Try our new research platform with insights from 80,000+ expert users

RSA Archer vs SAS Enterprise GRC comparison

RSA and SAS are both solutions in the GRC category. RSA is ranked #1 with an average rating of 7.5, while SAS is ranked #29. RSA holds a 5.6% mindshare in G, compared to SAS’s 1.2% mindshare. Additionally, 92% of RSA users are willing to recommend the solution, compared to 100% of SAS users who would recommend it.
RSA Archer
Read 42 RSA Archer reviews
  • 4,233 Views
  • 3,598 Comparison Views
92% willing to recommend
SAS Enterprise GRC
Read 1 SAS Enterprise GRC review
  • 508 Views
  • 508 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between RSA Archer and SAS Enterprise GRC based on real PeerSpot user reviews.

Find out what your peers are saying about RSA, OneTrust, Diligent and others in GRC.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed GRC Report (Updated: March 2026).
Buyer's Guide
GRC
March 2026
Download the complete report
Helped 884,933 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

RSA Archer
Ranking in GRC
1st
Average Rating
8.0
Reviews Sentiment
6.7
Number of Reviews
42
Ranking in other categories
IT Governance (1st), IT Vendor Risk Management (4th)
SAS Enterprise GRC
Ranking in GRC
29th
Average Rating
10.0
Reviews Sentiment
5.9
Number of Reviews
1
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of March 2026, in the GRC category, the mindshare of RSA Archer is 5.6%, down from 16.9% compared to the previous year. The mindshare of SAS Enterprise GRC is 1.2%, down from 1.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
GRC Mindshare Distribution
ProductMindshare (%)
RSA Archer5.6%
SAS Enterprise GRC1.2%
Other93.2%
GRC
 

Featured Reviews

CJ
Celda Juby
Information Security Specialist at Dubai Health Authority
Centralized management strengthens compliance with good look and feel
From my perspective as a customer and end user, Archer has an impressive look and feel, but the most adaptive feature is its ease of configuration which helps to enhance our process according to our maturity. It's more about our organization getting centralized with an integrated approach that focuses on risk governance and compliance. When can provide a detailed dashboards to management with the details of risks from top-down or bottom-up prioritizing actions based on its criticality or necessity. This allows us to show end users and management where the issues lie and effectively demonstrate accountability and visibility in compliance.
Read full review
it_user77958 - PeerSpot reviewer
it_user77958
Architect at a tech services company with 51-200 employees
We've improved our data management & human resource skills. Needs to work more on its presentation layer for users.
Follow the suggested implementation approach and it will be a smooth sailing. The core issue in any business analytics and business intelligence solutions is always data quality, deployment architecture and skilled human resource. Ensure that you have deliberated on these in detail and there will be no issues or hiccups during implementation
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"First of all, its access control feature where it provides application level access, solution level access, and even recall access, as well."
"Even non-technical people can be masters of the product."
"Archer has simplified our security audits. It's made it easier to raise and trigger questionnaires to customers."
"The tool has stability, and it allows me to automate whatever process I have."
"RSA Archer has reduced the time and effort required for meetings."
"RSA is a very rich application. I like its adaptive suggestion, where based on your users and the class of data, it can actually recommend you the proper control to choose. For example, we have been using PCI DSS as an NIST. So based on application feedback, it will provide you with a suggestion on which control objective needs to be set. Based on that, you can make a decision—you don't need to take the suggestion, but you can customize that particular provided suggestion. RSA Archer's workflow is also good, in terms of process automation."
"The most valuable feature is the enterprise module, which provides the capability of having all of the information stored and linked with everything else."
"Its user interface is pretty neat, and there is flexibility in generating the data. You can customize reports at any level. You can directly get reports in Tableau format. If you want to generate statistical data, you can create reports with graphs. There is an adequate amount of flexibility for changing the format, the type of graphs, etc."
More RSA Archer pros
"We have been able to improve our data management, human resource skills and productivity, management reporting, and subsequently data mining for other business operations."
 

