New Readers

 Home News and World Report Buyers Guide Global Excellence Technology Case Studies Editorial Awards About Info Security
2008 Best Deployment Scenario

The automation and administration of enterprise risk and compliance management processes


Current Threat: Archer Technologies’ Risk Management, part of its enterprise risk and compliance management (ERCM) solution, is a comprehensive approach to assessing and overseeing risk and compliance across an organization. For highly regulated companies grappling with complex regulations, industry standards, and internal policies and controls, risk and compliance efforts are often fragmented into organizational silos. This can result in process redundancies, data inconsistencies and incomplete reporting that doesn’t provide the knowledge needed to devise objectives and policies. Without global visibility into acceptable levels of risk and the relationship of risk to assets, policies and compliance, IT governance is virtually impossible.

Info Security Products Guide
this article
COMPARE and print reports
RATE products

Tomorrow's Technology Today - Risk Management

Tomorrow's Technology Today:

Archer Technologies’ Risk Management Solution
Archer Technologies provides seven core solutions that are fully integrated and designed to facilitate the automation and administration of enterprise risk and compliance management processes. These solutions include Policy, Threat, Asset, Incident, Risk, Vendor and Sarbannes-Oxley Compliance Management.
While Archer’s risk management solution can be deployed independently to address specific business requirements, implementing the risk management solution with the other Archer solutions forms a powerful, cohesive system.  Archer empowers organizations to customize and generate online risk assessment questionnaires, compliance scorecards and actionable remediation plans for managing control gaps and mitigating risks.  Risk Management automates and customizes risk assessments to utilize an “ask one, answer many” approach.  To facilitate this, Archer provides a question library directly out of the box for use to assess common organizational risks.  This solution also enables the customer to easily generate custom questionnaires to gather information and compliance reports based on specific company risks. 
How useful is a risk management system if there is no way to sort, track and store findings?  Archer Technologies understands the need for a solution that not only assesses risk and compliance processes, but also generates a task management system to ensure actions items are communicated and acted upon to lower risks and prove compliance.  Archer’s Risk Management is a dynamic risk-based reporting system that out of the box provides risk management procedures including:

  • Risk questionnaire development
  • Risk questionnaire deployment
  • Risk assessment
  • Results reports
  • Next steps/tasks for compliance

Through Archer’s easy to use dashboard, executives and risk managers can generate and view an executive summary of the status and results of a risk assessment campaign.  The dashboard provides a high-level overview of these reports and the ability to drill-down to understand, on a case by case basis, the different risks and their association with corporate and government compliance standards.

Archer offers a tight integration between all of its seven core solutions, and the Risk and Policy Management solutions together work to ensure that all an organization’s risks are tied back to a governing policy.  Users of Risk and Policy Management can utilize Policy Management’s catalogue of federal, industry and company specific policies and approved policy exemptions to determine each situations risk level and the necessary next steps to ensure compliance.  Through these capabilities, Archer delivers a cost effective risk management solution that improves the efficiency and flexibility of an organization’s risk control and compliance.

Archer Technologies Overview
While Archer’s solutions can be deployed independently to address specific business requirements, implementing them together forms a powerful, cohesive system.  These solutions address seven core processes involved with enterprise risk and compliance management:

  • Policy Management
  • Threat Management
  • Asset Management
  • Risk Management
  • Incident Management
  • Vendor Management
  • Sarbanes-Oxley Compliance Management

Archer empowers organizations to automate and manage these processes through a set of comprehensive, integrated solutions. Out of the box, these solutions enable clients to take a best-practice approach to enterprise risk and compliance management (ERCM) based on standards such as ISO/IEC 17799:2005, COSO and FFIEC. Through the Archer ERCM solution set, organizations gain a central repository of risk and compliance management functions, such as policies, control documentation, assessments, risk findings and actionable, ad-hoc reporting.

But Archer recognizes that one size doesn’t fit all. Organizations have unique processes for risk and compliance management, and retrofitting processes to a rigid solution structure is not a viable option. To address customization needs, Archer, a Microsoft Gold Partner, delivers out-of-the-box solutions built on the BITS-certified Archer SmartSuite Framework that can be easily tailored to meet specific risk and compliance requirements. Business users with no prior knowledge of database systems or programming languages can simply point and click to tailor Archer solutions or to automate additional processes for information storage and sharing.

Tailoring Archer Solutions
The Archer SmartSuite Framework is the core of Archer’s market-leading solutions. Solution customization can be accomplished via Archer’s easy-to-use web interface and does not require a programmer or technical resource. The Archer SmartSuite Framework provides wizards and intuitive administrative pages that enable clients to model and automate their unique business processes.

Creating New Solutions
The types of applications clients can build with the Archer SmartSuite Framework are limited only by their imagination. Any manual business process that involves storing, managing and maintaining information can be automated through this flexible Framework, including:

  • PCI self-assessments
  • Internal employee surveys
  • Physical security incident tracking
  • Data classification management
  • Firewall change request tracking
  • Project management
  • Task management
  • Issue tracking
  • Trouble ticketing systems
  • Test plan management
  • Document repositories
  • And much more

The end result of employing the comprehensive Archer ERCM solution set to manage and automate risk and compliance processes is a foundation for total IT governance.

Conclusion: Through Archer, an organization can gain a global view of their policy compliance landscape by utilizing a dashboard with high-level overviews and the capabilities to drill-down for more in depth analyses to make informed decisions that ensure the organization is staying within regulation and control boundaries.

Archer Technologies
13200 Metcalf , Suite 300
Overland Park, KS 66213 USA
Tel: 1-913-851-9137