we need a specialist. So during migration, the senior consultants monitor what the team is doing and the others supervise. But if we're talking about how easy it is, then one or two people can easily do it.
Then there is the regular maintenance, but it's more accurate to say "enhancement" than "maintenance." Every time the user has a new requirement, we need to add those things into our resources. So it's pretty easy to do if you have two or three environments with you, development, UAT, QA, production, etc. The migration is pretty quick, so it's easier to manage from the maintenance point of view.
What was our ROI?
We've seen a return with RSA Archer. My organization started with a single project in RSA Archer, and now we are handling multiple businesses at multiple levels and doing several different projects in RSA Archer. And the clients are returning customers. They want to get into RSA Archer as much as they can.
What's my experience with pricing, setup cost, and licensing?
RSA Archer might be a bit expensive for small companies because it's a vast tool. It provides many built-in solutions and functions that can meet all of a company's GRC needs. So, ultimately, it is cost-effective because it offers tools that serve a variety of functions. It is costly, but if you are a big company, the decision is pretty straightforward in terms of the cost versus the service Archer provides.
The licensing scheme has several levels, and you can purchase additional licenses depending on your needs. So you can opt to get only a license for the use cases that apply to your organization. You don't need to buy the entire thing, so that is a good thing.
What other advice do I have?
I rate RSA Archer eight out of 10. Nothing is perfect and every day RSA is perfecting its own tool, so I rate it eight. It is one of the best GRC tools on the market at the moment. But, every day new tools are emerging. For example, ServiceNow is one of RSA Archer's strongest competitors. They are also coming up with their own ASA application use case. But I would say that RSA Archer is a much more mature GRC tool, and it stacks up well against other GRC platforms like SAP GRC and IBM Openpages. So in that sense, I would say Archer is a more mature tool with good services that can be helpful for your organization. I would recommend it.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
RSA Archer
December 2024
Learn what your peers think about RSA Archer. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Security Specialist at a tech consulting company with 1-10 employees
Configure security applications easily while retaining the capability to customize with and without coding
Pros and Cons
- "The most valuable part of the product is the ease-of-use and the opportunity to create custom security applications easily."
- "There are some issues with the interface for version 6.5 but these may already be repaired and simplified in the new versions that have been released."
What is our primary use case?
I am developing applications in Archer from RSA (Rivest, Shamir, and Adelman). It is quite easy to implement the application. You just configure the workflow, define the forms and how the data is processed in the application. Everything can be configured without coding. You can use a code also to create special functionalities, but it is easy to do almost everything without coding at all.
How has it helped my organization?
It gives me the opportunity to create custom security applications easily.
What is most valuable?
The most valuable part of the product is the ease-of-use.
What needs improvement?
I am currently using an older version of the product so my installation is not current. There have already been two new versions of Archer released after the version I have. I use 6.5 and 6.6 and 6.7 have been released. These two are minor releases. They are not really affecting the inner workings of how to do tasks but improving certain features like the interface. When I am creating applications I like to have what I know is a stable and familiar version of the product, so I do not automatically upgrade to the newest versions available.
Because I have not upgraded, the graphical user interface is not the current one. It is not very modern and as user-friendly as it could be. I heard that the new versions have improved the graphical interface very much in this respect, and it should no longer be a problem at all. So, for now, I have some issues with the interface for this version but it may already be repaired and simplified in the new versions that exist.
One thing I might like added is the ability to record a workflow in another application. It is really a sort of very technical thing and it is possible to do it in other ways, but adding this to the product could really help with the simplification of creating new workflows. This could make it easier, to implement some technical things.
For how long have I used the solution?
I have been using RSA Archer for one year.
What do I think about the stability of the solution?
I have not experienced any problems with the stability of the product. It works as expected in accordance with the resources and feedback I received from my IT department. It can use a SQL server, a web server, or whatever I need. There is no problem with lag or overuse of resources on the server.
What do I think about the scalability of the solution?
The product is flexible and scalable. The processes that are created with the product are going to be used by every manager in this company. That is a total of about forty to sixty people right now.
As far as how extensively I will use RSA Archer in development, everything I develop is per request. When somebody requests functionality, I am the one responsible for implementing it. It is not really possible to predict how often or how many requests come in or how complicated they will be. Usually, I am using it at least a few days every month. But I may be asked to implement an application that the other employees may use daily.
How are customer service and technical support?
I had a few problems initially understanding the sample they showed for the implementation. Once I contacted support they told me a few things to try and sent me links to additional documentation. When I read about it, I was able to easily resolve the issues I was having. When I was then also introduced to the community, I was able to continue to quickly solve any problems I had. There is a huge community of users that is quite active and can help other users to solve issues. It is great when others who have already solved similar problems in real life share their knowledge about how to solve those problems in your own environment.
