Vendor Management

Centralize vendor data, manage relationships, assess vendor risk, and ensure compliance with your policies and controls.

RSA Archer Vendor Management enables you to automate and streamline the ongoing oversight of vendor relationships. This web-based solution facilitates three key activities as part of an effective vendor management process: risk-based vendor selection, relationship management and compliance monitoring. With the RSA Archer Vendor Management software solution, you can establish a lower-cost, higher-quality vendor management process through a centralized repository of third-party data, clear reporting of activities related to vendor risk, and a consistent and repeatable assessment process.

  • Manage Vendor Profiles

    Aggregate all vendor information, including profiles, contacts, facilities, contracts and engagements, in a web-based repository. Also perform business impact, financial viability and privacy analyses against vendors to auto-calculate tier, which determines the appropriate assessments for the vendor relationship. Additionally, manage risk associated with vendor relationships by tracking key performance indicators, SLA objectives and the status of deliverables.

  • Build Vendor Risk Questionnaires

    Use pre-loaded questionnaires, including a vendor financial assessment and the Shared Assessments Program Standardized Information Gathering Questionnaire for security and privacy controls. Also import your own questions, and quickly build new assessments. The system calculates risk and compliance ratings and next assessment dates from the assessment results, and you can modify the scoring formulas if desired through a point-and-click interface.

  • Complete Vendor Assessments

    Enable vendors and relationship managers to complete their assigned assessments with no prior training, adding question-specific comments and attaching supporting evidence as needed. The system sends reminder and escalation emails to appropriate users as assessment due dates approach, and completed assessments are routed to the proper reviewers and approvers.

  • Streamline the Management of Assessment Findings

    The Vendor Management solution automatically scores assessments and generates findings for each incorrectly answered question so you can identify areas of non-compliance with your policies and controls. Through RSA Archer, you can assess the nature and status of each finding, including the vendor response and appropriate mitigation procedures, and you can track the status of remediation tasks.

  • Report on Your Vendor Risk Profile

    Take advantage of reporting capabilities to gain clear visibility into high-risk areas of your business, the status of vendor assessments and your organization’s overall risk exposure. Also correlate vendor data to assist in strategic sourcing and more effective vendor selection and utilization. The Vendor Management solution provides a set of predefined, audit-ready reports, including the ability to house and risk rank SAS70 reports, along with a point-and-click interface for creating reports and dashboards.

  • Lower Risk, Greater Compliance

    The ability to enforce risk management policies and controls and standardize your vendor assessment process in order to lower reputational risk and ensure regulatory compliance

  • Automation

    Consistency and efficiency achieved through auto-calculation of vendor tiers, risk ratings, next scheduled review dates and compliance status based on assessment results

  • Savings in Time, Effort and Cost

    Significant reduction in resources and travel expenses required to effectively perform third-party risk analyses and maintain ongoing vendor oversight

  • Current, Holistic View

    A detailed picture of your risk exposure resulting from vendor relationships, and the ability to deliver real-time information to senior management on short notice

  • Quick Time to Value

    Rapid return on your investment from a solution that you can implement out of the box (using predefined access roles, workflow, reports, dashboards, etc.) or easily tailor to your needs through point-and-click configuration

  • Deployment Flexibility

    The freedom to choose an on-premise or software as a service (SaaS) deployment and to move the solution from one environment to another as your needs change

  • Vendor Management Video Demo

    See RSA Archer Vendor Management in action in this short video demonstration.

  • Vendor Management Data Sheet

    Get more details on the RSA Archer Vendor Management solution—an effective, consistent approach to managing vendor relationships and assessments.

  • eGRC Webcasts

    Take a deep-dive tour of RSA Archer eGRC Solutions through our weekly webcasts. Participate live or request a recording to view at your convenience.

  • Case Studies

    Learn why RSA Archer eGRC clients have been so successful in solving enterprise governance, risk and compliance challenges.

  • White Paper

    Learn about Archer’s platform approach to enterprise governance, risk and compliance.

  • Live Chat

    Chat with an RSA Archer eGRC representative to get more information or to set up a private demo of the Vendor Management solution.