at Financial Technnology Year
Please contact them if you have any questions.
RSA Archer Insurance Solution from RSA Archer
GRC platform with specialized insurance modules for operational risk, regulatory compliance, third-party risk, and IT/cyber risk management. Features include risk assessments, loss event management, issue remediation tracking, and regulatory reporting for NAIC, Solvency II, and ORSA.
Product analysis by function
Enterprise Risk Management Platforms for Risk Management
Comprehensive solutions that provide a holistic view of organizational risks, enabling identification, assessment, mitigation, and reporting of risks across the enterprise.
More Enterprise Risk Management Platforms
More Risk Management ...
Risk Identification & Assessment
(10 Yes /10 Known /12 Possible features)
|
Automated Risk Detection System automatically scans data to detect emerging risks. |
RSA Archer automates risk identification and assessment as part of its operational risk module. | |
|
Manual Risk Entry Users can manually input and categorize specific risks. |
Manual entry and tracking for loss events and risk issues are core system features. | |
|
Risk Taxonomy Customization Allows customization of taxonomy and categories to suit business needs. |
Taxonomy, risk types, and categorization are customizable in Archer's configuration settings. | |
|
Third-Party Data Integration Integration with external databases or feeds for new risk insight. |
Platform supports integration with third-party data via API and connectors including vendor/3rd party risk feeds. | |
|
Risk Prioritization Engine Automatically ranks risks according to defined criteria. |
Risk prioritization/ranking engines are part of Archer's risk methodology for scoring and assessments. | |
|
Scenario Analysis Ability to simulate and assess impact of potential events. |
Scenario analysis is included for 'what-if' operational risk and insurance risk simulation in Archer modules. | |
|
Inherent and Residual Risk Scoring Assesses risks before and after mitigation measures. |
Inherent and residual risk assessment is standard in Archer's risk framework. | |
|
Real-Time Risk Updates Delivers up-to-the-minute changes in risk profiles. |
Real-time dashboards provide current risk updates and status. | |
|
Qualitative & Quantitative Assessment Supports both narrative assessment and numerical scoring. |
Supports both qualitative narratives and quantitative scoring in risk assessments. | |
|
Risk Appetite Alignment Links risk scoring and recommendations to organizational risk appetite statements. |
Risk appetite linkage included for mapping risks to appetite/tolerance statements. | |
|
Number of Supported Risk Types How many distinct risk types the system can handle. |
No information available | |
|
Time to Identify New Risk System’s average time to identify a new risk from data ingestion. |
No information available |
Risk Mitigation & Control Management
(9 Yes /9 Known /10 Possible features)
|
Control Library Central repository for mitigation controls and actions. |
Control library is a native capability for managing mitigation actions and controls. | |
|
Mitigation Assignment Assign responsibility for specific mitigation actions. |
Mitigation assignment to teams or individuals is supported in remediation workflows. | |
|
Mitigation Effectiveness Tracking Monitor and assess the effectiveness of controls. |
Effectiveness tracking of controls is a standard part of Archer reporting and metrics. | |
|
Action Management & Workflow Automates workflows for follow-up and completion of tasks. |
Action and workflow management with task automation is a core GRC feature. | |
|
Automated Control Testing Schedules and conducts control tests on defined intervals. |
Automated control testing (scheduling/testing of internal controls) supported. | |
|
Remediation Plan Management Support for managing, tracking, and reporting on remediation plans. |
Remediation plan management is covered under issue remediation tracking. | |
|
Control Owner Assignment Assigns named individuals or teams to each control. |
Control owner assignment is configurable for all risk/control actions. | |
|
Policy & Procedure Linkage Links mitigation controls to relevant internal policies. |
Policy & procedure linkage is available for policies, standards, and controls. | |
|
Control Frequency Setting Supports scheduling of control activities and tests. |
Control frequency/scheduling supported through Archer's workflow automation. | |
|
Mitigation Completion Time Average required time for closure of mitigation actions. |
No information available |
Risk Reporting & Analytics
(7 Yes /7 Known /9 Possible features)
|
Customizable Dashboards Users can design personalized dashboards and widgets. |
Custom dashboards and widgets designable by users. | |
|
Regulatory Reporting Templates Standard templates for regulatory bodies (e.g., Solvency II, NAIC, IFRS 17). |
Regulatory reporting templates included for NAIC, Solvency II, ORSA and others. | |
|
Data Visualization Tools Interactive charts, graphs, and heatmaps for risk data. |
Interactive charts, graphs, and heatmaps available in risk reporting. | |
|
Scheduled Automated Reports Create and distribute periodic risk reports automatically. |
Scheduled, automated risk report distribution is a core reporting feature. | |
|
Report Export Formats Number of supported formats: PDF, Excel, CSV, etc. |
No information available | |
|
Drill-Down Analysis Click through from summary to detail in analytics dashboards. |
