Showing results for 
Search instead for 
Did you mean: 
Archer Employee
Archer Employee

As RSA Archer has evolved our product offerings over the last 15 years, the one constant we have found is that no organization begins their GRC journey addressing same type of risk or use case.  Each organization’s risk needs are different.  However, all organizations are addressing some form of risk whether cyber risk, compliance risk, resiliency risk, operational risk, third party risk, public sector risk, or managing an audit with a risk-based approach.

In addition, Archer clients have found a great deal of success starting small to address a particular risk issue that solves an immediate need.  And by beginning their GRC journey small, they often see quick wins within the organization that often turns to more and more requests and expansion for their program.


As our customers and the needs of the marketplace evolve, so too does Archer.  With the GRC 6.1 release, RSA Archer is introducing new packaging for all RSA Archer GRC offerings that is based on risk types (our solution areas) as well as the customer’s GRC maturity (specific use cases within each solution area).


The RSA Archer product offering is comprised of seven solution areas:

  • RSA Archer IT & Security Risk Management to manage cyber risk
  • RSA Archer Enterprise & Operational Risk Management to bring an enterprise and operational view of risk
  • RSA Archer Regulatory & Corporate Compliance Management to manage compliance risk
  • RSA Archer Third Party Governance to address third party risk and performance
  • RSA Archer Business Resiliency to address resiliency risk
  • RSA Archer Public Sector Solutions addressing risk for public entities
  • RSA Archer Audit Management providing a risk-based audit approach
RSA Archer Solutions_sm.png

Each solution is comprised of several purpose-built use cases that address the specific risk area. A variety of use cases exist for each solution based on where you are at in your GRC maturity journey.  Each use case is categorized as a:

GRC Maturity Journey.jpg
  • Foundation use case –  Offer a starting point for organizations that are just beginning their GRC journey. These use cases enable organizations to move away from spreadsheets to gain efficiency, accountability and visibility in managing issues and risks.
  • Managed use case – Provide organizations that have more mature GRC programs the ability to connect processes to collaborate across several risk functions within the business, integrate multiple data sources, and focus on building repeatable, consistent processes that bring consolidated risk visibility to the organization.
  • Advantaged use case – Transform risk into a competitive advantage for the organization. These use cases allow your program to connect risks to business objectives, enabling an open dialog and the visibility necessary to move beyond managing risk to anticipating the business’ needs.

A total of 33 risk and compliance use cases are available. Each use case includes out-of-the-box best practices to efficiently kick-start an effective risk and compliance program that can be incrementally expanded as the organization’s risk and compliance needs grow. More information for each Solution Area and Use Case is available here.


We thank you for your continued support and look forward to working with you as a partner in your GRC program’s success. If you have any questions, please contact your RSA Archer Account Manager.