RSA Archer Primary Use Case
Security Specialist at a tech consulting company with 1-10 employees
I am developing applications in Archer from RSA (Rivest, Shamir, and Adelman). It is quite easy to implement the application. You just configure the workflow, define the forms and how the data is processed in the application. Everything can be configured without coding. You can use a code also to create special functionalities, but it is easy to do almost everything without coding at all.View full review »
Specialist - RSA Archer at a tech services company with 10,001+ employees
I'm an administrator for RSA Archer and a consultant, so I create platforms for various businesses based on their requirements. RSA Archer is a GRC tool, so RSA Archer controls and regulates different enterprise GRC solutions and IRM modules. I create those platforms for various business users according to their specifications. They provide us with the storyline, and then we advise them on ways to use RSA Archer to manage their processes. And then, once that is done, we create an RSA Archer platform.View full review »
Vice President at a financial services firm with 10,001+ employees
We use this product for operational risk management in our bank. It is a multinational U.S. bank, and we use this platform for enterprise risk management.
We are slowly moving away from RSA Archer to another platform.View full review »
Sr. Internal Auditor at a energy/utilities company with 10,001+ employees
I am using RSA Archer for internal audit management. It is used for the entire life cycle for audit, which includes engagement planning, reporting, action management, and so on. It is also used for internal resource management. The timesheet management, resource management, and training are being managed through the same system.
It has been deployed on-premises. My organization has 16 groups. It is installed and managed centrally by the headquarters, and we are using the application.View full review »
My use cases of RSA Archer are for WISP and controls-based audit purposes. For WISP, we keep the information security, like written informed consent protocol, and I manage almost 15 applications that I need to review the architecture of. I use RSA Archer to review the design document, the zone the application is hosted in, whether there is any kind of zoning division, the cryptography design, the cryptography used for data in motion, and what encryption they're using.
Other than that, we have been using RSA Archer for a controls baseline. We had policies set up earlier and, based on those policies, control objectives were stated in RSA Archer for each and every application.
This solution is deployed on-premise.View full review »
There are six to seven use cases currently. Most of the time, clients request a customized application. Right now, we're using RSA Archer for risk and issue management— like building a risk registry. We'll respond to risks using findings in the risk registry. So we'll set policies for risk discrimination and acceptance based on inherent and residual risk. We have all kinds of environments, covering DEV, SIT, and UIT. Currently, we have 6.9 Service Pack 2.
My primary use cases of RSA Archer are for business resiliency, business continuity management, third party vendor management, IT risk management and some of the other governance and compliance applications. We are partners with RSA and I'm an Archer system administrator.
Vice President and Risk Management at a financial services firm with 10,001+ employees
For Archer, today there is everything from risk management to looking at security and how to track all the security defects. We don't have Archer connected to ServiceNow. We had the better version when I was at Albertsons. Just before I joined UFG, we used it not only tracking deficiencies, but also doing all the risk work and all of the vulnerability management, but we tied it to ServiceNow so we could issue tickets and track stuff. That's the way to do it.
Senior System Developer at a financial services firm with 5,001-10,000 employees
My role is as a developer or administrator of this tool, but I'm also a user. I work as a senior system developer and we are customers of RSA Archer.View full review »
Cyber security consultant at a financial services firm with 1,001-5,000 employees
Our primary use case of this solution is for GRC. I work for a bank and we used this tool to audit our information security team and our cybersecurity team. We had our control library, regulatory requirements, and third-party risks on Archer. So basically, I would say audit, regulatory requirements, third-party risk management solutions, and all kinds of controls, including SOX. These are the integrations we had set up. Right now, it's deployed on-prem.View full review »
Our use cases for Archer include third-party management, enterprise risk management, and compliance management. We have a partnership with RSA Archer and I'm a manager in risk advisory.View full review »
We have four primary uses of the solution. My job role was mainly the administration of RSA Archer, in financial services for the public sector bank. Our main use cases were security incident management, mainly to the cyber security incident management, and also the governance risk and compliance part to the DRC part. The auditing and audit updates all were taken through the RSA Archer, and also the customer feedback. But mainly RSA Archer was used for inventory.View full review »
Senior Consultant at a financial services firm with 10,001+ employees
We are using RSA Archer to provide GRC services to our client. GRC means, governance, risk and compliance. In Archer we implement business continuity management, policy management, risk management solutions, audit management solutions, and third party governance solutions. We even utilize a privacy governance model of RSA Archer, as well.
Currently, we are analyzing and evaluating software as a service option for one client to reduce effort and time on infra related activities.View full review »
Archer is a repository tool that is leveraged by all the security teams across the firm. The analysts and architects use it to store their data and store the vulnerabilities, which are coming from other applications while scanning the devices and everything.
My job is to integrate the other applications with this application and try to bring all the data from those applications in here and create a workflow, environment, and framework for the different teams to use those records or vulnerabilities to make a decision on what they should do. It just makes their life easier.
We are using the solution on-premises, but we are going on the cloud next year.View full review »
Principal Consultant at a transportation company with 1,001-5,000 employees
RSA Archer is a governance tool, used especially for bank applications. At the same time, there is the NetWitness tool, a SIEM solution that was created by the RSA division. They have integrated the incident management, along with RSA Archer. Whenever the SIEM solution creates alerts, Archer can be triggered, and you can elect notifications to your mailbox.
If you click on the link, it'll link to you the actual incident, what happened in cybersecurity. You can do a number of things, like a workflow and approval from the manager level.View full review »
Project Manager, Consultant at a tech services company with 11-50 employees
It is used for enterprise risk audit, corporate compliance, and vulnerability reporting like threat management reporting. It is a whole suite that has different products depending on what you want to track and report on.
I do use the SaaS version, but I have also deployed it on-prem, and I also have experience with the original cloud version. The one that we deployed originally on the cloud was on AWS, but now they do everything on SaaS.View full review »
Sr. Consultant at a retailer with 11-50 employees
We customize this solution for our clients. We take all their requirements and prepare the design and format by creating fields, notifications, access controls and workflows. We use all the management features that the solution provides to support our clients. We are customers of RSA Archer and I'm a senior consultant.
I work with user management, policy management, enterprise management, risk management, and third-party management.
We are using its service version. We have to buy that license, and based on the license, they're providing us with the application.View full review »
Security Solutions Architect at a tech services company with 10,001+ employees
We use Archer as a risk management portal. We've customized Archer to follow the Sherwood Applied Business Security methodology for governance and risk assessment. We don't use the compliance module much.View full review »
Principal Consultant at a tech services company with 10,001+ employees
My primary use cases are IT risk management, policy management, IT compliance management, vendor risk management, and vulnerability management.View full review »
Lead Analyst - Security Governance at a retailer with 1,001-5,000 employees
We have a partnership with RSA Archer and I'm a lead analyst and GRC for the company.
RSA Archer Consultant at a tech services company with 1-10 employees
My main use cases are risk assessment and policy use. I also use this solution to create on-demand applications.View full review »
My primary use case for this solution is for the customizing and compliance system, especially for the first standard, ISO 27001, related to the information security management system.View full review »
RSA archer at a tech services company with 10,001+ employees
We use RSA Archer in my organization for assessments.View full review »
Software Developer at a insurance company with 201-500 employees
The solution is an integrated platform. We use it for risk management, mitigation and integration.
Assistant Manager at Deloitte
My primary use case varies depending on the requirements, but uses include working on email notifications, fetching data feeds, and working on feed managers.View full review »
My primary use case of this solution is for government risk compliance, including risk management, cost reviews, and security management.View full review »