HOME NEWS ARTICLES PODCASTS VIDEOS EVENTS JOBS COMMUNITY TECH DIRECTORY ABOUT US
at Financial Technnology Year
A configurable platform that enables banks to document and assess operational risks, report on risk levels, and implement risk-based control processes. Includes tools for risk assessments, loss event management, key risk indicators, control testing, and issues management.
Platforms for identifying, assessing, and mitigating risks from inadequate processes, people, systems, or external events.
More Operational Risk Management
More Risk Management ...
Multi-factor Authentication Requires multiple forms of verification before access is granted to the system. |
RSA Archer provides multi-factor authentication options as part of its platform security, referenced in RSA support and documentation. | |
Role-based Access Control Allocation of access permissions based on the user's role in the organization. |
Role-based access control is a standard feature in RSA Archer across risk, control, and workflow modules. | |
Granular Permission Levels Ability to define very specific access rights at module, data, or transaction level. |
RSA Archer allows configuration of granular permissions at application, record, and field levels according to user role. | |
Single Sign-On (SSO) Integration Enables users to access multiple applications with one set of credentials securely. |
Single Sign-On (SSO) integration is part of RSA Archer’s security capabilities, supporting SAML and enterprise identity providers. | |
Audit Trails on Access Changes Automatic logs of all changes made to user permissions and access rights. |
Audit trails capture access changes in Archer, enabling security and regulatory reviews. | |
Session Timeout Controls Automatic logoff users after a period of inactivity. |
Session timeout controls are configurable in Archer’s platform settings to enhance security. | |
User Access Review & Certification Periodic verification and re-certification of users’ access rights. |
RSA Archer enables periodic user access review and certification as part of access management. | |
Failed Login Attempt Monitoring Records and alerts on multiple failed login attempts. |
System provides failed login monitoring tools to alert or lock accounts after repeated failed attempts. | |
Access Request Workflow Automation Automates the process for users to request and obtain access based on workflows. |
Access request workflow automation available through RSA Archer's workflow engine. | |
Real-time Access Revocation Ability to revoke user access instantly. |
Real-time access can be revoked through Archer’s administrative interface. |
Comprehensive Audit Logs Detailed records of all system activity, changes, and data edits. |
Comprehensive audit logs are standard for all user actions and system events in Archer. | |
Immutable Data Storage Ensures data cannot be modified once written, supporting regulatory requirements. |
No information available | |
Change Tracking Granularity Level of detail for every change (field, user, timestamp). |
No information available | |
Historical Data Versioning Ability to retrieve and review previous versions of data records. |
Historical data versioning capabilities are present; Archer can retain previous versions of data as part of audit trail. | |
Automated Data Backups System automatically backs up critical data on a scheduled basis. |
Automated data backups are configurable in RSA Archer as part of operational resilience. | |
Data Reconciliation Tools Ability to compare and reconcile internal data with external or legacy sources. |
No information available | |
Tamper Alerts Detection and notification of unauthorized data changes. |
No information available | |
Data Validation Rules Automated checks that validate data input against set business rules. |
Data validation rules can be implemented at the form and workflow level to support data integrity. | |
Digital Signatures Support for cryptographic signing of records or transactions. |
No information available | |
Time-stamping of Transactions Record the exact times for all key user actions. |
Time-stamping of transactions and records is included in database-level and audit logs. |
Customizable Incident Taxonomy Ability to define and adjust categories for risk events. |
RSA Archer enables customizable incident taxonomy for risk events as part of its configuration platform. | |
Real-time Incident Reporting Allows users to report incidents as soon as they occur. |
Real-time incident reporting supported via intuitive interfaces, both in web and mobile form. | |
Automated Escalation System can route incidents to the appropriate level of management based on severity. |
Archer includes automated escalation rules and workflow for incident management. | |
Attachment & Evidence Uploads Allows supporting files to be attached to incident records. |
Attachment and evidence uploads are supported on incident and loss event records. | |
Anonymous Reporting Capability Users can report incidents without disclosing their identity. |
