RSA Archer eGRC Platform Provides Customers 572% Risk-Adjusted ROI, According to Leading Analyst Firm
June 2012 by RSA
Customers Credit RSA Archer Platform for Lower Risk Exposure, Process Automation, Increased Productivity and Consolidation of Unnecessary Management Software and Systems
· An April 2012 study by Forrester Consulting finds that current RSA® Archer™ customers achieved a risk-adjusted Return-on-Investment (ROI) of 572% based on quantified key benefits.
· Customer participants in the study identified numerous benefits through their RSA Archer platform implementations including lower risk exposure, process automation, increased productivity and consolidation of unnecessary management software and systems.
· The findings were announced at the 2012 RSA Archer GRC Summit, a gathering of 600 GRC professionals in Chicago.
RSA, The Security Division of EMC (NYSE: EMC) today announced the results of a recent report from Forrester Consulting outlining the total economic impact (TEI) and potential return on investment (ROI) that enterprises may realize by deploying the RSA Archer Platform for enterprise Governance Risk and Compliance (eGRC). The findings were announced at the 2012 RSA Archer GRC Summit in Chicago, and detail the results of an April 2012 survey of current RSA Archer customers who provided insights and opinions on how their organizations achieved a composite organization 3-year risk-adjusted ROI of 572% based on quantified key benefits.
Through interviews with RSA Archer customers, Forrester analysts identified key benefits of investing in the Archer Platform including:
· The ability to reassign a firm’s information risk management staff to conduct analysis instead of task-based work
· More effective IT security expenditures with better understanding and allocation of needed protection
· Increased productivity (reducing their compliance process burden) for non-risk management staff engaged in some GRC activities
· Lower risk exposure and incident occurrence
· Retiring obsolete third-party software
“It’s satisfying to hear customers attesting to the kind of positive transformation and ROI experienced through their implementation of the RSA Archer eGRC platform,” said Amit Yoran, Senior Vice President and General Manager, Security Management and Compliance at RSA. “In addition to the investments we’ve made to improve the usability and functionality of the Archer platform, it’s the Archer customer community – their collective ideas, feedback and our continuous communication with them that makes this success possible.”
The interviews conducted for this study involved representatives from global companies in the energy, financial services, electronics manufacturing and entertainment sectors. These interviews uncovered a number of valuable insights, including:
· “The RSA Archer platform gives us a common language,” noted an interviewee. “Audit can talk about the same high-risk item as compliance, and they now use the same vocabulary, which all started in IT.”
· “If we developed in another platform other than RSA Archer, we would double or triple what we are paying for RSA Archer,” according to another study participant.
· Another customer participant said: “With the first iteration of our adoption of [RSA] Archer, we moved into what I consider to be the start of the Industrial Era where we built a machine that allowed us to wield these (risk) assessments on a far broader scale, with a larger degree of automation, and we improved our efficiency.”
· “Our intent is to do more analysis of the investments we make, and make the right investments,” said another RSA Archer customer in the report. “[RSA] Archer increases chances of matching the value of an investment versus the cost. We can’t correlate the risks using Excel. We need to use a mature, consistent process… that’s the biggest value of GRC and RSA Archer is the tool to make that possible.”
The RSA Archer platform is designed to enable an efficient, collaborative eGRC program across IT, finance, operations, and legal domains. The RSA Archer platform is engineered to help enterprises easily manage risks, demonstrate compliance, and automate business processes, and gain visibility into corporate risk and security controls.
Amit Yoran adds: “Visibility into risk and assured compliance are fundamental business requirements that can truly affect a company’s bottom line. Many of our customers have found that by implementing the RSA Archer platform as a key component in managing their eGRC programs, compliance is no longer a ‘tax’ on the business, but instead can be leveraged as a tool to improve business performance.”