We performed a comparison between RSA Archer and SecurityScorecard based on real PeerSpot user reviews.
Find out in this report how the two IT Vendor Risk Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Even non-technical people can be masters of the product."
"RSA is a very rich application. I like its adaptive suggestion, where based on your users and the class of data, it can actually recommend you the proper control to choose. For example, we have been using PCI DSS as an NIST. So based on application feedback, it will provide you with a suggestion on which control objective needs to be set. Based on that, you can make a decision—you don't need to take the suggestion, but you can customize that particular provided suggestion. RSA Archer's workflow is also good, in terms of process automation."
"Archer seamlessly integrates data systems without requiring additional software."
"It is enterprise-wide accessible. So, it is very helpful for all the employees in our bank. They can log in and do their risk management activities. It has a few inbuilt modules that are helpful for doing risk management activities, such as issue management, risk identification, risk assessment, and policy exception management. It also has some inbuilt workflows inside these modules. They are also helpful."
"The most valuable features of RSA Archer are the asset management, risk management, and vendor management."
"Integration is another great aspect of RSA Archer. From the beginning, integration has been a central focus for RSA, and Archer has always integrated well with most tools on the market today."
"RSA Archer is a good tool and I have found performing the application, ISMS, and TPRM assessments beneficial."
"I have found all the features to be valuable, including those involving reporting, the dashboard, notifications, email modules, the database and data input."
"The solution helps identify our environment's vulnerabilities."
"One of its most effective features for risk identification is its enterprise-ready automation for third-party risk measurements."
"With its automated approach, nothing is missed on the IPs your organization is related to."
"I rate the product's initial setup phase a nine on a scale of one to ten, where one is a difficult setup phase, and ten is an easy setup process."
"RSA Archer's best features are advanced workflow, reports, dashboards, and notifications."
"There is no inbuilt alert in Archer to let us know that a data feed has failed or did not run for different reasons. So, we don't even get to know that a feed has not run until somebody reports it to us. This has been a problem all the time. Data feeds have always been a big headache for us because there is no feature to let us know if a feed has not run or has failed. If Archer had a feature to send us an email notification when a feed has failed, it would've been very helpful. This is the reason why our users are slowly moving away to another platform. Some of the modules that I have been managing are being moved to ServiceNow. Next year, a lot of our modules will be moved from RSA Archer to ServiceNow, and the data feed issue has been one of the main reasons."
"The solution as a whole could be simplified."
"Some areas are not truly automated but are only scheduled."
"The solution can be a little slow due to the Silverlight feature."
"There were so many problems that we had found. One time, the search index was not working. We also faced slowness in Archer, but I resolved this issue."
"Performance could be improved."
"Archer could be improved by having more customization. I'm not sure if the backend processes have API calls and those kinds of seamless integrations, but from the front, some of the solutions are very out-of-the-box. It's not customizable, so that could be a little problematic since you have to use their features. In terms of the backend structure, I'm not too sure because I'm not a developer—I was an end user and product owner of Archer—and I don't quite know the backend and developmental features. But since it's an out-of-the-box solution, sometimes customization was challenging and support was a little problematic because we had to reach out to them all the time."
"They could improve the process with a questionnaire module for the product."
"SecurityScorecard's technical team's response time is an area that my company expects to be made faster."
"The tool needs to have the ability to mitigate vulnerabilities with alternative solutions."
"There could be more information in regards to solving problems like hints on what specifically to look for."
RSA Archer is ranked 1st in IT Vendor Risk Management with 38 reviews while SecurityScorecard is ranked 5th in IT Vendor Risk Management with 4 reviews. RSA Archer is rated 8.0, while SecurityScorecard is rated 8.0. The top reviewer of RSA Archer writes "A rich application with good workflow, but search feature needs improvement". On the other hand, the top reviewer of SecurityScorecard writes "Easy-to-deploy product with good technical support services ". RSA Archer is most compared with OneTrust GRC, IBM OpenPages, MetricStream, Workiva Wdesk and AuditBoard, whereas SecurityScorecard is most compared with Bitsight Third-Party Risk Management, Recorded Future, RiskRecon, Tenable Nessus and CyberGRX. See our RSA Archer vs. SecurityScorecard report.
See our list of best IT Vendor Risk Management vendors.
We monitor all IT Vendor Risk Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.