"One of the valuable features of this solution is it has the ability to review fourth and fifth parties to the nth degree."
"RSA is a very rich application. I like its adaptive suggestion, where based on your users and the class of data, it can actually recommend you the proper control to choose. For example, we have been using PCI DSS as an NIST. So based on application feedback, it will provide you with a suggestion on which control objective needs to be set. Based on that, you can make a decision—you don't need to take the suggestion, but you can customize that particular provided suggestion. RSA Archer's workflow is also good, in terms of process automation."
"The most valuable features of RSA Archer are the asset management, risk management, and vendor management."
"RSA Archer is a good tool and I have found performing the application, ISMS, and TPRM assessments beneficial."
"The most valuable features are the advanced workflow and the dashboards. This tool can present data wonderfully to management, and it is easy for them to manage the risk plans."
"Makes auditing much more convenient."
"Even non-technical people can be masters of the product."
"The solution has improved my organization by having everything combined to a single platform."
"Integration is another great aspect of RSA Archer. From the beginning, integration has been a central focus for RSA, and Archer has always integrated well with most tools on the market today."
"They could improve by offering free help. A solution, a lot of times, is not just the use of the solution. For example, it is the overall engagement, how well do they support the system, what is their SLA, and how long their response time is to an issue. It would be beneficial if they had some type of professional services where they offer the first five hours of professional services a year for free. That would be a substantial benefit rather than having to buy professional services or professional services packages."
"GUI could be improved."
"There should be a way to export and get data from the system in PDF or PowerPoint presentation format. This would be a great addition."
"There is no inbuilt alert in Archer to let us know that a data feed has failed or did not run for different reasons. So, we don't even get to know that a feed has not run until somebody reports it to us. This has been a problem all the time. Data feeds have always been a big headache for us because there is no feature to let us know if a feed has not run or has failed. If Archer had a feature to send us an email notification when a feed has failed, it would've been very helpful. This is the reason why our users are slowly moving away to another platform. Some of the modules that I have been managing are being moved to ServiceNow. Next year, a lot of our modules will be moved from RSA Archer to ServiceNow, and the data feed issue has been one of the main reasons."
"There were so many problems that we had found. One time, the search index was not working. We also faced slowness in Archer, but I resolved this issue."
"Some of the error reporting isn't very clear. When you're looking for information on error codes, you got to do a lot of digging."
"If you need to integrate the RSA products with another SEIM solution, then it doesn't work properly."
"Archer could be improved by having more customization. I'm not sure if the backend processes have API calls and those kinds of seamless integrations, but from the front, some of the solutions are very out-of-the-box. It's not customizable, so that could be a little problematic since you have to use their features. In terms of the backend structure, I'm not too sure because I'm not a developer—I was an end user and product owner of Archer—and I don't quite know the backend and developmental features. But since it's an out-of-the-box solution, sometimes customization was challenging and support was a little problematic because we had to reach out to them all the time."
"The solution can be a little slow due to the Silverlight feature."
Earn 20 points
OneTrust GRC is ranked 3rd in GRC with 1 review while RSA Archer is ranked 1st in GRC with 26 reviews. OneTrust GRC is rated 10.0, while RSA Archer is rated 8.0. The top reviewer of OneTrust GRC writes "Increases productivity, multiple level vendor reviews, and is reliable". On the other hand, the top reviewer of RSA Archer writes "Complete end-to-end solution that's easy to integrate and customize". OneTrust GRC is most compared with MetricStream, ProcessUnity, IBM OpenPages, Amazon Inspector and MEGA HOPEX, whereas RSA Archer is most compared with IBM OpenPages, MetricStream, Telos Xacta IA Manager, Resolver GRC Suite and Galvanize HighBond.
See our list of best GRC vendors and best IT Vendor Risk Management vendors.
We monitor all GRC reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.