No information available | |
Incident Status Tracking Monitor progress of incidents from reporting to resolution. |
Incident status tracking through all workflow stages is a core incident management feature in Archer. | |
Root Cause Analysis Tools Built-in methods to help determine why an incident occurred. |
No information available | |
Incident Severity Scoring Grading system to quickly assess and prioritize incidents. |
Incident severity scoring is supported through configurable forms and calculations. | |
Event Timeline Visualization Timeline view of incident events and steps taken. |
No information available | |
Management Commenting & Collaboration Enables managers to comment and collaborate on incident investigations. |
No information available |
Risk Register Management Centralized registry for all identified operational risks. |
RSA Archer provides a centralized, configurable risk register management capability. | |
Customizable Risk Scoring Matrix Ability to define framework for likelihood and impact scoring. |
Customizable risk scoring matrices (likelihood/impact) can be defined by administrators. | |
Bulk Risk Assessment Uploads Import risk assessments in bulk from external files. |
No information available | |
Risk Heat Maps Visual representation of risk likelihood versus impact. |
Risk heat maps are standard features for visualizing the enterprise risk profile. | |
Key Risk Indicator (KRI) Tracking Monitor and track key operational risk indicators. |
KRI (Key Risk Indicator) tracking is one of the core modules/functionalities. | |
Automated Risk Scoring Automatically updates risk scores based on input data and thresholds. |
Automated risk scoring and recalculation are possible based on business rules and input data. | |
Periodic Review Scheduling Schedule and track completion of risk reviews. |
No information available | |
Risk Appetite Setting Configure thresholds for acceptable risk across categories. |
No information available | |
Residual Risk Calculation System calculates risk after controls are applied. |
No information available | |
Mitigation Action Tracking Track progress of action plans to address operational risks. |
Mitigation action tracking is available as part of issue/action plan management modules. |
Control Library Central repository for all operational controls setup in the system. |
Control library and repository is included for mapping and managing controls related to risks. | |
Control Effectiveness Assessment Facilitates regular evaluation of control performance. |
Control effectiveness assessments can be scheduled and documented in the system. | |
Automated Control Testing Tools to test controls automatically and record results. |
Automated control testing logic can be implemented or directly integrated in Archer platform. | |
Control Mapping to Risks Ability to link controls directly to risks they mitigate. |
No information available | |
Test Scheduling & Reminders Automated scheduling and reminders for control testing. |
No information available | |
Control Owner Assignment Assign responsibility for specific controls. |
No information available | |
Control Documentation & Versioning Maintain records and change versions of control documentation. |
No information available | |
Automated Alerts for Control Failures Immediate notification if a control test fails. |
No information available | |
Evidence Capture for Control Tests Upload or auto-link evidence for control testing results. |
No information available | |
Key Control Identification Flag critical controls essential to the risk framework. |
No information available |
Rule-driven Workflow Engine Automated routing/regulation of processes based on defined business rules. |
No information available | |
Automated Notifications Automatic email, SMS, or in-application alerts for tasks and deadlines. |
No information available | |
Task Assignment Automation Assign tasks to relevant parties based on workflow configuration. |
No information available | |
Calendar Integration Seamless integration with corporate calendars for scheduling reviews, tasks, or meetings. |
No information available | |
Approval Workflow Customization Define multi-step approvals for key risk processes. |
No information available | |
Automated Escalation Paths Escalate overdue or critical tasks as per preset rules. |
No information available | |
Bulk Task Management Ability to manage and update tasks in bulk. |
No information available | |
Task Completion Tracking Comprehensive tracking of task status and completions. |
No information available | |
Template-based Task Creation Create and deploy recurring tasks from templates. |
No information available | |
SLA Enforcement Mechanisms Monitor and enforce Service Level Agreements on process tasks. |
No information available |
Ad-hoc Report Builder Users can create customized reports using system data. |
No information available | |
Standard Regulatory Reports Pre-built templates for required compliance and regulatory reports. |
