What is our primary use case?
We use RSA Archer as an Information Security Management Systems Compliance solution in sectors such as business resiliency, operational and enterprise risk management, audit management, public sector, security and IT risk management, third-party governance, and regulatory compliance management.
How has it helped my organization?
RSA Archer GRC modules allow you to build efficient, collaborative enterprise governance, risk, and compliance (GRC) programs across IT, finance, operations, and legal domains. With RSA Archer, you can manage risks, demonstrate compliance, and automate business processes.
What is most valuable?
This solution allows us to define and automate business processes for streamlining the management of content, tasks, statuses, and approvals.
We are able to consolidate governance, risk, and compliance information of any type.
Archer seamlessly integrates data systems without requiring additional software.
Automate movement of data into and out of the platform to support data analysis, process management, and reporting.
What needs improvement?
I would like to have the ability to build and maintain an inventory of personal data processing activities and assets utilizing a purpose-built taxonomy and data structure.
Tracking data retention schedules and executing a checklist based on Article 30 requirements as it relates to processing activities would be a helpful addition.
Having the ability to manage activities related to notifications and consents linked to the processing activity inventory would improve this solution.