Cons

"The first improvement I would suggest for RSA Archer is a better search feature. The search criteria needs to be improved. Sometimes I do a search and the search doesn't return the exact item I'm looking for. RSA Archer could also be improved by being more user-friendly. Maybe I have been using a limited version of RSA Archer, but I'm not sure whether it has ESG, environmental and social governance. In the next couple of years, ESG is the next feature that will be integrated into GRC tools. I would recommend RSA Archer adds ESG."
"It would be nice if RSA Archer featured more customization. When customers are updating, they should be notified whether certain updates are optional. The install screen should not proceed to the next page unless we make some selections about which updates we want to install."
"There should be an in-built feature that allows live data from vulnerabilities and threats from reliable sources to be streamed directly through their data field."
"An area for improvement would be the user interface. They could also offer more on-demand applications free of cost."
"Some of the error reporting isn't very clear. When you're looking for information on error codes, you got to do a lot of digging."
"The dashboarding in this solution needs to be improved, specifically the graphics."
"I would like to have the ability to build and maintain an inventory of personal data processing activities and assets utilizing a purpose-built taxonomy and data structure."
"In terms of what can be improved, our client always says their user experience, IU/UX in RSA Archer. They found it is not as user friendly as other tools."
More RSA Archer cons
"Customer Service: That is the only area where SAS needs to look into. It was just satisfactory."
 

Pricing and Cost Advice

"The pricing is okay. The licensing costs are very reasonable; it is very affordable to us."
"The price of the solution is very affordable."
"As I am a developer and responsible for providing production support, I do not have personal knowledge of the pricing. However, my colleagues claim that it is very expensive in comparison with other tools."
"The solution's price should be reduced. You only have to pay the license and there are no additional fees."
"The solution is not at all a cheap product."
"The license is costly for the solution, but the remaining set up and maintenance is quite cheaper."
"It is not expensive. It is reasonable. We only pay for the licensing."
"RSA Archer's price is justifiable and not as expensive, compared to ServiceNow. I have heard that the licensing for ServiceNow is much more expensive. I'm unaware whether there are any additional costs after licensing fees."
More RSA Archer pricing and cost advice
Information not available
report
See which vendors are best for you
Use our free recommendation engine to learn which GRC solutions are best for your needs.
See recommendations
884,933 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Insurance Company
12%
Manufacturing Company
7%
Government
5%
No data available
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise6
Large Enterprise25
No data available
 

Questions from the Community

What needs improvement with RSA Archer?
While it provides benefits in terms of security, the pricing is a bit higher than customers typically expect. It would be helpful if RSA Archer had the capability for two-way integration because, i...
See all answers
What is your primary use case for RSA Archer?
Regarding the compliance, risk, and governance tools, I am comfortable discussing the tools in the GRC category. The specific module from ServiceNow is the ServiceNow Compliance, Risk, and Governan...
See all answers
What advice do you have for others considering RSA Archer?
I have been in touch with about three companies who use RSA Archer actively in the compliance area. These companies use RSA Archer for nearly all purposes, including governance, internal risk, and ...
See all answers
Ask a question
Earn 20 points
 

Comparisons

MetricStream vs RSA Archer Logo
MetricStream vs RSA Archer
Compared 8% of the time
OneTrust GRC vs RSA Archer Logo
OneTrust GRC vs RSA Archer
Compared 8% of the time
IBM OpenPages vs RSA Archer Logo
IBM OpenPages vs RSA Archer
Compared 7% of the time
AuditBoard vs RSA Archer Logo
AuditBoard vs RSA Archer
Compared 4% of the time
MEGA HOPEX vs RSA Archer Logo
MEGA HOPEX vs RSA Archer
Compared 3% of the time
More RSA Archer Competitors
ACL Analytics vs SAS Enterprise GRC Logo
ACL Analytics vs SAS Enterprise GRC
Compared 27% of the time
IBM OpenPages vs SAS Enterprise GRC Logo
IBM OpenPages vs SAS Enterprise GRC
Compared 14% of the time
Thomson Reuters Accelus vs SAS Enterprise GRC Logo
Thomson Reuters Accelus vs SAS Enterprise GRC
Compared 12% of the time
Methodware Kairos vs SAS Enterprise GRC Logo
Methodware Kairos vs SAS Enterprise GRC
Compared 11% of the time
Workiva Wdesk vs SAS Enterprise GRC Logo
Workiva Wdesk vs SAS Enterprise GRC
Compared 7% of the time
More SAS Enterprise GRC Competitors
 

Product Reports

Buyer's Guide
RSA Archer
March 2026
RSA Archer reportDownload RSA Archer product report
Buyer's Guide
GRC
March 2026
SAS Enterprise GRC reportDownload SAS Enterprise GRC product report
 

Also Known As

Archer
No data available
 

Overview

RSA Archer is a solution designed to help your organization manage policies, controls, risks, assessments, and deficiencies across your lines of business. RSA helps you manage your digital risk with a range of capabilities and expertise including integrated risk management, threat detection and response, identity and access management, as well as fraud prevention.