Supports drill-down analytics in dashboards for detail review. | |
|
Peer Benchmarking Compare risk exposure/performance against industry peers. |
Peer benchmarking is available for risk/performance against industry standards (especially in insurance). | |
|
Risk Heatmaps Visual mapping of risk severity, frequency, and exposure. |
Heatmaps used to highlight severity and exposure in risk assessments. | |
|
Real-Time Data Refresh How frequently dashboard data updates. |
No information available |
Integration Capabilities
(7 Yes /7 Known /8 Possible features)
|
API Support Open APIs for integration with other enterprise systems. |
Open RESTful API is documented for Archer for integration with other systems. | |
|
Data Import/Export Ability to import and export data from/to multiple formats or systems. |
Data import/export in multiple formats is supported (Excel, CSV, XML, etc). | |
|
Core Insurance Platform Integration Direct connectors with policy admin, claims, underwriting, and actuarial systems. |
Direct integration with insurance systems (claims, policy admin) supported via pre-built connectors. | |
|
Data Lake Compatibility Ability to integrate with enterprise data lakes and warehouses. |
Data lake/warehouse compatibility is referenced as an enterprise data integration option. | |
|
Single Sign-On (SSO) Integration with enterprise authentication systems. |
SSO/enterprise authentication is standard for Archer deployments. | |
|
Third-Party Risk Data Integration Supports ingestion of external risk analytics or threat intelligence. |
Third-party and threat intelligence feeds are supported for insurance/IT risk. | |
|
Webhooks Trigger external events based on platform actions. |
Supports webhooks and integrations to trigger external actions. | |
|
Number of Supported Connectors Quantity of pre-built integrations with third-party products. |
No information available |
Governance, Risk, and Compliance (GRC) Features
(8 Yes /8 Known /8 Possible features)
|
Regulatory Framework Mapping Map risks/controls to standards (Solvency II, SOX, GDPR, etc.). |
Framework mapping to regulatory standards such as NAIC, Solvency II, SOX, GDPR, and more. | |
|
Issue & Incident Management Track, escalate, and resolve compliance and risk issues. |
Issue & incident management modules included for compliance and risk events. | |
|
Attestation Management Collect and store formal sign-offs on compliance activities. |
Attestation collection and audit sign-offs supported in policy and GRC modules. | |
|
Policy Management Integration Link controls to digital policy management system. |
Integration with digital policy management systems is provided in compliance modules. | |
|
Automated Regulatory Updates Receive and integrate updates to changing regulations. |
Automated updates for changing regulations (GRC regulatory content integration). | |
|
Compliance Calendar Central calendar for all compliance-related tasks and deadlines. |
Compliance calendar for tasks and deadlines is present in the compliance module. | |
|
Audit Trail Immutable logs of all risk/compliance changes and actions. |
Full audit trail of all risk/compliance changes available natively. | |
|
Compliance Dashboard Real-time visualizations of compliance status across risk categories. |
Interactive compliance dashboard is included in Archer's GRC modules. |
User Management & Access Control
(6 Yes /6 Known /8 Possible features)
|
Role-based Access Control (RBAC) Granular permissions based on user roles. |
Role-based access control configuration is native. | |
|
Multi-Factor Authentication (MFA) Adds an extra layer of user authentication. |
Multi-factor authentication can be enabled (documented support for enterprise MFA providers). | |
|
User Provisioning & De-provisioning Automated on-boarding and deactivation of user accounts. |
Automated provisioning and de-provisioning of users is available through IAM/SAML integration. | |
|
Delegated Administration Assigns admin rights for specific modules or data sets. |
Delegated admin for modules and data domains supported in system configuration. | |
|
Audit Logging Tracks and logs all user access and data changes. |
System audit logging is present for all user and data changes. | |
|
User Profile Customization Ability for users to customize their workspace and alerts. |
User workspace and alert customization is part of personalized dashboard setup. | |
|
Number of User Roles Supported How many distinct user roles can be configured. |
No information available | |
|
Concurrent User Limit Maximum number of users able to log in simultaneously. |
No information available |
Scalability & Performance
(3 Yes /3 Known /7 Possible features)
|
Horizontal Scalability Architecture can add servers/nodes to handle increased loads. |
Cloud/on-prem architecture supports horizontal scale for large enterprises. | |
|
Transaction Processing Speed Time to process a standard risk event or transaction. |
No information available | |
|
Maximum Supported Records Largest volume of risk/control records the system supports. |
No information available | |
|
Data Ingestion Rate Volume of risk or event data ingested per unit time. |
No information available | |
|
Concurrent User Performance Number of concurrent users without notable slow-down. |
No information available | |
|
High Availability (HA) Support System includes redundancy and failover for uptime targets. |
High-availability deployment options (failover/redundancy) available per RSA/Archer architecture docs. | |
|
Disaster Recovery Options Automated tools for backup and business continuity. |
