Archer Community

Overview The Archer Exchange August 2023 release was announced on August 15, 2023 and provides a wide variety of offerings designed to help you expand your Archer use cases and manage your Archer implementation. For a detailed list of features within this release, please see the Advisory Announcement information below.   Advisories Archer Announces Availability of Archer Exchange Offerings for August 2023 Available Offerings * NEW OFFERINGS Offering Overview Resources Archer Australian Incident Management Accelerator Implementation Guide Installation Package Archer Due Diligence Management Video Implementation Guide Installation Package Archer Advanced Workflow Content Assistant Video Implementation Guide Installation Package Archer Dynamic Workflow Tracker Video Implementation Guide Installation Package Archer ESG Score Connect (powered by CSRHUB) Video  Implementation Guide Installation Package Centers for Medicare and Medicaid Services (CMS) Data Feed Implementation Guide Installation Package Cybersecurity & Infrastructure Security Agency (CISA) Data Feeds Implementation Guide Installation Package Federal Deposit Insurance Corporation (FDIC) Data Feeds Implementation Guide Installation Package Federal Trade Commission (FTC) Data Feed Implementation Guide Installation Package Financial Accounting Standards Board (FASB) Data Feeds Implementation Guide Installation Package GovTrack Data Feed Implementation Guide Installation Package NIST National Vulnerability Database (NVD) Implementation Guide Installation Package Office of the Comptroller of the Currency (OCC) Data Feed Implementation Guide Installation Package Qualys Asset Discovery Implementation Guide Installation Package Qualys Vulnerability Management Implementation Guide Installation Package Reserve Bank of India (RBI) Data Feeds Implementation Guide Installation Package U.S. Department of Health and Human Services (HHS) Data Feed Implementation Guide Installation Package U.S. Department of Homeland Security (DHS) Data Feed Implementation Guide Installation Package European Commission Digital Operational Resilience Act (DORA) Installation Package National Institute of Standards and Technology Artificial Intelligence Risk Management Framework AI 100-1 Installation Package U.K. National Cyber Security Centre (NCSC) Cyber Assessment Framework Installation Package US State Privacy Laws (CCPA) Installation Package   Blogs Archer Exchange introduces ESG Scoring for Third Parties and the first Archer Accelerator in the August 2023 Quarterly Announcement The Imperative for Third-Party ESG Scores: Navigating a Sustainable Future   Free Friday Tech Huddle Schedule and Replays Free Friday Tech Huddle (FFTH) Schedule FFTH: Archer Exchange August 2023 Release Highlights and Archer ESG Score Connect Demonstration FFTH: Archer Exchange - Archer Due Diligence Management App-Pack Demonstration End of Primary Support Policy Archer has a defined End of Primary Support policy associated with all major versions. For additional details, refer to the Product Version Life Cycle.   The following Archer Exchange offerings have reached end of product support: Palisades @RISK has reached end of product support and has been removed from the Archer Exchange as of the August 2023 release. Monetary Authority of Singapore (MAS) Data Feed Content Integration is no longer available and has been removed from the Archer Exchange. U.S. Computer Emergency Readiness Team (US-CERT) Data Feed Content Integration is no longer available and has been removed from the Archer Exchange.  It has been replaced by Cybersecurity & Infrastructure Security Agency (CISA) Data Feeds.