But in general, from my experiences, I would rate the support at RSA as very good.
Another benefit is that — although there are many features already — you can propose new features directly to the company. There is a place in the user community to propose those features where they can be discussed. If they are popular features with users, they are implemented. So you can ask for anything and if you have an idea which is good — something which is required by others — it is usually implemented. I have recommended about four or five features that are in the process of being considered. It is a really good way for the company to guide their efforts in improving the product.
Which solution did I use previously and why did I switch?
A similar product that we used before RSA Archer was LDRPS (Living Disaster Recovery Planning System). We had to move from LDRPS to the RSA product because LDRPS went to the cloud. The security requirements of our management and of our customers are generally that they do not want to have very critical information on the cloud. In some cases, they can not have it there at all. We have to use a tool that is possible to install on-premises. When we were evaluating solutions, I was testing several of the products. I chose RSA Archer because it met this requirement and other needs we had for flexibility.
I chose RSA Archer because I was tasked to find a tool that could implement business continuity planning. Archer can implement more processes in many ways, so it not difficult to implement anything from incident management to business continuity, to change management. Anything somebody asks me to do, they provide the requirements and it is really easy to implement it in this. On top of that, it is easy to customize.
So this is the reason why we chose Archer. It is easy to implement, it is easy to change the workflow, and it is easy to customize the processes.
How was the initial setup?
Archer can be set up for use in very small environments and you can use one tool for several installations. It can be installed on several servers concurrently, so every server might be configured to have special features and styles and the instances of the installations cooperate together to provide the functionality of the tool. So the complexity of the setup depends on how large an environment you have. At this moment, I have experience only with very small environments, running the product on one computer. But the product also has great documentation. Just using the documentation alone I was able to install the product really easily and get it up and running on the one server.
It took me a little more than one day to install. The deployment really depends on the use case. The use case is processing or the kind of process you are creating. For example, processing may need to analyze requirements supplied by customers. The more requirements and more processes you need in Archer the more complex the setup will be. Usually, it takes a few days to create a process. I would say on average that processes are implemented in five days. The options and features that the tool has are really quite vast. There are lots of features and every company only chooses to use some of them, which they license and use separately. It can be compared to something like Jira.
What about the implementation team?
I did not have to consider using an outside vendor for the installation and I was able to complete the install by myself with the help of the documentation.
Which other solutions did I evaluate?
Many tools that I tested had processes wired into the application without any option to change them. When I needed to fill requirements that differed even slightly from what was already implanted in the tool I would need to make a workaround or need to implement another tool. This would not have been the best way to go about what I would need to accomplish regularly.
What other advice do I have?
For people considering this product, they have to be sure that it is a product that could really do what they need it to do. Mostly any workflow can be implemented in the process in the application if they want to build it. The best thing would probably be that they should just try it and see. I would definitely recommend this product, but it may not be the tool everyone likes the best.
On a scale from one to ten where one is the worst and ten is the best, I would rate RSA Archer as a nine-out-of-ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PMO Project Manager - Information Security at Redbelt
Great support, easy to deploy, and scalable
Pros and Cons
- "The solution has helped our organization manage our internal and external activities."
- "The financial area of RSA Archer has room for improvement."
What is our primary use case?
We use RSA Archer to connect to the purchasing department so that vendors can sell new projects, and we can connect these sales to our project management. This solution connects both areas to develop demand and activities, allowing us to control technical resources and manage hours. RSA Archer also helps with Project Builder and Microsoft Project to check activities, start and finish times, and layered activities.
How has it helped my organization?
The solution has helped our organization manage our internal and external activities.
What is most valuable?
The price of the solution is very affordable.
What needs improvement?
The financial area of RSA Archer has room for improvement. I would like to be able to send invoices to our customers through the solution.
For how long have I used the solution?
I have been using the solution for three years.
What do I think about the stability of the solution?
I give the stability an eight out of ten.
What do I think about the scalability of the solution?
We have 100 people using the solution. I give the scalability an eight out of ten.
How are customer service and support?
Technical support is the best.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is straightforward. The deployment required five people.
What was our ROI?
I have seen a return on investment.
What's my experience with pricing, setup cost, and licensing?
I give the price a five out of ten.
What other advice do I have?
I give the solution an eight out of ten.
I recommend the solution to others.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Lead Analyst - Security Governance at a retailer with 1,001-5,000 employees
One platform with good options for tailoring to requirements; lacking somewhat in customization
Pros and Cons
- "Good dashboards and reporting features; it's easy to gather reports quickly."
- "There are certain restrictions on API integrations, and it is not simple or straightforward."
What is our primary use case?
We have a partnership with RSA Archer and I'm a lead analyst and GRC for the company.
How has it helped my organization?
We use this solution as a central repository. Instead of using various GRC options or other tools, we can use one platform with options to tailor the product to our needs. That's the benefit of using RSA Archer.
