Recent Work:
See overviews from a sample of our client engagements below. Use the toggle buttons to expand or collapse an overview:
Revive RSA Archer implementation at Automotive Services organization and supplement Admin Team
Client challenge: Automotive Services organization had teamed with an inexperienced professional services partner to deploy the RSA Archer Policy, Risk, Compliance, and Audit modules in v5.x. The implementation did not take off; less than 5 users were active in Archer each day.
Project description: Seebright was hired to revive the implementation by addressing “quick win” use cases. Since initial engagement, Seebright has been retained to co-source the Archer Administration team.
Result: Today, 10 GRC processes are conducted in Archer and there are 200 active users (30 concurrently on average) including personnel across 95 branches. With Seebright on retainer to help, client may focus on other matters as Archer administration duties are in good hands.
Security Control Assessment solution in RSA Archer for Global Financial Services Company
Client challenge: Global Financial Services company was seeking an RSA Archer solution for assessing information security controls for applications, devices, technologies, business processes, and facilities. Solution should minimize disruption on First Line of Defense contacts asked to complete assessments. Result scoring must automatically update across business hierarchy, policy hierarchy, and authoritative source references.
Project description: Seebright worked with client to design solution that takes advantage of Archer in-line edit capability and questionnaire campaign feature to meet key objectives. Seebright configured solution, planned and executed testing and pilot exercises, and delivered solution user guides with screenshots.
Result: Solution enables self-assessments or more detailed control tests in Archer. Self-assessments launch automatically based on desired frequency. Contacts from First Line may complete assessments of multiple controls on one-screen with minimal clicks. Assessment results automatically update references up the business, policy, and authoritative source hierarchies via calculated fields.
Operational Risk Assessment solution in RSA Archer for Global Investment Management Firm
Client challenge: Global Investment Management Firm was aiming to implement a simple, low-click solution to enable disparate Business Units to identify relevant operational risks and controls, assign inherent likelihood and impact ratings, estimate control strength, and have residual risk calculated for the risk then rolled up the business and risk hierarchies.
Project description: Teamed with client to design and implement an Archer solution that utilizes the in-line edit capability to enable First Line of Defense contacts to assign risk likelihood and impact ratings, control strength ratings, and complete an attestation by updating just 5 fields across 3 reports (simple!). Contacts have easy access to the reports via quick links on their dashboard. Ratings from the previous assessment are retained so if nothing has changed, the contact may just attest that the previous ratings remain valid.
Result: Client is confident that First Line contacts with limited risk management background and limited time will use solution successfully. A series of calculated fields automatically update Business Unit and Division ratings based on the individual risk and control ratings entered by First Line contacts.