In a previous blog I reviewed the real world pay back for being a risk leader.  Let’s say your company gets it, they know that good risk management increases the likelihood that objectives will be fulfilled and profits improved, and now you’ve been given the assignment to start the risk management program and make your organization a risk leader.  Where do you start, how far do you take the program, and how do you get from start to finish? 

Today, most organizations operate based on a complex interrelationship of business processes, technology, telecommunication, supply chains, and outsourced activities.  Putting the puzzle pieces together may not be easy in your organization.  No one talks about risk the same way.  Capturing the pieces and analyzing and understanding them is challenging, and it is difficult to convey them to the boss in a consistent manner with the limited resources you have available, within the deadlines you have been given.

Since our inception we have worked with thousands of companies to help them build a risk and compliance program tailored to their most pressing needs.  We have learned that most organizations just starting out tackle the same problems and follow the same general path.  We have consolidated these pieces into the RSA Archer Ignition Program.

The RSA Archer Ignition Program is a fast track, economical, approach to launch the foundational elements of a business risk management strategy to help organizations get up and running as quickly and easily as possible.  The ignition program includes:

• The ability to catalog and monitor Risk, to establish a strategic method to understand risks across the enterprise;
• The ability to identify and track Third Parties used by your business to understand the emerging ecosystem that affects risk;
• A process to manage Issues that arise from audits, risk assessments, and internal compliance activities;
• A Business Impact Analysis framework to quickly catalog and prioritize assets and business processes to build the context to connect risk and prioritize technical and organizational risk treatment measures;
• Fixed-price deployment and quick launch professional services to let you quickly stand up your environment; and
• Insights and best practices from RSA University.

In my prior post, I discussed the Risk Catalog component of the RSA Archer Ignition Program.  With organizations outsourcing so much of their business activities these days, it is also a critical, foundational component, to understand and manage these outsourced relationships.  As part of the RSA Archer Ignition Program, the RSA Archer Third Party Catalog allows you to document all third party relationships, engagements, and associated contracts, as well as the business units and named individuals in the organization that are responsible for each third party relationship. With RSA Archer, you can understand the significance of your outsourced relationships. You can report on all third party information, including profiles, engagements, third party business hierarchy, internal contacts, facilities, third party contacts, and more within a single repository.

Key Features of the RSA Archer Third Party Catalog allow you to:

• Catalog organizational elements of your business for third party reporting
• Catalog suppliers, partners, service providers and other third parties
• Capture important details related to third parties, including contracts
• Map internal business units to third parties
• Manage contacts with third parties
• Efficiently manage your third party relationships
• Establish accountability for each third party relationship
• Track exceptions related to third party relationships

With the RSA Archer Third Party Catalog, you can:

• Obtain Awareness of all third party relationships throughout the organization
• Reduce time spent identifying third party relationships and contracts
• Build awareness of manager’s Accountability for individual supplier relationships and quickly identify relationship owners
• Track contract terms, including notification of key contract events such as contract obligations and renewal and expiration dates

The RSA Archer Ignition Program empowers organizations of all sizes to complete the puzzle, to respond to risk with data-driven facts using a streamlined, fast time-to-value approach.