Summary Archer announces availability of Archer Exchange Offerings for August 2023. Details Archer announces availability of new and updated Archer Exchange offerings for August 2023, which include: Accelerators – pre-built configuration of an Archer use case that enhances usability for specific industries, geographies, or niche risk management business processes Archer Australian Incident Management provides a streamlined version of the Archer Incident Management use case with support for specific requirements in Australia, including ASIC RG 78, OAIC, and Corporations Act s912D Checklists.   App-Packs – pre-built applications addressing adjacent or supporting Integrated Risk Management processes (e.g. niche, industry, geo-specific) Archer Due Diligence Management has been recertified on Archer Platform Release 6.13.   Tools & Utilities - pre-built functions enabling administrators to more easily manage their Archer implementations Archer Advanced Workflow Content Assistant has been certified to work for Archer Platform Release 6.13. Archer Dynamic Workflow Tracker has been updated to match Archer user interface standards for an improved user experience.   Integrations - pre-built data exchange configurations bringing data into and pushing data out of the Archer Platform Archer ESG Score Connect provides ESG performance scores to help organizations perform peer benchmarking through insights from vendors’ ESG performance and potential risks.  Centers for Medicare and Medicaid Services (CMS) Data Feed has been recertified on Archer Platform Release 6.13. Cybersecurity & Infrastructure Security Agency (CISA) Data Feeds replaces the U.S. Computer Emergency Readiness Team (US-CERT) Data Feed Content integration. Federal Deposit Insurance Corporation (FDIC) Data Feeds has been recertified on Archer Platform Release 6.13. Federal Trade Commission (FTC) Data Feed has been recertified on Archer Platform Release 6.13. Financial Accounting Standards Board (FASB) Data Feeds has been recertified on Archer Platform Release 6.13. GovTrack Data Feed has been recertified on Archer Platform Release 6.13. NIST National Vulnerability Database (NVD) has been updated to correct a known issue.  Please see the Archer Help Center for more information. Office of the Comptroller of the Currency (OCC) Data Feed has been recertified on Archer Platform Release 6.13. Qualys Asset Discovery has been updated to correct a known issue. Please see the Archer Help Center for more information. Qualys Vulnerability Management has been updated to correct a known issue. Please see the Archer Help Center for more information. Reserve Bank of India (RBI) Data Feeds has been recertified on Archer Platform Release 6.13. U.S. Department of Health and Human Services (HHS) Data Feed has been recertified on Archer Platform Release 6.13. U.S. Department of Homeland Security (DHS) Data Feed has been recertified on Archer platform release 6.13. Wolters Kluwer Regulatory Data Feed will no longer support the Regulatory Change Management SOAP API and migration to REST API, as of September 2023.  Review the roadmap blog* for additional details.   Content - pre-mapped collection of best-practice policies, control standards, legal and regulatory requirements, industry standards, and assessments Archer Content Import Tip Sheet has been updated to improve the user experience and moved to the Archer Help Center. European Commission Digital Operational Resilience Act (DORA) Authoritative Source has been updated to the December 2022 version. National Institute of Standards and Technology (NIST) Artificial Intelligence Risk Management Framework AI 100-1 provides content to better manage risks associated with artificial intelligence (AI). U.K. National Cyber Security Centre (NCSC) Cyber Assessment Framework Authoritative Source has been updated to correct a column header.    US State Privacy Laws (CCPA) was updated to include the latest version of the California Consumer Privacy Act (CCPA). Archer Exchange Documentation has moved to the Archer Help Center.  All Archer Exchange Implementation Guides are now available on the Archer Help Center.  For additional documentation, downloads, and a listing of all Archer Exchange offerings, visit the Archer Exchange on the Archer Community.   End of Primary Support Policy Archer has a defined End of Primary Support policy associated with all major versions. For additional details, refer to the Product Version Life Cycle. The following Archer Exchange offerings have reached end of product support: Palisades @RISK has reached end of product support and will be removed from the Archer Exchange as of the August 2023 release. Monetary Authority of Singapore (MAS) Data Feed Content Integration is no longer available and has been removed from the Archer Exchange. U.S. Computer Emergency Readiness Team (US-CERT) Data Feed Content Integration is no longer available and has been removed from the Archer Exchange.  It has been replaced by  Cybersecurity & Infrastructure Security Agency (CISA) Data Feeds.   Quick Links Archer Exchange Release for August 2023 Overview Archer Exchange Offering List About the Archer Exchange Archer Exchange Overviews Archer Exchange Offering Documentation Archer Exchange Offering Downloads Archer Exchange Partner Program Overview

