We performed a comparison between MetricStream and RSA Archer based on real PeerSpot user reviews.
Find out in this report how the two GRC solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Key features are usability and ease of configuration. It allows us to have all the information in a single place and provide real-time indicators and information for our executives."
"The interface is mobile-friendly and it is getting a good response from our customers."
"It is enterprise-wide accessible. So, it is very helpful for all the employees in our bank. They can log in and do their risk management activities. It has a few inbuilt modules that are helpful for doing risk management activities, such as issue management, risk identification, risk assessment, and policy exception management. It also has some inbuilt workflows inside these modules. They are also helpful."
"The most valuable features of RSA Archer are the asset management, risk management, and vendor management."
"Integration is another great aspect of RSA Archer. From the beginning, integration has been a central focus for RSA, and Archer has always integrated well with most tools on the market today."
"RSA Archer is a good tool and I have found performing the application, ISMS, and TPRM assessments beneficial."
"The last project was for an investment group that was using Excel. Shifting their records from one position to another took approximately 15 minutes. In Archer, we created a workflow for them to leverage it, and they could send the single record with one click to one person within seconds. The whole process went from 15 minutes to two minutes to get the approval for the records. The main purpose of Archer is to just make it easy."
"The most valuable features are the advanced workflow and the dashboards. This tool can present data wonderfully to management, and it is easy for them to manage the risk plans."
"The most valuable part of the product is the ease-of-use and the opportunity to create custom security applications easily."
"Flexible record permissions and data import features."
"We would like to have more dashboards and reports, such as geographical and trend reports in the next version. Also, an improvement in the mobile version would be helpful."
"I would like to see out-of-the-box integration with more security, it would be helpful."
"There were so many problems that we had found. One time, the search index was not working. We also faced slowness in Archer, but I resolved this issue."
"When we have to do formulas or some other type of calculation in Archer, it sometimes doesn't work correctly. The fields don't display right, and we have to contact RSA Archer support to fix things. I think the calculation components are a bit complicated."
"In a future release, there should be an option to upload the main data."
"It's resource-hungry, that's the best way of putting it."
"Some of the error reporting isn't very clear. When you're looking for information on error codes, you got to do a lot of digging."
"The bullet chart is the best graph for my purposes, and it should be available for inclusion in the dashboards."
"Some areas are not truly automated but are only scheduled."
"Slow turnaround time from support team."
MetricStream is ranked 13th in GRC while RSA Archer is ranked 1st in GRC with 38 reviews. MetricStream is rated 8.6, while RSA Archer is rated 8.0. The top reviewer of MetricStream writes "Reasonably priced, stable, with out of the box deployment, and has good local support". On the other hand, the top reviewer of RSA Archer writes "A rich application with good workflow, but search feature needs improvement". MetricStream is most compared with IBM OpenPages and OneTrust GRC, whereas RSA Archer is most compared with OneTrust GRC, IBM OpenPages, Microsoft Purview Communication Compliance, Workiva Wdesk and Snow Governance & Risk. See our MetricStream vs. RSA Archer report.
See our list of best GRC vendors, best IT Governance vendors, and best IT Vendor Risk Management vendors.
We monitor all GRC reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.