No information available | |
Dashboard Visualization Visual dashboards providing at-a-glance status of key metrics. |
Dashboard visualization and configurable dashboards are a key feature for user and management views. | |
Export to Excel/PDF/CSV Ability to export reports in multiple standard formats. |
RSA Archer supports standard exports to Excel, PDF, and CSV from reporting modules. | |
Real-time Data Refresh Reports draw from live system data with fast refresh rates. |
No information available | |
Drill-down Analytics Click-through for detailed breakdowns of aggregate figures. |
No information available | |
Scheduled Reports Automate regular report delivery to users and stakeholders. |
No information available | |
Trend Analysis Identify risk trends over time, including seasonality. |
No information available | |
Interactive Visualizations Users can manipulate charts and visuals to slice and dice data. |
No information available | |
Data Retention Controls Configure how long historical reports and data are kept. |
No information available |
API Access Secure REST or SOAP APIs for data ingestion and extraction. |
API access is standard in Archer for REST and SOAP endpoints for integration. | |
ERP/Core Banking System Integration Seamless transfer of data to/from main banking operational platforms. |
ERP and core banking system integration possible via Archer’s APIs and connectors. | |
Single Sign-On (SSO) Support Allows consistent logins across platforms with centralized security. |
Supports SSO for integration across multiple platforms (SAML, Azure AD, etc). | |
Data Import/Export Scheduler Automate periodic data imports and exports. |
Data import/export scheduling can be configured via Archer’s tools or via third-party orchestrators. | |
Third-party Risk Data Integration Incorporate risk data feeds from external vendors. |
Third-party risk data integration is supported through external feeds and API integration. | |
External Audit Tool Compatibility Direct interface for external auditors to pull necessary reports. |
No information available | |
Webhooks for Notifications Push system alerts and events to other applications instantly. |
No information available | |
Identity Provider Integration Works with enterprise identity and access management systems. |
No information available | |
Custom ETL Tools Extract, transform, and load tools specifically for operational risk use-cases. |
No information available | |
Data Enrichment from External Sources Augment risk data automatically with additional context from external systems. |
No information available |
Regulatory Update Alerts Notifies users of relevant changes in the regulatory landscape. |
Regulatory update alerts are available and can be customized in Archer for compliance teams. | |
Compliance Checklist Tools In-built checklist templates for key compliance requirements. |
Compliance checklist templates are provided to aid in regulatory compliance and audits. | |
Audit Readiness Score Generates a score or readiness level for upcoming audits. |
Audit readiness scoring for compliance is supported via custom Archer configurations. | |
Automated Regulatory Filings Prepare and file required regulatory documentation automatically. |
No information available | |
GDPR/Privacy Controls Specific features to support data privacy laws (data restriction, deletion). |
Explicit support for GDPR/privacy controls, including data masking and deletion upon request, is available. | |
Built-in Basel III/IV Templates Standardized templates for operational risk under Basel rules. |
Basel III/IV templates are included to support bank regulatory requirements. | |
SOX Control Mapping Map system controls and features to Sarbanes-Oxley sections. |
SOX control mapping functionality provided to link controls to compliance requirements. | |
Regulatory Workflow Automation Automate compliance-related workflows (e.g., attestation). |
No information available | |
E-Signature for Compliance Support digital signatures on compliance suites. |
No information available | |
Audit Trail for Compliance Activities Record all compliance-related actions for audit purposes. |
No information available |
Real-time System Notifications Instant, in-system notifications for key risk events. |
No information available | |
Email & SMS Alerts Critical risk events can generate email/SMS alerts based on severity. |
No information available | |
Custom Escalation Matrix Configurable rules for whom to notify and escalate at each risk threshold. |
No information available | |
Executive Dashboard Alerts High-severity risks appear prominently on executive dashboards. |
No information available | |
Mobile Push Notifications Send alerts to mobile devices of key personnel. |
No information available | |
Prioritized Alerting Alert urgency and delivery methods adjust by risk classification. |
No information available | |
Customizable Alert Templates Define alert content and appearance for various risk types. |
No information available | |
