What are the basics of PCI-DSS Compliance?The Payment Card Industry Data Security Standard (PCI-DSS) defines a consolidated set of security best practices endorsed by major card brands, which are designed to reduce fraud risk associated with credit c...
In their ongoing effort to clarify the concepts of integrated risk management (IRM) and digital risk management (DRM), Gartner has begun to discuss the interconnection of IRM and DRM with enterprise risk management (ERM). Source: https://blogs.gartne...
Managing Third Party contracts can be a daunting task, let alone tracking changes and approval during the negotiation process. Between your legal department and the third party's legal department, the changes and approvals are horrendous to track and...
SecOps has been able to integrate with Splunk OOTB since SecOps 1.1 via the RCF, however, the method for integrating with Splunk has not changed. To be more specific, the current integration files used for sending Splunk alerts in CEF format to SecOp...
What is a Third Party Catalog?The RSA Archer Third Party Catalog provides organizations the capability to inventory all of the third parties with whom they do business and to document their third parties in accordance with their organizational struct...
What is crisis management?Crisis management is preparing for and handling larger and more complicated disruptive events from start to finish. Crisis management is aligned with business continuity and disaster recovery planning and execution, allowing...
What is Incident Management?Incident management is tracking, treating and resolving incidents that are more common and operational in nature, ranging from cyber and physical events, to minor social media outbreaks or others. Incident management inclu...
Another release and more BOOMIN’ Advanced Workflow functionality in RSA Archer 6.5! We’ve seen over the last few releases that Advanced Workflow is becoming bigger and better than ever. Buckle up Archer administrators and developers because this RSA ...
One of my favorite things about the RSA community and the idea exchange is the ability to gather feedback and insight from the community on how RSA Archer could make great features even more useful. In this topic, I am going to cover several feature ...
As I continue my Riskicist’s Guide to the Universe, my first theory regarding the future of risk management deals with change.In very simple terms, the change of Risk in the past can be thought of as growing on a mainly linear scale as a function of ...
What are audit engagements and workpapers?Audit engagements are the mechanism that internal audit teams use to scope, plan and execute their evaluations of risks and associated internal controls, and related areas of their organization. Audit workpap...
Over the past year, we have spent a great of time talking with many of you about your user’s needs. The culmination of these conversations has enabled us to begin our journey for usability experience improvements with RSA Archer release 6.5. One of t...
What is audit planning? Audit planning is the practice where internal audit functions assess the risk across their audit universe and determines the audit engagements they need to perform in the months and quarters ahead. They plan their audits based...
With today’s launch of RSA Exchange Release R6, we're very excited to deliver two new integrations in support of our mobility strategy. As we previewed at RSA Archer Summit 2018 in August:A new integration with Mendix enables customers to access the ...
What is a cyber incident / breach response program?Cyber and security breaches continue dominating front page headlines all over the world. It’s not enough to hope it doesn’t happen to you or assume you’ll be able to respond effectively if it does. C...
Updated March 21, 2019As part of our ongoing effort to update strategic technical components, I wanted to highlight some of the changes surrounding this effort. The impact to you will depend on your infrastructure, configuration and features used. Mo...
RSA Archer Release 6.5 brings some exciting enhancements to our Enterprise & Operational Risk Management solution. Assessing risks in the RSA Archer Top-Down Risk Assessment use case is now more granular, more precise, and reinforces the ownership of...