What is most valuable?
I like the dashboards and reporting features; it's easy to gather reports quickly which is great when your VP is waiting for the KPIs. The solution is generic and it's great to have out-of-the-box workflows and concepts. I'm very satisfied with Archer, possibly because I've been using it for so long and I'm in my comfort zone. I know, for example, that ServiceNow GRC is more customizable but it's not as secure as RSA Archer.
What needs improvement?
I'm using a Mac and I can't get Archer to load in Safari. In addition, there are certain restrictions on API integrations, and it is not simple or straightforward. I'd like more customization and to be able to design our API integrations more easily, it would make a huge difference. We moved to SaaS because we wanted more integration and we wanted RSA to help with that. There has been some improvement but it's still not great. For no reason that we can figure out, there are issues with email; sometimes it works and sometimes it doesn't. We've raised that problem with RSA. There are some security concerns when it comes to authentications or DMZ or service accounts, which are still managed by RSA.
For how long have I used the solution?
I've been working with various Archer solutions for about nine years.
What do I think about the stability of the solution?
The SaaS version is stable. We have an Archer admin team that meets weekly with a representative from RSA so that any concerns or issues can be resolved as soon as possible. 90% of my work is on Archer and about 60% of the company are users of this product.
What do I think about the scalability of the solution?
The scalability of the solution is reasonable.
How are customer service and support?
I'm satisfied with the Archer support.
How was the initial setup?
I don't have a good recollection of the deployment process but we had three representatives from RSA and three or four engineers from a vendor contractor. Deployment probably took over six months, including the change from on-prem to SaaS. The solution hasn't required maintenance since we moved to SaaS.
What other advice do I have?
It's important to first look at the out of box workflow that RSA is offering, and then go for customization. Don't customize or overdo workflow because it degrades the overall Archer performance.
I rate this solution seven out of 10.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
RSA Archer Consultant at a tech services company with 1-10 employees
Excellent advanced workflow but issues with performance
Pros and Cons
- "Makes auditing much more convenient."
- "Performance could be improved."
What is our primary use case?
My main use cases are risk assessment and policy use. I also use this solution to create on-demand applications.
How has it helped my organization?
RSA Archer allows you to implement government risk compliance and acts as a mechanism to ensure that the compliance policies and standards are met. It also documents every exception with proper reasoning. This makes auditing much more convenient.
What is most valuable?
The most valuable feature is the advanced workflow, which has totally ruled out any issues with data-driven events and which makes it easier to explain things to end-users because you can show them a screenshot of the workflow.
What needs improvement?
An area for improvement is Archer's use of Internet Explorer as a core browser due to its dependence on Silverlight, despite Microsoft ending its support for IE and moving to Edge. I would like to see an end to the use of Silverlight and IE and for Archer to add the ability to use any browser to make key changes and configurations. In addition, I would like for the new questionnaire feature to be developed further and for Archer to develop a proper built-in framework for working with organizations with sub-organizations and multiple companies.
For how long have I used the solution?
I've been working with RSA Archer for 28 years.
What do I think about the stability of the solution?
Archer's performance could be improved - older versions can be very slow, and the application crashes from time to time.
What do I think about the scalability of the solution?
Archer is easy to scale.
How are customer service and support?
I have to contact technical support about once a month due to some issues with logging in. Generally, the team is responsive and proficient, though sometimes they can be a little slow to respond.
How was the initial setup?
Initial setup is quite complex because every organization requires three instances of Archer, which requires changing the specific components for each instance and needs three teams to be involved in deployment. Deployment can take anywhere from a couple of hours to a full day or two, depending on how many different modules are being installed and the areas being impacted.
What's my experience with pricing, setup cost, and licensing?
Archer is fairly highly-priced, especially for smaller companies.
What other advice do I have?
If using the on-premises version of Archer, it's necessary to train at least a couple of people who can provide ongoing support. Prior to purchasing the product, make sure that you define your exact requirements and go over them with the RSA Archer team. I would rate this product as seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Principal Consultant at a tech services company with 10,001+ employees
Streamlines management and organization but struggles with large amounts of data
Pros and Cons
- "Even non-technical people can be masters of the product."
- "Some areas are not truly automated but are only scheduled."
What is our primary use case?
My primary use cases are IT risk management, policy management, IT compliance management, vendor risk management, and vulnerability management.
How has it helped my organization?
RSA Archer allows you to create on-demand policies and custom solutions. It automates all our governance, risk, and compliance processes so that they can be easily managed and organized. Archer can build and automate workflows for anything that contributes to your risk.
What is most valuable?
The most valuable features of this solution are the ease of developing solutions and managing advanced workflows.
What needs improvement?
