The RSA Archer GRC Platform 5.4 SP1 provides an organization with a consolidated view of its risk. The solution allows for top-down and bottom-up risk assessments that can be performed qualitatively and quantitatively. The offering is focused on IT security and IT risk management. We looked at several modules of the suite for this review, including policy management, enterprise management, risk management, compliance management, RSA VRM, and the new security operations management module. The GRC platform provides a common, flexible user interface appearance across all modules and gives users the ability to create and change the fields and processes to meet their business needs.
The risk management module allows one to proactively address risks to reputation, finances, operations and IT infrastructure as part of a GRC program. This is the central management system for identifying risks, evaluating their likelihood and impact, relating them to mitigating controls, and tracking their resolution. The workflow tools and visualization/dashboards were strong.
The old incident module has been reworked as the security operations module and provides functionality for incident and investigations, breach management, crisis management and SOC management. The policy management module comes complete with a great workflow capability and content to deliver a consistent process for managing the lifecycle of policies and their exceptions. It provides a single point for creating policies, standards and controls and mapping them to objectives, regulations and industry guidelines. The library includes best-practice policies, control standards, control procedures, assessment questions and authoritative sources, which are pre-mapped to enable efficient compliance measurement and reporting.
We spent a lot of time with the demo reviewing the vulnerability risk management module (VRM). This is not a scanning tool. Rather, it takes feeds from all the common scanning tools in the market. It can take feeds from several tools and correlate that data into a single view. The new VRM had a lot of great features including full workflow integration, great asset inventory capabilities, history/trending for a risk posture over time metric, strong search capabilities and drill-down abilities, including the ability to quickly identify a list of assets with a specific threat profile. All the data is correlated together in the GRC platform for unified reporting, incident response and risk management.
The platform is available either as a hosted SaaS offering or as on-premise software. The on-premise solution is deployed on two physical tiers that can be hosted on one physical server or deployed across multiple servers. This includes the web and database tiers. In a single host configuration, the platform requires an operating system with Windows 2003 Server with SP1 or later, Windows Server 2008, or Windows Server 2008 R2 Standard, Enterprise, or Datacenter editions. SQL Server 2005 SP3 or later, SQL Server 2008, or SQL Server 2008 R2. X64 editions of SQL Server are recommended. An important note is that the vulnerability manager module is currently available only as an on-premise offering.
Basic maintenance is available and is included in the price of the solution and lasts the entire time of the contract term and in contract renewal. Several support options are available - with the high end priced at 25 percent of license fee or seven percent of contrite term for hosted.