RSA Archer Compliance Management

Document your control framework, assess design and operational effectiveness, and respond to policy and regulatory compliance issues.

RSA Archer Compliance Management provides a centralized, access-controlled environment for automating enterprise compliance processes, assessing deficiencies and managing remediation efforts. This flexible, web-based solution allows you to document process and technical controls, link them to authoritative sources, perform risk-based scoping, execute design and operating tests and respond to identified gaps. You can also report assessment results and remediation activities to senior management and regulators through real-time status and results dashboards. Powered by the RSA Archer eGRC Platform, the Compliance Management solution delivers the process efficiencies and global visibility you need to sustain compliance with Sarbanes-Oxley sections 302 and 404, J-SOX, Gramm-Leach-Bliley and other requirements you face.

  • Document Your Control Framework

    Import your control framework, control procedures and test plans, and reuse this information in future assessment periods. Also cycle process and technical controls through the approval process using integrated workflow functionality. Additionally, take advantage of pre-loaded technology baselines from the RSA Archer eGRC Content Library to manage regulatory compliance at the technical configuration level.

  • Employ a Risk-Based Scoping Process

    Perform risk-based scoping at the business unit, account or regulation level using a top-down and bottom-up approach. Once the evaluation is complete, the decisions are automatically rolled down to the process and control level, allowing you to determine an efficient and effective testing program.

  • Manage Compliance Assessments

    Deploy continuous, automated assessments and certifications, and inform testers of their work queues via rules-driven workflow and “My Tasks” lists. Use pre-loaded questionnaires, including process control self-assessments, design and operating tests, and technical control manual assessments. Also import your own questions to generate new questionnaires in a matter of minutes. Additionally, you can integrate data from multiple scanning tools to gain a consolidated view into automated control testing.

  • Identify Deficiencies and Manage Remediation Plans

    Auto-generate deficiencies based on failures noted within questionnaires and test results, and understand how findings relate to controls, operating entities, and applicable policies, regulations and risks. Also relate multiple findings in the context of a remediation plan to identify larger issues and support informed decision making.

  • Resolve Compliance Deficiencies

    Employ automated workflow and task management capabilities to efficiently resolve compliance deficiencies. The system routes findings and tasks to appropriate personnel, who can respond by completing remediation tasks or logging exception requests that identify effective compensating controls. RSA Archer provides pre-built, fully configurable workflow processes for reviewing and approving the resolution of deficiencies.

  • Report on Compliance Initiatives

    Utilize real-time reporting capabilities to form a consolidated picture of compliance efforts and remediation processes. RSA Archer Compliance Management provides an ad hoc reporting interface that allows you to deliver status and alert-type reports to users via dashboards, email or exports in a number of formats.

  • Silos to Synergy

    Integration of disparate compliance processes and sources of information across your enterprise, providing users with a single portal for completing work

  • Ask Once, Answer Many

    Significant efficiencies gained through asking a single question and using the results to demonstrate compliance with multiple regulations

  • Process Efficiencies

    Automation of workflow, risk-based scoping, data collection, assessment scoring, findings generation and notifications, significantly reducing administrative burden

  • Rollup View

    The ability to roll up compliance results to policies, controls, regulations, business units, divisions and other components of your business hierarchy

  • Quick Time to Value

    Rapid return on your investment from a solution that you can implement out of the box or easily tailor to your needs through point-and-click configuration

  • Deployment Flexibility

    The freedom to choose an on-premise or software as a service (SaaS) deployment and to move the solution from one environment to another as your needs change

  • Compliance Management Video Demo

    See RSA Archer Compliance Management in action in this short video demonstration.

  • Compliance Management Data Sheet

    Get more details on RSA Archer Compliance Management—an automated solution for maximizing the efficiency of your compliance program.

  • eGRC Webcasts

    Take a deep-dive tour of RSA Archer eGRC Solutions through our weekly webcasts. Participate live or request a recording to view at your convenience.

  • Case Studies

    Learn why RSA Archer eGRC clients have been so successful in solving enterprise governance, risk and compliance challenges.

  • White Paper

    Learn about Archer’s platform approach to enterprise governance, risk and compliance.

  • Live Chat

    Chat with an RSA Archer eGRC representative to get more information or to set up a private demo of the Compliance Management solution.