Announcing RSA Archer GRC 6.1

RSA Archer GRC 6 (6.0) was launched in November 2015 under the theme “Inspire Everyone to Own Risk.”  GRC 6 focused on providing organizations with an industry leading GRC platform to transform risk management by engaging everyone within an organization in the risk process. Today, organizations must implement the “three lines of defense,” making risk part of corporate culture at every level, in every role. The enhanced user experience, advanced workflow and task-driven dashboards introduced with GRC 6 allow business users to quickly and easily understand and complete their assigned risk-related tasks using a centralized platform.

I am very pleased to announce the launch of RSA Archer GRC 6.1.  This release takes the theme of “Inspire Everyone to Own Risk” to the next level. Through the implementation of integrated use cases, GRC 6.1 enables organizations of all sizes, regardless of the level of maturity in their GRC program, to implement RSA’s enterprise-class GRC platform. While the journey to risk and compliance maturity varies by organization, RSA Archer’s use case approach, newly implemented in GRC 6.1, nurtures successful risk and compliance programs by enabling customers to start small, seek quick wins, and plot a long-term risk and compliance strategy based on their organization’s objectives.

Key highlights of this release:

Our solution areas – Audit Management, Business Resiliency, IT & Security Risk Management, Enterprise & Operational Risk Management, Regulatory & Corporate Compliance Management, Third Party Governance, and Public Sector Solutions – are now comprised of individual use cases designed to solve specific risk and compliance neeeds. We have implemented a Maturity driven Use Case approach to help organizations of all sizes and business needs realize their risk management strategies:

• Foundation use cases provide a starting point for organizations that are just beginning their GRC journey. These use cases enable organizations to move away from spreadsheets to gain efficiency, accountability and visibility in managing issues and risks.
• Managed use cases provide organizations that have more mature GRC programs the ability to connect processes to collaborate across several risk functions within the business, integrate multiple data sources, and focus on building repeatable, consistent processes that bring consolidated risk visibility to the organization.
• Advantaged use cases transform risk into a competitive advantage for the organization. These use cases allow your program to connect risks to business objectives, enabling an open dialog and the visibility necessary to move beyond managing risk to anticipating the business’ needs.

All RSA Archer solutions and use cases have undergone updates with the new user interface and features of GRC 6.1. In addition, we’re introducing enhanced functionality for:

• Business Impact Analysis – a Foundation use case that offers robust assessments allowing business process owners to understand the criticality of their processes based on seven impact categories: financial, compliance, data integrity, data confidentiality, strategic, reputation, and operational.
• Issues Management – a Foundation use case that engages control owners to own risks and issues related to their business domains. Control owners can manage findings, remediation plans and handle exception requests in one central location, and use Advanced Workflow capabilities to route issues to the right team.
• Operational Risk Management – an Advantaged use case for the RSA Archer Enterprise & Operational Risk Management solution, it now offers additional assessment targets to allow a risk manager to initiate Control Self-Assessment (CSA), Risk and Control Self-Assessment (RCSA) or Process, Risk and Control Self-Assessment (pRCSA) campaigns focused on business process, business unit, or product/service.
• Information Security Management System (ISMS) – a use case designed specifically to manage the ISO:27001/2 certification process for organizations implementing the internationally recognized information security standard.

A company’s success hinges on its ability to drive growth across the business.  With growth comes risk.  Every growth strategy depends on leveraging today’s constantly shifting technology landscape intrinsically linking cyber and business risk.  RSA Archer, as a recognized leader in both operational and IT risk, enables effective risk management practices that address cyber risk and business risk on equal terms and provide a consolidated view of risk to executives and practitioners.   Built on a common, centralized RSA Archer GRC Platform, RSA Archer GRC 6.1 enables all organizations to own risk with a broad offering of use cases based on risk type -- cyber risk, operational risk, regulatory compliance, business resiliency, third party governance, and audit -- as well as the level of maturity of the organization’s GRC efforts.

We have created a host of resources to learn more about this release.  To start, watch our Solution videos to get more information on the RSA Archer Suite of GRC solutions.   For customers and partners, the best place to start is the “Everything 6.1” page on RSA Link.   From videos to white papers to data sheets, this page is a launching point for you to investigate everything that RSA Archer 6.1 offers.  In addition, we have several upcoming webcasts and Tech Huddles highlighting new use cases and features.