Escalation Tracking Log Historical logs indicate all escalations made and handled. |
No information available | |
Integration with Incident Management Seamless transition from alert to incident management workflow. |
No information available | |
Redundancy Controls for Alerts Backup methods to ensure critical alerts are never missed. |
No information available |
Full Data Encryption Data is encrypted at rest and in transit. |
RSA Archer encrypts data at rest and in transit using industry-standard protocols. | |
Disaster Recovery Planning Disaster recovery processes are defined, tested, and supported. |
Disaster recovery/business continuity plans documented, referenced in Archer platform marketing and whitepapers. | |
High Availability Architecture System design allows for minimal downtime and quick recovery. |
High availability architecture supported—documented in RSA Archer product technical specs. | |
Vulnerability Scanning Automatic scanning for security vulnerabilities. |
No information available | |
Penetration Testing Support Platform allows for or supports regular pen testing. |
No information available | |
Cybersecurity Incident Monitoring Real-time alerts and logs for suspicious activity. |
No information available | |
Redundancy & Failover Mechanisms Systems in place to handle hardware or network failure automatically. |
No information available | |
Service Level Uptime Percentage of time the system is guaranteed to be available. |
No information available | |
Average Recovery Time Objective (RTO) The typical time needed to restore system functionality after a disruption. |
No information available | |
Access Logging & Monitoring All access and actions are logged and monitored for anomalies. |
Access logging and monitoring for anomalies is core to Archer's security practices. |
Role-based Access Control Ability to assign granular permissions to specific user roles (e.g., analyst, manager, auditor). |
No information available | |
Single Sign-On (SSO) Supports single sign-on with popular identity providers. |
Risk register (central repository for all identified risks) is a primary Archer module. | |
Multi-factor Authentication Optional requirement for multi-factor user authentication. |
No information available | |
Audit Logging Comprehensive logs of all user actions and system changes. |
No information available | |
IP Whitelisting/Blacklisting Restriction or permission of access from specific IP addresses. |
No information available | |
User Session Timeout Automatic logoff after a set period of inactivity. |
No information available | |
Password Policy Enforcement Customizable password strength and rotation policies. |
No information available | |
Number of User Profiles Maximum supported user accounts concurrently active. |
No information available | |
Change Management Workflow Structured workflow for reviewing and approving permission changes. |
No information available | |
Data Encryption at Rest All data is encrypted while stored. |
No information available | |
Data Encryption in Transit All transmitted data is encrypted. |
No information available | |
Security Certification Holds industry security certifications (e.g., ISO 27001, SOC 2). |
No information available |
Risk Register Centralized repository for all identified risks. |
No information available | |
Risk Taxonomy Customization Configurable categories/types of operational risk. |
Supports risk taxonomy customization, allowing creation of risk categories relevant to the organization. | |
Bulk Risk Import Ability to import risk data from external sources (e.g., CSV, Excel). |
Bulk risk import (CSV, Excel, etc.) supported as part of data import tools. | |
Risk Scoring Model Built-in quantitative and qualitative risk scoring/calculation. |
Risk scoring model (quantitative and qualitative) configuration is a built-in feature. | |
Number of Risk Attributes Maximum customizable fields for risk attributes. |
No information available | |
Scenario Analysis Capability Supports what-if and scenario analysis for risk events. |
Scenario analysis (what-if analysis for risk events) is frequently referenced in Archer solution documentation. | |
Risk Mapping Visual mapping of risks to processes, departments, products, etc. |
No information available | |
Automated Risk Alerts System alerts for newly logged or updated risks based on defined criteria. |
No information available | |
Risk Assessment Frequency Frequency with which risks can be periodically re-assessed. |
No information available | |
Inherent & Residual Risk Calculation Ability to calculate and compare inherent and residual risk levels. |
No information available | |
Historical Risk Database Archive of resolved, closed, or past risks for analytics. |
No information available |
Incident Capture Interface Intuitive interface for employees to report risk events or incidents. |
Incident capture interfaces (for risk events/losses) are built into the incident management workflow. | |
