From my perspective, it's a useful tool with all the essential modules and features for governance, risk management, and compliance activities. The reference information linked to controls and risks is also beneficial and provides flexibility. Overall, I would recommend RSA Archer. Moreover, I would rate the solution an eight out of ten.
As a system integrator, we have worked in and around all versions of the product. We're working on the latest and a lot of their SaaS and hosted versions now. Right now, while they do offer on-prem versions, it's almost always in the cloud. It's not a multi-tenant structure like an AuditBoard or Workiva. It's still a single instance in the cloud, as it's a little bit older. Similar to Workiva and as a system integrator, using something like this product is about understanding what you're trying to achieve and then getting the tool to use it. Each tool has nuances, strengths, and weaknesses. It's in knowing what you want to achieve that will allow you to ensure you're getting what you want to be completed that makes the tool successful. I'd rate the product six out of ten.
Sr. Internal Auditor at a energy/utilities company with 10,001+ employees
Real User
2021-12-17T13:40:00Z
Dec 17, 2021
There is absolutely no doubt that it is a very good tool for audit management as a whole. If you are deploying RSA Archer, the most important thing is that you need to be very clear of your requirements and the processes for audit management. It can maintain the organization hierarchy, business hierarchy, processes, projects, and assets. It can maintain a lot of repositories and attributes related to an organization for mapping individual audits. It is a wonderful tool, but if you are not clear about how you want to deploy it, it could be a mess. This is applicable to any enterprise-level tool. The reason I'm certifying with RSA Archer is that when you are using it for audit, there is a particular strategy and the way to do it, which may vary from organization to organization. So, you have to be very particular about what you want from the tool before deploying it. You should not deploy it and then define your processes. I would rate RSA Archer a nine out of 10.
Cyber security consultant at a financial services firm with 1,001-5,000 employees
Consultant
2021-11-29T19:31:10Z
Nov 29, 2021
If you are considering implementation, my advice would be to decide on a strategy first before you implement a solution. The solution is nice, but unless you have a strategy, I don't see the point in implementing it. I rate Archer a seven out of ten.
RSA archer at a engineering company with 10,001+ employees
Real User
2021-11-20T08:03:31Z
Nov 20, 2021
They have to use RSA Archer if they use the automated tools, their data will be safe. Though there are some issues with the technicality of the solution, such as errors. The solution provides great features, such as customization, we can customize it as per our requirement. I rate RSA Archer a ten out of ten.
You don't need any experience with coding language to use this solution as it has drag-and-drop functionality. In two to three months, even non-technical people can be masters of the product. In addition, out-of-box solutions like risk management and policy management are really good. Maintenance is not a big problem, but if you heavily customize the product, you may need someone to keep an eye on those. I would also say that if you don't have your processes measured, don't jump directly into any of these products, including Archer. Make sure your processes are mature before implementing a product like this. I would rate this product as seven out of ten.
This is a good solution compared to others in the market because it is more secure. It's suitable for any size company although smaller companies will only need to use certain modules with larger organizations using multiple modules. This is a one-stop storage device that you can access from anywhere. I rate this solution nine out of 10.
GRC Archer Consultant at a tech services company with 10,001+ employees
Consultant
2021-10-29T17:39:56Z
Oct 29, 2021
This is a really nice tool because the majority of what it provides is not offered by other solutions. It's a matter of learning the tool and accepting how it works with an open mind. Anyone using it will find it really helpful for the GRC processes. I rate the solution seven out of 10.
I rate RSA Archer nine out of 10. It's an increasingly mature and very secure tool in the market. Every environment should have this kind of tool. It's useful for tracking any security threat.
Vice President and Risk Management at a financial services firm with 10,001+ employees
Real User
2020-12-09T06:13:00Z
Dec 9, 2020
Make sure you know what you want to really do and pick the right modules and do a lot of planning, planning, planning. It's like building a house. If you don't do the planning, when it comes down to trying to build it, you really get screwed or the team gets screwed. And I don't think people do a lot of planning. On a scale of one to ten, I'd give RSA Archer an eight. It's Archer - there are days when their stuff is awesome, there are other days when the frustration level is way too high.
