The price of RSA Archer is good. The price isn't too high considering it is a leading tool in the market. However, some Level Three companies cannot afford this license because they're charging too much. For example, the price might be reasonable for Level Five companies doing a four-month project, but they have to lower prices to make the product more competitive in the market for companies below Level Three.
A problem statement only fits with the scope of work. Most resellers provide deals and available. See many underestimate delivery timeline to their environment, some bypass key areas to return later, so use-case considerations with the base product and add-on as buildout, which may delay procurement and costs will change. Over purchase license use cases or find readiness teams, tiger team, not complete for integrations.
Nice to have executive by in, they're not doing this work, budget your wave delivery and phase approach - reseller contracts may be easier to consume. A lot to do with big applications, results, and many corporate silos to onboard.
Try other products, perhaps a project that doesn't need an ultimate product start-up, and plenty of migration use-cases with Archer IRM being the end result.
Does anyone have recommendations about methodologies (e.g. use of FAIR framework), plug-ins (ETL schemas, FOSS add-ons) or commercial/free solutions (like Kenna) that can help us during "integration, transformation and consolidation" of vulnerability into risks (from Tenable.IO to Archer)?
Clear use with the NIST compliance framework, Archer IRM 6.9.sp3.p2, use of pre-processing out of Archer and now integration with agnostic tools.
FOSS or premium brands - all depends on your supply chain risk.
Support for qualitative nice to get a bow-tie on when quantitative data works for you. Add your methods, AWARE, FAIR, COBIT, ATT&CK; all visuals.