Overview The Archer Exchange May 2023 release was announced on May 16, 2023 and provides a wide variety of offerings designed to help you expand your Archer use cases and manage your Archer implementation. For a detailed list of features within this release, please see the Advisory Announcement information below.   Advisories Archer Announces Availability of Archer Exchange Offerings for May 2023   Available Offerings * NEW OFFERINGS Offering Overview Resources Archer IIC-Aligned IoT Security Maturity Assessment  Video Implementation Guide Installation Package Archer Individual Accountability Management * Implementation Guide Installation Package Archer IoT Project Readiness  Video Implementation Guide Installation Package Archer Product Security Development Assessment  Video Implementation Guide Installation Package Archer Request & Response Tracker  Video Implementation Guide Installation Package Archer User Account Management  Implementation Guide Installation Package Archer ZIP Management * Implementation Guide Installation Package LexisNexis Regulatory Compliance  Implementation Guide Installation Package RiskLens  Implementation Guide Installation Package Act on Corporate Due Diligence Obligations in Supply Chains * Content Package ISO/IEC 27001 and 27002 Requires ISO/IEC license validation. Please contact support. National Institute of Standards and Technology Guidelines Content Package North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Content Package Secure Controls Framework Content Package Shared Assessments Standard Information Gathering Template (SIG) Question Library Implementation Guide Content Package     Blogs Shared Assessments SIG, Individual Accountability Management, and New Accelerators top off Archer’s Exchange Release for May 2023 2023 Shared Assessment SIG Question Library Now Available New Archer ZIP Management Tool & Utility Makes Downloading Multiple Files More Efficient How Financial Institutions Can Manage Individual Accountability   Free Friday Tech Huddle Schedule and Replays FFTH Replay: Archer Exchange May 2023 Release Overview, Zip Management and Shared Assessments SIG demonstration FFTH Replay: Archer Individual Accountability Management - Archer Exchange May 2023 Release Highlights FFTH Replay: Archer IoT Project Readiness & Archer IIC-Aligned IoT Security Maturity Assessment FFTH Replay: Archer Product Security Development Assessment App-Pack & Archer Request & Response Tracker App-Pack   End of Primary Support Policy Archer has a defined End of Primary Support policy associated with all major versions. For additional details, refer to the Product Version Life Cycle.      

Summary Archer Announces Availability of Archer Exchange Offerings for May 2023 Details Archer announces availability of new and updated Archer Exchange offerings for May 2023, which includes: App-Packs - pre-built applications addressing adjacent or supporting Integrated Risk Management processes (e.g. niche, industry, geo-specific) Archer IIC-Aligned IoT Security Maturity Assessment has been recertified on Archer Platform version 6.12. Archer Individual Accountability Management tracks individual accountability and conduct for compliance with relevant regulations or obligations.  Note: New licensing changes apply to this offering. Archer IoT Project Readiness has been recertified on Archer Platform version 6.12. Archer Product Security Development Assessment has been recertified on Archer Platform version 6.12. Archer Request & Response Tracker has been recertified on Archer Platform version 6.12.   Tools & Utilities - pre-built functions enabling administrators to more easily manage their Archer implementations Archer User Account Management has been updated to address an issue related to lookup of domain-based user accounts for LDAP. Archer ZIP Management enables download of multiple attachment files from an Archer record or cross-referenced records.  Note: New licensing changes apply to this offering.   Integrations - pre-built data exchange configurations bringing data into and pushing data out of the Archer Platform LexisNexis Regulatory Compliance has been updated to improve initial load of Mandates and includes Enhanced Content. Wolters Kluwer Regulatory Data Feed has announced discontinuation of support for the Regulatory Change Management SOAP API and migrating to REST API.  Review the roadmap blog* for additional details. JavaScript Transporter Data Feed script updates address a changed library name.  Review the Roadmap blog* for additional details.  The following integration has been updated:  RiskLens The following integrations will no longer work with Archer Platform version 6.13 and later: Axonius Cybersecurity Asset Management Supply Wisdom Palisades @RISK has reached end of product support and will be removed from the Exchange in our August 2023 release.   Content - pre-mapped collection of best-practice policies, control standards, legal and regulatory requirements, industry standards, and assessments Act on Corporate Due Diligence Obligations in Supply Chains outlines the requirements for German businesses to implement human rights due diligence practices in supply chains. ISO/IEC 27001 and 27002 have been updated for to add additional mappings to Archer Control Standards for the 2022 versions. National Institute of Standards and Technology Guidelines now includes additional mappings to Archer Control Standards for NIST 800-53 Rev 5. North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) has been updated to add two new standards: 004-7 (Cyber Security – Personnel & Training) and 011-3 (Cyber Security — Information Protection) that are expected to go into effect in January 2024. Payment Card Industry Data Security Standard (PCI DSS) has been updated to include additional mappings to Archer Control Standards. Secure Controls Framework has been updated to the March 2023 version. Shared Assessments Standard Information Gathering Template (SIG) Question Library has been updated for 2023.  