The solution also allows you to adapt a broad range of solutions to your requirements and is a good option for both big and small companies.

RSA Archer Features

RSA Archer has many valuable key features. Some of the most useful ones include:

  • Application builder
  • Advanced business workflow
  • System integration
  • Search, reports, and dashboards
  • Access control
  • Globalization
  • Audit management
  • Privacy program management
  • Security incident management

RSA Archer Benefits

There are many benefits to implementing RSA Archer. Some of the biggest advantages the solution offers include:

  • Taxonomy and data structure: With RSA Archer, you can build and maintain an inventory of personal data processing activities and assets, utilizing a purpose-built taxonomy and data structure.
  • Easy tracking: RSA Archer enables you to track data retention schedules and execute a checklist as it relates to processing activities.
  • Smooth management: By using RSA Archer, you can manage activities related to notifications and consents linked to the processing activity inventory.
  • Improve information assurance programs: RSA Archer enables agencies to improve information assurance programs for continuous monitoring and assessment and authorization.
  • Compliance: By providing compliance management, RSA Archer allows you to consolidate information from multiple regulatory bodies and establish a sustainable, repeatable, and auditable regulatory compliance program.
  • Business continuity: With RSA Archer, you can automate business continuity and disaster recovery planning to protect your organization in the event of a crisis.

Reviews from Real Users

Below are some reviews and helpful feedback written by PeerSpot users currently using the RSA Archer solution.

A Specialist, RSA Archer at a tech services company, says, “RSA Archer is a valuable tool because it can manage the end-to-end functioning of any enterprise GRC module, such as compliance and risk management or business continuity plans and the entire BCM module. RSA Archer also provides many out-of-the-box solutions, which are use cases derived from the standards for GRC or risk management, governance, and compliance. It provides an end-to-end mechanism for business users on a single platform. That includes reporting, managing workflow, creating documentation, or tracking a process where you need to get approval from the various levels within the organization's hierarchy.”

PeerSpot user Krishnendu S., Vice President at a financial services firm, mentions, "It is enterprise-wide accessible. So, it is very helpful for all the employees in our bank. They can log in and do their risk management activities. It has a few inbuilt modules that are helpful for doing risk management activities, such as issue management, risk identification, risk assessment, and policy exception management. It also has some inbuilt workflows inside these modules. They are also helpful."

A Sr. Internal Auditor at an energy/utilities company comments, "Its user interface is pretty neat, and there is flexibility in generating the data. You can customize reports at any level. You can directly get reports in Tableau format. If you want to generate statistical data, you can create reports with graphs. There is an adequate amount of flexibility for changing the format, the type of graphs, etc."

Another PeerSpot user, Manash B., Technology Manager at a tech services company, explains, "RSA is a very rich application. I like its adaptive suggestion, where based on your users and the class of data, it can actually recommend you the proper control to choose. For example, we have been using PCI DSS as an NIST. So based on application feedback, it will provide you with a suggestion on which control objective needs to be set. Based on that, you can make a decision—you don't need to take the suggestion, but you can customize that particular provided suggestion. RSA Archer's workflow is also good, in terms of process automation."

RSA
With SAS Enterprise GRC, you can standardize and manage strategic and operational risks, and consolidate information from all financial risk management systems (credit risk, market risk, etc.) into an enterprisewide view of risk.
SAS
 

Sample Customers

T-Systems, Bridge Point, Equifax, First Data, Global Imaging Company, Manulife Financial
Belgium Special Tax, New Zealand Ministry of Health, New Zealand Ministry of Social Development North Carolina Marine Fisheries, Texas Parks and Wildlife Department, Town of Cary Western Australia Police
Buyer's Guide
GRC
March 2026
Download Free Report
Find out what your peers are saying about RSA, OneTrust, Diligent and others in GRC. Updated: March 2026.
DOWNLOAD NOW
884,933 professionals have used our research since 2012.
See our list of best GRC vendors.

We monitor all GRC reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.