Vendor management is a critical factor for successful outsourcing, yet many organizations do not currently have adequate tools and processes to manage their vendor portfolios. It is this issue specifically that leads to mistrust amongst third party relationships. As seen with many recent cyber-attacks, third parties are increasingly a vector of attack organizations must address.
What if you could eliminate the risk of surprises cropping up in your third party relationships? What if you could more effectively prioritize resources to manage third parties, recapturing time and resources to devote to more important things? This is exactly what the RSA Archer Third Party Risk and Performance Management solution is all about.
Internal auditors have an essential need for independence – it is a requirement for the profession. Alongside this independence, there is a growing and sometimes competing priority for Internal Audit to partner with management. This strategic direction has forced a discussion with audit, risk and compliance teams around the world to evaluate how Internal Audit can work together toward common goals, leverage resources and better influence and impact business performance. To address these challenges, we’ve designed RSA Archer Audit Management to help better align audit approaches within the organization.
What we’ve been hearing from many internal auditors is that existing processes don’t allow for a holistic approach to auditing. Today’s tools fail to capture analysis by other risk and control groups, and using multiple systems often makes it difficult to distill information into meaningful data for audit teams. Additionally, the lack of visibility into findings generated by other governance teams makes it difficult and time-consuming for Internal Audit to track the status of those findings and assure that remediation efforts are underway.
RSA Archer Audit Management helps address those needs by putting the audit team in control of the complete audit lifecycle, enabling improved governance of audit-related activities, while also providing integration with risk and control functions.
Some of the features I am most excited about include:
Audit Entity Risk Assessment – Designed to help to define a universe of auditable entities, perform audit entity risk assessments and compare results to assessments conducted by other operational risk management groups within the organization. The Audit team can dynamically capture and incorporate these changing risks into its audit engagement planning.
Enhanced Resource Scheduling and Staffing — Drag and drop capabilities allow quick assignment and management of audit teams. With new Gantt team schedules, managers can quickly find qualified and available audit staff for your engagements.
Offline Audit Access — Multiple audit team members can work simultaneously on the same engagements and workpapers while offline and in different locations. They can plan, test, generate findings and remediation plans, review work and create audit reports just as if they were online.
The latest RSA Archer Audit Management solution is engineered to allow organizations to quickly adjust audit plans and engagements based on a dynamic view of risk. Very simply, it helps auditors do more with less by streamlining the process and allowing teams focus on the most pressing issues and business challenges.
By doing all of this, we truly believe RSA Archer Audit Management can help make strong partnerships with business managers a reality, while still maintaining the independence and integrity that internal auditors require.
This week, Gartner, Inc. released the 2013 Gartner Enterprise Governance, Risk and Compliance Magic Quadrant (MQ) and positioned EMC–RSA, as a Leader in Risk and Compliance Management for the second year in a row. EMC-RSA has also received a Strong Positive, the highest rating possible, in the Gartner 2013 MarketScope for IT Governance, Risk and Compliance Management (1) and was positioned in the Leaders quadrant of the 2013 Magic Quadrant for Business Continuity Management Platforms. (2)
True innovation is an elusive quality that companies strive to attain, but few master. At RSA, innovation is hard-wired into our DNA. If you’ve ever been around an RSA office for any amount of time, you know precisely what I mean. It’s contagious. We listen intently to our customers and turn out advances like those we’re showcasing at this week’s 2013 RSA Archer GRC Summit.
Check them out.
New RSA Archer Focused Solutions
The new RSA Archer Focused Solutions for PCI, ISMS, Unified Compliance Framework and Key & Certificate Management are a just a few of the fresh ideas that originate from RSA Archer customers. Focused Solutions are a new class of purpose-built offerings that are designed to provide industry-specific and targeted functionality to address specific business use-cases. The Focused Solutions enhance and expand the functionality of Archer core solutions. Companies can now select one or multiple Focused Solutions to meet a specific industry requirement or jump start their GRC practice.
As a governance, risk and compliance (GRC) and security professional, I’m happy to see continued strategic interest from Federal governments in solving cybersecurity challenges.
As the spotlight on cybersecurity continues to intensify, what better venue than RSA Archer GRC Summit in Washington, DC to continue the discussion on cybersecurity, governance and compliance in context of Federal applications? RSA will showcase RSA Archer Federal Assessment & Authorization (A&A) and Continuous Monitoring (CM) solutions designed to solve Information Assurance (IA) use cases specifically for the federal government.
Stay tuned for a number of interesting developments at the show around RSA Archer Risk Management and Vendor Management Solutions, the powerful Archer Community online social network and Archer Exchange online marketplace. Check back here tomorrow for details.