RSA Archer – Basic Training | Beginner
RSA Archer is an eGRC platform that helps companies to manage governance, risk, and compliance (GRC) on a single web-application. The platform allows you to create new applications or solutions based on company requirements. You can integrate the applications with external systems. Moreover, all the above-mentioned features don’t require a deep knowledge of coding or scripting.
What is GRC?
GRC means Governance, Risk, and Compliance.
Governance:
An organization is directed and managed by a set of cultures, policies, and laws. These laws define the organization’s structure. This is known as Governance. Therefore, Governance is equal to the Set of Rules.
Risk Management:
Risk Management defines a process that helps the organization to ensure that all the business processes and behaviors remain within pre-defined Governance Policies (set of rules). If the business processes go beyond that limit, it may create a potential for loss.
Therefore, Risk Management is equal to Defining controls to ensure that the rules are followed properly.
Compliance:
Compliance defines the process to adhere to the policies and rules defined by the organization. These policies can be derived from internal directives, external laws & regulations, or standards defined by the organization.
Therefore, Compliance is equal to Measurement of the effectiveness of the rules and Measurement of how well people follow these rules.
The Main Goals of GRC
The main goal of GRC are as follows:
1. Help organizations to define Policies and Controls.
2. Address all the compliance obligations.
3. Gather information to run the business proactively.
4. Keep track of procedures and raise an alert if procedures go off the track.
5. Create a system and culture which is compliant with external regulations as well as internal policies and risk management procedures.
How does RSA Archer helps to fulfill GRC Goals?
Here are few roles played by RSA Archer to fulfill GRC goals:
1. It manages the overall life-cycle of corporate and IT policies.
2. Helps to visualize and provide overall picture of risks at business level.
3. Investigate and resolve cyber and physical incidents.
4. Centralize the business continuity and disaster recovery planning.
5. Align internal audits and helps to plan mitigation strategies.