The main improvement I would like to see in the on-premises version is the amount of data the product can hold. You need to have a really good server to make it run if you have a large amount of data, which may be challenging for bigger organizations. Another improvement would be making more features available as APIs. There are also some automation issues - some areas are not truly automated but are only scheduled, requiring someone to be present to monitor the process, meanwhile using a lot of automation can slow the system. Finally, I would like to see more scope for developers to play around with the project - currently, it is so tightly coupled that you do not have many options compared to some other products.
For how long have I used the solution?
I've been working with RSA Archer for ten years.
What do I think about the stability of the solution?
Assuming you stay within the limits stated in Archer's documentation, the stability is good. However, if you exceed their limits, you may need to play around with your power distribution to keep everything running smoothly. New patches or updates can also cause hiccups with stability.
What do I think about the scalability of the solution?
The product is easy to scale.
How are customer service and support?
Archer's technical support is pretty good - they are supportive, and their ticketing system provides real-time updates about any incidents that occur. The team also responds quickly to high-priority issues.
How was the initial setup?
Setup was straightforward - for the on-premises version, the vendor sends an executable file, then you procure your resources and deploy yourself. The installation itself takes about twenty minutes at most, although preparation to install can take some time.
What's my experience with pricing, setup cost, and licensing?
This product is at the higher end of the price scale, but it provides better, more accessible functionality and customization than cheaper products.
What other advice do I have?
You don't need any experience with coding language to use this solution as it has drag-and-drop functionality. In two to three months, even non-technical people can be masters of the product. In addition, out-of-box solutions like risk management and policy management are really good. Maintenance is not a big problem, but if you heavily customize the product, you may need someone to keep an eye on those. I would also say that if you don't have your processes measured, don't jump directly into any of these products, including Archer. Make sure your processes are mature before implementing a product like this. I would rate this product as seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Software Developer at a insurance company with 201-500 employees
The stability is fine, but tech support could be more knowledgeable
Pros and Cons
- "I have found all the features to be valuable, including those involving reporting, the dashboard, notifications, email modules, the database and data input."
- "I find the tech support to be inadequately knowledgeable."
What is our primary use case?
The solution is an integrated platform. We use it for risk management, mitigation and integration.
What is most valuable?
I like that the solution has the ability to export data and provide us with daily reports.
I have found all the features to be valuable, including those involving reporting, the dashboard, notifications, email modules, the database and data input.
What needs improvement?
There are many issues which Archer needs to work on, including those involving the database and the UI. I find the tech support to be inadequately knowledgeable.
As I am a developer and responsible for providing production support, I do not have personal knowledge of the pricing. However, my colleagues claim that it is very expensive in comparison with other tools.
What do I think about the stability of the solution?
As concerns the stability, we have not encountered any bugs, glitches or performance issues.
What do I think about the scalability of the solution?
Starting from the outset, we have employed very few applications, the current number being just shy of 50.
How are customer service and support?
The tech support should be more knowledgeable.
Which solution did I use previously and why did I switch?
We did not use a different solution prior to RSA Archer, which we have been with for a long time.
How was the initial setup?
As relates to the deployment process, I found the new packaging thing to be a bit complex, although it is fine. I got used to it.
The length of the process varies with the number of applications.
What about the implementation team?
One person is required to set up the solution. The solution must be maintained.
What's my experience with pricing, setup cost, and licensing?
As I am a developer and responsible for providing production support, I do not have personal knowledge of the pricing. However, my colleagues claim that it is very expensive in comparison with other tools.
What other advice do I have?
There are presently between 50 and 100 people making use of the solution in our organization.
The solution comes with very good features. If they could just fix a couple of things then this solution would make a very good evergreen tool.
I rate RSA Archer as a seven out of ten.
Which deployment model are you using for this solution?
Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free RSA Archer Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Popular Comparisons
MEGA HOPEX
OneTrust GRC
ACL Analytics
Workiva Wdesk
AuditBoard
IBM OpenPages
MetricStream
Diligent One Platform (formerly Highbond)
ProcessUnity
Microsoft Purview Communication Compliance
SAP BusinessObjects GRC
NAVEX One
NAVEX Global
SAI360
LogicGate
Buyer's Guide
Download our free RSA Archer Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Vulnerability Management and Risk Management Integration
- What are the Top 5 cybersecurity trends in 2022?
- Which is the best legacy IDM solution for SAP GRC?
- When evaluating GRC, what aspect do you think is the most important to look for?
- What privacy concerns should be taken into account when implementing an RPA solution?
- What is your recommended automated audit software for internal and external audit?
- What aspect does Symantec Control Compliance Solution cover in IT Governance, Risk and Compliance?
- What is the difference between SOC 1, SOC 2, and SOC 3 compliance?
- What is Security Posture and what categories of Security Posture Management do exist?
- How many ISO norms do we have in the entire ISO27k security family standards?