Incident Categorization Customizable categories and subcategories for classifying incidents. |
Incident categorization (customizable) is supported at configuration and workflow level. | |
Loss Data Collection Capability to record actual and potential financial losses and recoveries. |
No information available | |
Root Cause Analysis Toolkit Tools to facilitate deep-dive analysis of incident causes. |
No information available | |
Incident Workflow Automation Configurable workflows for investigation, review, and closure. |
No information available | |
Drag-and-Drop Attachments Support for adding documents, images, or other files to incidents. |
No information available | |
Incident Notification Rules Customizable automated notifications to stakeholders. |
No information available | |
Time to Resolution Tracking Measured time from incident capture to closure. |
No information available | |
Incident Severity Scoring Automated or manual assignment of incident severity levels. |
No information available | |
Regulatory Reporting Interface Direct output or uploads for regulatory bodies (e.g., Basel loss database). |
No information available | |
Data Quality Checks Automated validation rules for ensuring incident data completeness. |
No information available |
Control Library Centralized registry of controls with descriptions and owners. |
No information available | |
Control-Process Mapping Mapping controls to specific business processes or risks. |
No information available | |
Control Effectiveness Assessment Built-in tools for periodic control testing and review. |
No information available | |
Automated Control Testing Integration or toolset for automated control validation (e.g., data-driven checks). |
No information available | |
Control Owner Assignment Designation of responsible individuals or teams for each control. |
No information available | |
Test Scheduling & Reminders Automated scheduling and reminders for future control tests. |
No information available | |
Number of Controls Maximum controls supported in the library. |
No information available | |
Deficiency Tracking Workflow to log, manage, and resolve failed control tests. |
No information available | |
Control Design Assessment Evaluation of control design versus implementation effectiveness. |
No information available | |
Control Change Management Audit trail and workflow for changes to control definitions. |
No information available |
Action Plan Registration Creation of distinct, trackable action plans tied to risks or findings. |
No information available | |
Remediation Workflow Structured process for documenting, assigning, reviewing, and completing remediation tasks. |
No information available | |
Task Assignment Assignable remediation actions to users, with due dates and statuses. |
No information available | |
Automated Task Tracking Automatic monitoring and status updates of task completion. |
No information available | |
Overdue Action Alerts System notifications for overdue remediation actions. |
No information available | |
Progress Dashboard Visual dashboard for quick status and progress overview. |
No information available | |
Number of Concurrent Action Plans Maximum active remediation plans supported. |
No information available | |
Integration with Email Automated email notifications and reminders tied to action items. |
No information available | |
Automatic Escalation Rules Escalation to higher management based on custom criteria. |
No information available |
Pre-built Regulatory Reports Templates and workflows for common risk management regulatory reports (e.g., Basel II/III, SOX). |
No information available | |
Custom Report Builder Drag-and-drop or code-based custom report creation. |
No information available | |
Ad Hoc Query Capability Support for user-defined, on-the-fly data queries. |
No information available | |
Interactive Dashboards Customizable, real-time dashboards with graphical visualizations. |
No information available | |
Scheduled Report Delivery Automated generation and delivery of reports per predefined schedules. |
No information available | |
Drill-down Analytics Ability to drill down from summary views to detailed records. |
No information available | |
Number of Concurrent Report Users Maximum users who can simultaneously generate reports. |
No information available | |
Export Formats Supported formats for exports (e.g., PDF, Excel, XML, CSV). |
No information available | |
KRI/KPI Dashboards Key Risk and Key Performance Indicator dashboards. |
No information available | |
Automated Risk Metric Calculation Built-in formulas and scripts for common operational risk metrics. |
No information available | |
Predictive Analytics Advanced analytics for risk scoring and scenario forecasting. |
No information available |
Custom Workflow Designer Graphical or code-based tool to create and update workflows. |
No information available | |
Event-driven Automation Triggers based on events (e.g., risk submission, incident closure) for automation. |
No information available | |