Disaster recovery/business continuity options included in deployment best practices. |
Configurability & Customization
(8 Yes /8 Known /8 Possible features)
|
Custom Workflow Builder Graphical tools to design and modify business workflows. |
Workflow builder (for custom business workflow automation) is available in Archer. | |
|
Field/Screen Customization Add, remove, or edit data fields and screen layouts. |
Allows field/screen configuration and UI customization. | |
|
Rule Engine Create business logic to automate processes under specified conditions. |
Supports rules engines for process automation and business logic. | |
|
Custom Risk Scoring Formulae Design and implement unique risk scoring models. |
Custom risk scoring models/formulae supported via configurations. | |
|
Localization (Language/Region Support) Support for multiple languages, currencies, and date formats. |
Localization is provided for multi-region/language and currency scenarios. | |
|
Branding Support Ability to add company logos, brand colors, and white labeling. |
Branding and white labeling allowed for logos and UI colors. | |
|
Custom Alert Rules Tailor when and how system sends notifications or escalations. |
Custom alerting rules configurable for notification and escalation. | |
|
API Extension Points Ability to extend data model and business process through APIs. |
API extension points for process/data model advancement are available. |
Auditability & Traceability
(6 Yes /6 Known /6 Possible features)
|
Comprehensive Audit Trail Complete logging of all changes to risk records and configurations. |
Comprehensive audit trail for all risk record and configuration changes is maintained. | |
|
Version Control Ability to roll back to previous states of data, methodologies, or configurations. |
Version control is available for records/methods within modules. | |
|
User Activity Monitoring Monitor and review individual user actions for compliance. |
User activity monitoring through audit trails and reporting. | |
|
Change Approval Workflow Enforces approval of critical changes before implementation. |
Change approval workflows can be enabled for critical updates. | |
|
Integrated Document Management Store, version, and audit supporting documents within the platform. |
Integrated document management with version/audit controls is native. | |
|
Time-stamped Logs Logs include accurate date/time stamps for forensic analysis. |
All logs are time-stamped for forensic review. |
Security & Data Protection
(8 Yes /8 Known /8 Possible features)
|
Data Encryption at Rest and in Transit Sensitive data is always encrypted both during storage and transmission. |
Data encryption at rest and in transit is standard (per industry practices for GRC platforms). | |
|
Granular Access Permissions Fine-grained control over specific data, modules, and features. |
Granular access permissions are configurable for modules/data/records. | |
|
Data Masking Masking of sensitive fields in UIs, reports, and exports. |
Data masking can be configured for select fields and reports. | |
|
Anomaly Detection Automated detection of suspicious access or usage patterns. |
Anomaly detection is available for suspicious logins or risk activity (via system monitoring). | |
|
Penetration Testing Certification Third-party validation of platform security posture. |
Penetration testing/certification for security is performed annually (SOC2/ISO27001 certifications). | |
|
Security Incident Alerts Real-time notification of detected security events. |
Security incident alerts can be configured to inform admins of critical GRC risks or breaches. | |
|
Data Retention Policies Ability to configure and enforce retention periods for sensitive data. |
Data retention policy management available for compliance purposes. | |
|
Audit Compliance (e.g., SOC2, ISO 27001) Certified compliance with recognized security standards. |
SOC2 and ISO 27001 compliance certification is indicated for Archer platform. |
Collaboration & Communication
(7 Yes /7 Known /8 Possible features)
|
Team Task Assignment Assign specific tasks to teams or individuals in platform. |
Team or user task assignment is embedded in workflow/task management modules. | |
|
Internal Messaging Communicate, comment, and share insights within the platform. |
Internal messaging, commenting, and in-record communication supported. | |
|
Document Collaboration Co-author, review, and track document changes. |
Document collaboration including review/approvals is available. | |
|
Notifications & Alerts Send out time- or event-based notifications to stakeholders. |
Notifications and alerting are configurable for any event or workflow trigger. | |
|
Feedback & Survey Tools Embedded features for soliciting and aggregating user input. |
Feedback gathering and survey tools are available, often used for risk culture pulse checks. | |
|
Meeting Scheduling Integration Tools to coordinate risk meetings or reviews. |
Calendar integration features support risk review/meeting organization. | |
|
Number of Supported Collaboration Users How many users can simultaneously work together on a risk or task. |
No information available | |
|
Integrated File Sharing Directly share reports, evidence, and documents with stakeholders. |
Integrated file/document sharing supported across modules and with stakeholders. |
This data was generated by an AI system. Please check
with the supplier. More here
While you are talking to them, please let them know that they need to update their entry.