Security Specialist at a tech consulting company with 1-10 employees
Consultant
2020-01-12T12:02:00Z
Jan 12, 2020
For people considering this product, they have to be sure that it is a product that could really do what they need it to do. Mostly any workflow can be implemented in the process in the application if they want to build it. The best thing would probably be that they should just try it and see. I would definitely recommend this product, but it may not be the tool everyone likes the best. On a scale from one to ten where one is the worst and ten is the best, I would rate RSA Archer as a nine-out-of-ten.
Team Lead: IT Security Compliance at a energy/utilities company with 10,001+ employees
Real User
2019-08-29T08:53:00Z
Aug 29, 2019
My advice for anybody considering this solution is that if you are a mature organization then this is the best tool to use. It has cross-disciplinary functionalities in which multiple teams can be using the same solution. Companies who are not yet mature, but want to develop, can use this tool as a baseline that will help them mature. It has the entire process. It will help you streamline what you want, have visibility of what you need, and you can build up. Basically, it's a central repository for everything. We have enterprise architects who are interested in this solution because of the Enterprise module, and it's capabilities. Having all of the information connected, within itself, is the best value that you can have. I, myself, wanted to become an expert and certified in using this tool. The only thing that stopped me was the lack of bullet chart capabilities in reporting. It's what is holding me back. Without the support for bullet charts, the visibility that we need is lacking. For example, if there is a textual date like the 25th of April 2020, for us there is no visible representation of the date. A bullet chart will tell you how far it is, how far we have come already, and what the target is to get there. This is an amazing tool, but without that graphical representation, it just puts that aside. This is why I'm trying to find another tool that will compensate for that. I would rate the closest runner-up to this solution a six out of ten, with all of the other solutions somewhere below that. When it comes to this solution, I would rate it an eight out of ten.
RSA Archer is a solution designed to help your organization manage policies, controls, risks, assessments, and deficiencies across your lines of business. RSA helps you manage your digital risk with a range of capabilities and expertise including integrated risk management, threat detection and response, identity and access management, as well as fraud prevention.
The solution also allows you to adapt a broad range of solutions to your requirements and is a good option for both big and small...
From my perspective, it's a useful tool with all the essential modules and features for governance, risk management, and compliance activities. The reference information linked to controls and risks is also beneficial and provides flexibility. Overall, I would recommend RSA Archer. Moreover, I would rate the solution an eight out of ten.
Overall, I would rate the solution a nine out of ten. I would recommend it. It's very usable, and you can easily understand the process.
I rate the solution a five out of ten.
Overall, I rate the solution an eight out of ten.
I give the solution an eight out of ten. I recommend the solution to others.
As a system integrator, we have worked in and around all versions of the product. We're working on the latest and a lot of their SaaS and hosted versions now. Right now, while they do offer on-prem versions, it's almost always in the cloud. It's not a multi-tenant structure like an AuditBoard or Workiva. It's still a single instance in the cloud, as it's a little bit older. Similar to Workiva and as a system integrator, using something like this product is about understanding what you're trying to achieve and then getting the tool to use it. Each tool has nuances, strengths, and weaknesses. It's in knowing what you want to achieve that will allow you to ensure you're getting what you want to be completed that makes the tool successful. I'd rate the product six out of ten.
I would rate RSA Archer an eight out of ten.
I would give RSA Archer a rating of eight out of ten.
I would advise anyone thinking of implementing Archer to go for it. I would give this tool a score of eight out of ten.