Integration APIs APIs for integration with HR, compliance, core banking, and third-party tools. |
No information available | |
Automated Notifications Email, SMS, or in-app notifications based on user-defined criteria. |
No information available | |
Escalation Rules Escalation paths and levels for unresolved issues. |
No information available | |
Approval Hierarchies Multi-level, role-based approval flows for key actions. |
No information available | |
Integration with Ticketing Tools Ability to send/receive tasks to systems like JIRA/ServiceNow. |
No information available | |
Re-assignment Capabilities Easily reassign tasks or issues based on workload. |
No information available | |
Number of Automated Workflows Maximum distinct automation workflows configured. |
No information available |
Pre-configured Compliance Templates Standard templates for common regulatory directives (e.g., Basel, SOX, GDPR, DORA). |
No information available | |
Audit Trail Maintenance Immutable, timestamped logs of all compliance-related actions. |
No information available | |
Compliance Calendar Scheduling and reminders for key compliance activities. |
No information available | |
Document Repository Centralized compliance document storage with version control. |
No information available | |
Automated Policy Distribution Distribution and acknowledgment workflows for updated policies. |
No information available | |
Evidence Collection Tools Facilitates efficient attachment/upload of compliance evidence. |
No information available | |
Compliance Status Dashboard Visual overview of current compliance status. |
No information available | |
Remediation Tracking Track issues identified during regulatory reviews and audits. |
No information available |
API Access (REST/SOAP) Secure, documented APIs for data exchange. |
No information available | |
Data Import/Export Tools Bulk import/export tools for connecting with legacy systems. |
No information available | |
Real-time Data Sync Support for on-the-fly synchronization with core banking or data warehouses. |
No information available | |
Pre-built Integrations Out-of-the-box connectors to common banking, HR, or GRC systems. |
No information available | |
Custom Field Mapping Flexible mapping for custom data fields in integrations. |
No information available | |
Flat File Uploads Support for uploading flat files in structured formats (e.g., CSV, XML). |
No information available | |
On-premises/Cloud Data Sync Works with both cloud and on-premises systems for data exchange. |
No information available | |
Integration Throughput Number of integration transactions per second supported. |
No information available |
Configurable Data Fields Ability to add custom fields with validation rules. |
No information available | |
Customizable Forms & Templates Drag and drop or code-based form/template modifications. |
No information available | |
White-label Branding Ability to brand the UI with bank logos, colors, and style. |
No information available | |
Localization Support Support for multiple languages, currencies, and regional settings. |
No information available | |
Configurable Workflows Define bespoke workflows per risk type or business unit. |
No information available | |
Custom Risk Metrics Create new risk indicators, metrics, and formulas. |
No information available | |
Number of Supported Languages Maximum number of user interface languages supported. |
No information available | |
Conditional Logic in Forms Enable or disable fields based on user input. |
No information available | |
User-defined Dashboards Users can create personalized dashboard layouts. |
No information available |
Concurrent User Capacity Number of users who can actively use the system at once. |
No information available | |
Incident Response SLA Maximum guaranteed time for support incident response. |
No information available | |
Disaster Recovery (DR) Capability Automated data backup and disaster recovery procedures. |
No information available | |
System Uptime Commitment Guaranteed percentage of uptime (availability) per year. |
No information available | |
Mobile-responsive UI System accessibility from smartphones and tablets. |
No information available | |
Dedicated Customer Support Team Direct access to support engineers familiar with operational risk and banking. |
No information available | |
Release Management Structured process for regular software updates and hotfixes. |
No information available | |
Training Material Availability Availability of online or in-person user training resources. |
No information available | |
Performance Monitoring Tools Built-in dashboards for tracking system health, latency, and capacity. |
No information available | |
Data Retention Policy Support Configurable support for long-term data retention based on bank requirements. |
No information available |
This data was generated by an AI system. Please check
with the supplier. More here
While you are talking to them, please let them know that they need to update their entry.