IT Central Station is now PeerSpot: Here's why

Galvanize HighBond OverviewUNIXBusinessApplication

Buyer's Guide

Download the GRC Buyer's Guide including reviews and more. Updated: June 2022

What is Galvanize HighBond?
Your GRC program is unique to your organization - and Rsam thinks it should stay that way. We give you control over what modules you want to implement and in what order. Deploy an out-of-the-box, turnkey baseline configuration that addresses your most urgent use case within 30 days and iterate from there. With Rsam, you can also easily customize the baseline configuration to meet your own unique needs. Iterate each step of the way until you reach 100% of your requirements. This keeps your implementation manageable and moving forward.

Galvanize HighBond was previously known as Rsam GRC, HighBond, HighBond by Galvanize .

Galvanize HighBond Customers
CNA Insurance
Galvanize HighBond Video

Archived Galvanize HighBond Reviews (more than two years old)

Filter by:
Filter Reviews
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
Filter Unavailable
Filter Unavailable
Order by:
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Showingreviews based on the current filters. Reset all filters
PeerSpot user
CSO at a wellness & fitness company with 10,001+ employees
Real User
We have built our own modules using their application-building features.

What is our primary use case?

GRC & IRM (integrated risk management). We use it for Assessments, Vendor Risk, and Threat and Vuln Management.

How has it helped my organization?

We have far more visibility into our compliance, risks and controls, etc. over the areas we are managing vs accepting risk.Rsam has also been extremely helpful with the annual audits we receive from our regulators. We used another tool before (Archer) but it was too cumbersome to manage. Rsam just requires a single administrator and is far easier to integrate.

What is most valuable?

We have used Rsam's out-of-the-box modules for: Vendor Risk Management Application Assessments Vulnerability Management Control Testing Incident Response Policy Management We have also built our own modules using their slick application-building features for: Access Provisioning Advanced Threat Detection Custom Surveys The most valuable feature is the management of risk & compliance data across the application. Searching, dashboarding, reporting and metrics (KRI / KPI) are quick and easy. Workflow and decision support is very clean and very dynamic.

What needs improvement?

Last time I said "Multilingual would be nice, and an update to their questionnaire interface.".. looks like in 9.2 they have this now. I have yet to try it.
Buyer's Guide
June 2022
Find out what your peers are saying about Galvanize, RSA, MetricStream and others in GRC. Updated: June 2022.
607,332 professionals have used our research since 2012.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

We have encountered occasional stability issues, though they are quick to patch.

What do I think about the scalability of the solution?

We have not encountered any scalability issues. That was an issue with our Archer implementation (about the 2 million record mark). Rsam with its indexing feature has us at 10 million with no issues.

How are customer service and support?

Customer Service: Customer service is excellent. Technical Support: Technical support is excellent.

Which solution did I use previously and why did I switch?

We previously used Archer... but we had a lot of trouble with maintenance (required three administrators and lots of consulting to manage). We also ran into performance issues when we hit the 1-2 million record mark. We still have Archer for one group (because they spent millions on services and don't want to lose that effort), but everyone else is now Rsam.

How was the initial setup?

GRC does require some planning / attention to detail. I would say Rsam was far easier than our Archer implementation... but it still had some complexities in deciding on organizational structure and workflow.

What about the implementation team?

An Rsam team helped us with our first two modules, and we did the rest (including our own custom modules).

What was our ROI?

We went from three admins down to one... and millions in consulting down to about 60K.

What's my experience with pricing, setup cost, and licensing?

For us, we found end-of-quarter motivation was helpful in negotiations. They are already reasonable compared to others because it doesn't require a lot of services. Some of the other products were cheaper for the software, but the total cost-of-ownership is very high.

Which other solutions did I evaluate?

Archer (Our tool we were replacing.) MetricStream (They are COMPLETELY CUSTOM builds for everything... not manageable.) LockPath (Company is too small / not easy to deal with. They have like four developers in the entire company.)

What other advice do I have?

Rsam is a good solution... but make sure you have a good admin as well... A good admin is key to making a GRC solution work well (and you cant have ours). :)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
CSO at a wellness & fitness company with 10,001+ employees
Real User
Flexible platform with drag-and drop reporting and offline decision making.

Valuable Features:

  • Vendor Risk Module & Vulnerability Management Module
  • Flexibility of the platform
  • Drag-and drop reporting
  • Offline decision making

Improvements to My Organization:

We used to use Archer, and switched to Rsam. In one year we were able to accomplish what we could not in our 3 year Archer contract. And we did it with 1/2 the consulting services and 1/3 the administrators. 

On a personal note, my team was feeling like we were going to get fired with so many Archer issues, but the Board received so much feedback on other failed Archer implementations that they gave us a shot to move on. I'm extremely happy we moved to Rsam.

Room for Improvement:

While they don't need as much consulting to get the product implemented, I do wish they had more available. Need to schedule things in advanced, I would prefer more on-demand consulting.

Disclosure: I am a real user, and this review is based on my own experience and opinions.