Showing results for 
Search instead for 
Did you mean: 
Champion III

FINAL NOTIFICATION FOR END OF PRIMARY SUPPORT (EOPS): Please be advised that this Platform version is no longer supported. Once a product reaches EOPS, RSA Archer Technical Support is no longer available under base support/maintenance agreements.


Extended Support is being offered only for Platform versions 5.5 through 5.5 SP4 through December 31, 2018, to those customers with a current maintenance contract as a prerequisite to an Extended Support purchase. Extended Support does not include Hot Fixes, best effort support only. For questions, please refer to the Product Version Life Cycle.


Contact your local Existing Accounts Manager with assistance in upgrading to a supported 6.x version. Thank you.




Centrally manage policies and control standards, map them to objectives and guidelines, and promote awareness to support a culture of corporate governance.

2016_RSA Archer GRC for light backgrounds.png


Highly regulated companies have policies and controls in place to support enterprise risk and compliance initiatives. Unfortunately, these policies and controls are frequently out of date and buried in silos across the organization. Additionally, many companies struggle to understand the regulations and standards that impact their business and how those authoritative sources relate to their products and services, business plan and strategic objectives. Without a solid understanding of what a company needs to comply with, it's impossible to create effective policies and controls.


The Archer Policy Management solution provides the foundation for a best-in-class governance, risk and compliance program with a comprehensive and consistent process for managing the lifecycle of corporate policies and their exceptions. Archer provides a centralized infrastructure for creating policies and control standards and mapping them to corporate objectives, regulations, industry guidelines and best practices. Archer's solution also enables you to communicate policies enterprise-wide, track acceptance, assess comprehension, and manage valid exceptions. Powered by the Archer SmartSuite Framework, Archer Policy Management allows you to gain a meaningful understanding of what governs your business and to formulate policies appropriately to aid in achieving corporate objectives and demonstrating regulatory compliance.


Features and Benefits 

Through Archer Policy Management, you can:
  • Centralize and normalize your corporate policies, and author new policies according to your organization's objectives and the authoritative sources that govern you.
  • Utilize the Archer Policy Compliance Library, which provides best-in-class policies and control standards for managing IT risk.
  • Rationalize your policies and control standards by mapping them to the corporate objectives they support and to best practice standards and other compliance requirements that impact your business, such as PCI, ISO/IEC27001, COBIT, FFIEC, HIPAA, NERC and others.
  • Utilize automated workflow to ensure proper review and approval of all policy content before publication.
  • Communicate new and updated policies across your enterprise through user-specific dashboards and email notifications that are relevant to specific roles, departments and business functions.
  • Promote policy awareness through targeted training campaigns to identify and track gaps in policy comprehension and acceptance.
  • Initiate and manage requests for policy exceptions automatically using built-in workflow and alert notifications.
  • Utilize real-time reports and dashboards to display policies and control standards mapped to regulatory requirements, identify gaps between policies and authoritative sources and monitor policy exceptions.
The Policy Management solution includes the following applications:
  • Corporate Objectives: Tracks strategic, operational, reporting and compliance objectives as they relate to company policies and risks. Key performance indicators allow the corporation to track its progress with regard to meeting these objectives.
  • Policies: Allows you to author and manage corporate policies using automated workflow for review and approval, and to communicate policy content enterprise-wide.
  • Control Standards: Allows you to author, manage and communicate control standards and map them to the authoritative sources they address.
  • Authoritative Sources: Serves as a repository of authoritative sources, including published standards, regulations, laws or requirements, that your organization must comply with.
  • Baselines: Centralizes procedures and standardizes configurations used to implement controls within your IT environment.
  • Exception Requests: Provides the basic framework for managing the process of granting and expiring policy exceptions.
  • Question Library: Contains questions mapped to control standards and authoritative sources that can be copied into questionnaires to facilitate the assessment process.


Key Reports

The following are a subset of reports available with this solution:

  • Policies: Provides a list of all policies in the system.
  • Control Standards by Authoritative Sources: Presents the total control standards mapped to each authoritative source.
  • Control Standards with Policies and Authoritative Sources: Displays control standards with related policies and authoritative sources in column format.
  • Procedure Count by Baseline: Identifies baseline procedures by technical baseline.
  • Exceptions by Status: Displays all policy exceptions by approval status.


Mail Merge Templates

  • Mail Merge Templates can be downloaded from this link



This solution is available to customers with a current license to RSA Archer Policy Management.  If you have questions or require additional information about licensing, please contact RSA Archer at or call 1-888-539-EGRC.


RSA Archer Policy Management 3 is supported on RSA Archer Platform 5.2 through 5.5 service packs.