RSA Archer
RSA Archer
RSA Archer centralizes risk and compliance data to support organizational decision-making. It enables integration of risk management processes with business operations through configurable workflows and reporting.
RSA Archer centralizes risk and compliance data to support organizational decision-making. It enables integration of risk management processes with business operations through configurable workflows and reporting.
Cost considerations
Functionality
Compatibility
User experience
Customer support
Why these ratings?
Cyberse perspective
Solution details
Target industry
Deployment
Market segment
Cloud ecosystem partners
Pricing
Key features
Services support
We use the following criteria to evaluate this product:
Cost considerations
RSA Archer often begins around $55 000 per year and then adds a maintenance fee based on the license cost. Buyers face extra charges for hosting and for each new compliance module, so total spend grows quickly. These layered fees make it hard to prove long-term savings compared with mid-priced GRC suites.
Cost considerations
RSA Archer often begins around $55 000 per year and then adds a maintenance fee based on the license cost. Buyers face extra charges for hosting and for each new compliance module, so total spend grows quickly. These layered fees make it hard to prove long-term savings compared with mid-priced GRC suites.
Functionality
RSA Archer centralizes risk registers, policy content, and control libraries while mapping one control to multiple regulations and displaying live risk scores. Control testing and evidence still depend on manual uploads or custom API work, so the workflow is only semi-automated. This keeps functionality strong but short of the fully automated end-to-end coverage seen in top-tier GRC suites.
Functionality
RSA Archer centralizes risk registers, policy content, and control libraries while mapping one control to multiple regulations and displaying live risk scores. Control testing and evidence still depend on manual uploads or custom API work, so the workflow is only semi-automated. This keeps functionality strong but short of the fully automated end-to-end coverage seen in top-tier GRC suites.
Compatibility
Archer offers packaged connectors for ServiceNow so asset and ticket data flow without heavy coding. Built-in feeds pull findings from AWS Security Hub and other cloud services. A full REST API supports further integrations, but ERP links usually require extra setup, so compatibility is strong but not universal.
Compatibility
Archer offers packaged connectors for ServiceNow so asset and ticket data flow without heavy coding. Built-in feeds pull findings from AWS Security Hub and other cloud services. A full REST API supports further integrations, but ERP links usually require extra setup, so compatibility is strong but not universal.
User experience
RSA Archer’s interface is widely described as dated, cluttered, and slow, making routine navigation difficult. Most organizations invest considerable training and consultant time before users are comfortable. Reviews often contrast Archer unfavorably with newer GRC tools that offer cleaner dashboards and clearer in-app guidance
User experience
RSA Archer’s interface is widely described as dated, cluttered, and slow, making routine navigation difficult. Most organizations invest considerable training and consultant time before users are comfortable. Reviews often contrast Archer unfavorably with newer GRC tools that offer cleaner dashboards and clearer in-app guidance
Customer support
RSA Archer offers 24×7 global technical assistance and premium tiers promising sub-hour responses for critical issues. The customer portal and community provide self-service resources, and organizations can add a designated support engineer for deeper help. Public materials do not highlight proactive regulatory bulletins or a dedicated success manager with scheduled roadmap reviews, so support rates just below the top tier.
Customer support
RSA Archer offers 24×7 global technical assistance and premium tiers promising sub-hour responses for critical issues. The customer portal and community provide self-service resources, and organizations can add a designated support engineer for deeper help. Public materials do not highlight proactive regulatory bulletins or a dedicated success manager with scheduled roadmap reviews, so support rates just below the top tier.