We performed a comparison between Bitsight Third-Party Risk Management and RSA Archer based on real PeerSpot user reviews.
Find out in this report how the two IT Vendor Risk Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution is user-friendly."
"I prefer BitSight due to its patch management capabilities. The score is a valuable feature. I have contacted the customer support through e-mail and their response rate is fast. I rate the solution a nine out of ten."
"Offers open ports from an external point of view."
"The product helps us identify the vulnerabilities of internet-facing applications."
"Its customer service team responds quickly."
"Archer seamlessly integrates data systems without requiring additional software."
"The Advance Workflow feature simplifies things."
"Its user interface is pretty neat, and there is flexibility in generating the data. You can customize reports at any level. You can directly get reports in Tableau format. If you want to generate statistical data, you can create reports with graphs. There is an adequate amount of flexibility for changing the format, the type of graphs, etc."
"This solution helped us with the centralization of our governance data, so we could house all of our controls in one place. We could use that central repository of all our controls to build our risk management strategy and our policy and governance. So we could use controls as a central library and build policy, and then build risk management around it."
"The most valuable feature is the enterprise module, which provides the capability of having all of the information stored and linked with everything else."
"Archer has simplified our security audits. It's made it easier to raise and trigger questionnaires to customers."
"One of the useful features is the ability to connect to various systems in order to accommodate data."
"With RSA Archer, an admin can set permissions for a normal user to go directly to the tool they need to input some data. Admins can then go through that and approve some requests. Also, they can log in based on these kinds of permissions, including ticketing, service patches, or upgrades."
"The solution’s benchmarking should be improved."
"At the moment, when the vulnerability score decreases, it remains the same for quite a while, even though issues are resolved in 24 hours."
"Its factor analysis feature could be better."
"Data enrichment is the major issue."
"There may be room for improvement in the methodology for identifying findings, as occasional errors occur on the technical side."
"There is no inbuilt alert in Archer to let us know that a data feed has failed or did not run for different reasons. So, we don't even get to know that a feed has not run until somebody reports it to us. This has been a problem all the time. Data feeds have always been a big headache for us because there is no feature to let us know if a feed has not run or has failed. If Archer had a feature to send us an email notification when a feed has failed, it would've been very helpful. This is the reason why our users are slowly moving away to another platform. Some of the modules that I have been managing are being moved to ServiceNow. Next year, a lot of our modules will be moved from RSA Archer to ServiceNow, and the data feed issue has been one of the main reasons."
"If you need to integrate the RSA products with another SEIM solution, then it doesn't work properly."
"It would be nice if RSA Archer featured more customization. When customers are updating, they should be notified whether certain updates are optional. The install screen should not proceed to the next page unless we make some selections about which updates we want to install."
"There are some issues with the interface for version 6.5 but these may already be repaired and simplified in the new versions that have been released."
"The solution can be a little slow due to the Silverlight feature."
"Its customization features could be better."
"The solution as a whole could be simplified."
"The first improvement I would suggest for RSA Archer is a better search feature. The search criteria needs to be improved. Sometimes I do a search and the search doesn't return the exact item I'm looking for. RSA Archer could also be improved by being more user-friendly. Maybe I have been using a limited version of RSA Archer, but I'm not sure whether it has ESG, environmental and social governance. In the next couple of years, ESG is the next feature that will be integrated into GRC tools. I would recommend RSA Archer adds ESG."
More Bitsight Third-Party Risk Management Pricing and Cost Advice →
Bitsight Third-Party Risk Management is ranked 2nd in IT Vendor Risk Management with 5 reviews while RSA Archer is ranked 1st in IT Vendor Risk Management with 38 reviews. Bitsight Third-Party Risk Management is rated 8.6, while RSA Archer is rated 8.0. The top reviewer of Bitsight Third-Party Risk Management writes "User-friendly solution with robust patch management capabilities". On the other hand, the top reviewer of RSA Archer writes "A rich application with good workflow, but search feature needs improvement". Bitsight Third-Party Risk Management is most compared with SecurityScorecard, RiskRecon, Microsoft Secure Score, UpGuard Vendor Risk and Tenable Lumin, whereas RSA Archer is most compared with OneTrust GRC, IBM OpenPages, MetricStream, Workiva Wdesk and AuditBoard. See our Bitsight Third-Party Risk Management vs. RSA Archer report.
See our list of best IT Vendor Risk Management vendors.
We monitor all IT Vendor Risk Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.