We performed a comparison between Bitsight Third-Party Risk Management and RSA Archer based on real PeerSpot user reviews.
Find out in this report how the two IT Vendor Risk Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Its customer service team responds quickly."
"I prefer BitSight due to its patch management capabilities. The score is a valuable feature. I have contacted the customer support through e-mail and their response rate is fast. I rate the solution a nine out of ten."
"The product helps us identify the vulnerabilities of internet-facing applications."
"The solution is user-friendly."
"Offers open ports from an external point of view."
"This solution helped us with the centralization of our governance data, so we could house all of our controls in one place. We could use that central repository of all our controls to build our risk management strategy and our policy and governance. So we could use controls as a central library and build policy, and then build risk management around it."
"Enables development of any application, automation of any workflow including the GRC work processes."
"The integrated data model of a one-to-many/many-to-one relationship is quite useful."
"The solution has helped our organization manage our internal and external activities."
"Archer seamlessly integrates data systems without requiring additional software."
"I have found all the features to be valuable, including those involving reporting, the dashboard, notifications, email modules, the database and data input."
"It has the best workload management features."
"First of all, its access control feature where it provides application level access, solution level access, and even recall access, as well."
"Data enrichment is the major issue."
"At the moment, when the vulnerability score decreases, it remains the same for quite a while, even though issues are resolved in 24 hours."
"There may be room for improvement in the methodology for identifying findings, as occasional errors occur on the technical side."
"The solution’s benchmarking should be improved."
"Its factor analysis feature could be better."
"The bullet chart is the best graph for my purposes, and it should be available for inclusion in the dashboards."
"In a future release, there should be an option to upload the main data."
"Archer could be improved by having more customization. I'm not sure if the backend processes have API calls and those kinds of seamless integrations, but from the front, some of the solutions are very out-of-the-box. It's not customizable, so that could be a little problematic since you have to use their features. In terms of the backend structure, I'm not too sure because I'm not a developer—I was an end user and product owner of Archer—and I don't quite know the backend and developmental features. But since it's an out-of-the-box solution, sometimes customization was challenging and support was a little problematic because we had to reach out to them all the time."
"There is no inbuilt alert in Archer to let us know that a data feed has failed or did not run for different reasons. So, we don't even get to know that a feed has not run until somebody reports it to us. This has been a problem all the time. Data feeds have always been a big headache for us because there is no feature to let us know if a feed has not run or has failed. If Archer had a feature to send us an email notification when a feed has failed, it would've been very helpful. This is the reason why our users are slowly moving away to another platform. Some of the modules that I have been managing are being moved to ServiceNow. Next year, a lot of our modules will be moved from RSA Archer to ServiceNow, and the data feed issue has been one of the main reasons."
"When we have to do formulas or some other type of calculation in Archer, it sometimes doesn't work correctly. The fields don't display right, and we have to contact RSA Archer support to fix things. I think the calculation components are a bit complicated."
"RSA Archer's best features are advanced workflow, reports, dashboards, and notifications."
"The first improvement I would suggest for RSA Archer is a better search feature. The search criteria needs to be improved. Sometimes I do a search and the search doesn't return the exact item I'm looking for. RSA Archer could also be improved by being more user-friendly. Maybe I have been using a limited version of RSA Archer, but I'm not sure whether it has ESG, environmental and social governance. In the next couple of years, ESG is the next feature that will be integrated into GRC tools. I would recommend RSA Archer adds ESG."
"Slow turnaround time from support team."
More Bitsight Third-Party Risk Management Pricing and Cost Advice →
Bitsight Third-Party Risk Management is ranked 2nd in IT Vendor Risk Management with 5 reviews while RSA Archer is ranked 1st in IT Vendor Risk Management with 38 reviews. Bitsight Third-Party Risk Management is rated 8.6, while RSA Archer is rated 8.0. The top reviewer of Bitsight Third-Party Risk Management writes "User-friendly solution with robust patch management capabilities". On the other hand, the top reviewer of RSA Archer writes "A rich application with good workflow, but search feature needs improvement". Bitsight Third-Party Risk Management is most compared with SecurityScorecard, RiskRecon, Microsoft Secure Score, UpGuard Vendor Risk and Tenable Lumin, whereas RSA Archer is most compared with OneTrust GRC, IBM OpenPages, MetricStream, Workiva Wdesk and AuditBoard. See our Bitsight Third-Party Risk Management vs. RSA Archer report.
See our list of best IT Vendor Risk Management vendors.
We monitor all IT Vendor Risk Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.