There is absolutely no doubt that it is a very good tool for audit management as a whole. If you are deploying RSA Archer, the most important thing is that you need to be very clear of your requirements and the processes for audit management. It can maintain the organization hierarchy, business hierarchy, processes, projects, and assets. It can maintain a lot of repositories and attributes related to an organization for mapping individual audits. It is a wonderful tool, but if you are not clear about how you want to deploy it, it could be a mess. This is applicable to any enterprise-level tool. The reason I'm certifying with RSA Archer is that when you are using it for audit, there is a particular strategy and the way to do it, which may vary from organization to organization. So, you have to be very particular about what you want from the tool before deploying it. You should not deploy it and then define your processes. I would rate RSA Archer a nine out of 10.
If you are considering implementation, my advice would be to decide on a strategy first before you implement a solution. The solution is nice, but unless you have a strategy, I don't see the point in implementing it. I rate Archer a seven out of ten.
They have to use RSA Archer if they use the automated tools, their data will be safe. Though there are some issues with the technicality of the solution, such as errors. The solution provides great features, such as customization, we can customize it as per our requirement. I rate RSA Archer a ten out of ten.
You don't need any experience with coding language to use this solution as it has drag-and-drop functionality. In two to three months, even non-technical people can be masters of the product. In addition, out-of-box solutions like risk management and policy management are really good. Maintenance is not a big problem, but if you heavily customize the product, you may need someone to keep an eye on those. I would also say that if you don't have your processes measured, don't jump directly into any of these products, including Archer. Make sure your processes are mature before implementing a product like this. I would rate this product as seven out of ten.
This is a good solution compared to others in the market because it is more secure. It's suitable for any size company although smaller companies will only need to use certain modules with larger organizations using multiple modules. This is a one-stop storage device that you can access from anywhere. I rate this solution nine out of 10.
This is a really nice tool because the majority of what it provides is not offered by other solutions. It's a matter of learning the tool and accepting how it works with an open mind. Anyone using it will find it really helpful for the GRC processes. I rate the solution seven out of 10.
I rate RSA Archer nine out of 10. It's an increasingly mature and very secure tool in the market. Every environment should have this kind of tool. It's useful for tracking any security threat.
Make sure you know what you want to really do and pick the right modules and do a lot of planning, planning, planning. It's like building a house. If you don't do the planning, when it comes down to trying to build it, you really get screwed or the team gets screwed. And I don't think people do a lot of planning. On a scale of one to ten, I'd give RSA Archer an eight. It's Archer - there are days when their stuff is awesome, there are other days when the frustration level is way too high.
For people considering this product, they have to be sure that it is a product that could really do what they need it to do. Mostly any workflow can be implemented in the process in the application if they want to build it. The best thing would probably be that they should just try it and see. I would definitely recommend this product, but it may not be the tool everyone likes the best. On a scale from one to ten where one is the worst and ten is the best, I would rate RSA Archer as a nine-out-of-ten.
My advice for anybody considering this solution is that if you are a mature organization then this is the best tool to use. It has cross-disciplinary functionalities in which multiple teams can be using the same solution. Companies who are not yet mature, but want to develop, can use this tool as a baseline that will help them mature. It has the entire process. It will help you streamline what you want, have visibility of what you need, and you can build up. Basically, it's a central repository for everything. We have enterprise architects who are interested in this solution because of the Enterprise module, and it's capabilities. Having all of the information connected, within itself, is the best value that you can have. I, myself, wanted to become an expert and certified in using this tool. The only thing that stopped me was the lack of bullet chart capabilities in reporting. It's what is holding me back. Without the support for bullet charts, the visibility that we need is lacking. For example, if there is a textual date like the 25th of April 2020, for us there is no visible representation of the date. A bullet chart will tell you how far it is, how far we have come already, and what the target is to get there. This is an amazing tool, but without that graphical representation, it just puts that aside. This is why I'm trying to find another tool that will compensate for that. I would rate the closest runner-up to this solution a six out of ten, with all of the other solutions somewhere below that. When it comes to this solution, I would rate it an eight out of ten.