Note:  New licensing changes apply to this content. Archer Exchange Documentation is moving to the Archer Help Center.  All Archer Exchange Implementation Guides are now available on the Archer Help Center.  Archer Exchange offering documentation will be available on both the Archer Help Center and the Archer Community for a period of time while we update the 300+ offering documentation links to their new location on the Archer Help Center.  Once these updates are complete, we will post a blog indicating that the Archer Help Center is the primary documentation location.is the primary documentation location. For additional documentation, downloads, and a listing of all Archer Exchange offerings, visit the Archer Exchange on the Archer Community.   End of Primary Support Policy Archer has a defined End of Primary Support policy associated with all major versions. For additional details, refer to the Product Version Life Cycle.   Quick Links: Archer Exchange May 2023 Release Overview Archer Exchange Offering List About the Archer Exchange Archer Exchange Overviews Archer Exchange Offering Documentation Archer Exchange Offering Downloads Archer Exchange Partner Program Overview              

Summary Archer Announces Availability of Archer Exchange Offerings for February 2023   Details Archer announces availability of new and updated Archer Exchange offerings for February 2023, which include:  App-Packs - pre-built applications addressing adjacent or supporting Integrated Risk Management processes (e.g. niche, industry, geo-specific)  Archer Complaints Tracking has been updated to work with the latest version of Archer Engage.  Archer FFIEC-Aligned Cybersecurity Framework has been updated to include the Import files.  Archer Gift Registration has been recertified on Archer Platform Release 6.12.  Tools & Utilities - pre-built functions enabling administrators to more easily manage their Archer implementations  Archer Enhanced User Experience has been updated to correct known issues. See the implementation guide for additional information.   Archer User Account Management has been updated to fully support Azure group synchronization and fix known issues. Please see the implementation guide for additional information.  Archer User Profile & Contact Synchronization has been updated to enable additional authentication capabilities.  Integrations - pre-built data exchange configurations bringing data into and pushing data out of the Archer Platform  Qualys Asset Discovery and Qualys Vulnerability Management has been updated to correct a known issue affecting CVSS scoring.  Tenable.sc Asset Discovery and Tenable.sc Vulnerability Management has been updated to correct known authentication and header issues. See the implementation guide for additional information.  Wolters Kluwer Regulatory Data Feed has been updated to support Wolters Kluwer’s updated APIs.  Archer has provided JavaScript Transporter Data Feed script updates to address a changed library name.  See this Roadmap blog* for additional details.  The following integrations have been updated:   SecurityScorecard  Tenable.sc Asset Discovery   Tenable.sc Vulnerability Management  Content - pre-mapped collection of best-practice policies, control standards, legal and regulatory requirements, industry standards, and assessments  Australian Energy Sector Cyber Security Framework (AESCSF) provides a framework for assessing cyber security maturity across Australia’s energy sector.  CNNS Instruction No. 1253 has been updated to the latest version.   COGRIS Turkish KVKK Personal Data Protection Law provides guidance and best practices for information and communication security in Turkey.   COGRIS Turkish Information and Communication Security Guide defines the corporate responsibility for protecting personal data in Turkey.    ISO/IEC 27001 has been updated to the 2022 version.    ISO/IEC 27002 has been updated with additional HTML formatting based on customer feedback.   National Institute of Standards and Technology Guidelines NIST 800-53 Rev 5 has been updated to correct missing controls in the Sub Section file.   Payment Card Industry Data Security Standard (PCI DSS) has been updated to map Control Procedures to the Authoritative Source and remove extra HTML characters.   U.S. State Breach Notification Laws has been updated to include the latest version of the IL CS530 law.  For additional documentation, downloads, and a listing of all Archer Exchange offerings, visit the Archer Exchange on the Archer Community.    End of Product Support Policy Archer has a defined End of Primary Support policy associated with all major versions. For additional details, refer to the Product Version Life Cycle.   Quick Links Archer Exchange Release for February 2023 Overview  Archer Exchange Offering List  About the Archer Exchange   Archer Exchange Overviews  Archer Exchange Offering Documentation  Archer Exchange Offering Downloads  Archer Exchange Partner Program Overview