Solutions
Solutions group related applications and questionnaires into activity-based use cases to address a particular business need.
Archer provides out-of-the-box solutions, or you can build custom applications and solutions for your data.
Solutions are displayed in a workspace, which is how users access individual applications. A solution can be used in multiple workspaces.
On this page
Archer Solutions
Each of the Archer solution areas is supported by purpose-built solution use cases, designed to provide each Archer customer with the use cases they need based on the maturity of their organization’s risk management program. The Archer solution use cases use best practices to efficiently kick-start an effective risk and compliance program that can be incrementally expanded as the organization’s risk and compliance needs grow.
Audit Management Solution
Archer Audit Management puts you in control of the complete audit lifecycle, enabling improved governance of audit-related activities, while also providing integration with your risk and control functions. With Archer, you can transform the efficiency of your audit department, complete risk-scoped audits more quickly, and partner with the business to achieve your organization’s goals.
Audit Management includes the following use cases:
-
Issues Management
-
Audit Engagements & Workpapers
-
Audit Planning & Quality
See Audit Management Help for information about each solution use case.
Enterprise & Operational Risk Management
Archer Operational Risk Management makes it easy to engage your first line of defense to identify and assess risk, evaluate, approve and respond to loss events, oversee key risk indicators, and manage day-to-day tasks, issues, and remediation plans.
Enterprise & Operational Risk Management includes the following use cases:
-
Risk Catalog
-
Enterprise Risk Management
-
Loss Event Management
-
Key Indicator Management
-
Risk Assessment Management
-
Operational Risk Management
See Enterprise & Operational Risk Management Help for information about each solution use case.
ESG Management
Archer ESG Management can help your organization save time and resources by making it easier to collect and report ESG data, reduce ESG-related risks, and align ESG goals with your overall business strategy.
ESG Management includes the following use cases:
-
ESG Management
-
Double Materiality Calculator
-
Disclosure Management
-
ESG Portfolio Management
See ESG Management Help for information about each solution use case.
IT & Security Risk Management
Archer IT & Security Risk Management allows you to determine which assets are critical to your business, establish and communicate security policies and standards, detect and respond to attacks, identify and remediate security deficiencies, and establish clear IT risk management best practices.
IT & Security Risk Management includes the following use cases:
-
IT & Security Policy Program Management
-
IT Controls Assurance
-
IT Security Vulnerabilities Program
-
Cyber Incident & Breach Response
-
IT Risk Management
-
IT Regulatory Management
-
Information Security Management System (ISMS)
-
PCI Management
See IT & Security Risk Management Help for information about each solution use case.
Public Sector
Archer Public Sector allows you to leverage people, process, and technology to build an integrated approach to Assessment & Authorization, Continuous Monitoring and overall risk management.
Public Sector includes the following solution use cases:
-
Plan of Action & Milestones (POA&M)
-
Assessment & Authorization
-
Continuous Monitoring
See Public Sector Help for information about each solution use case.
Regulatory & Corporate Compliance Management
Archer Regulatory & Corporate Compliance Management allows you to consolidate information from multiple regulatory bodies, document their impact to the business, and establish a sustainable, repeatable, and auditable regulatory compliance program.
Regulatory & Corporate Compliance includes the following use cases:
-
Policy Program Management
-
Corporate Obligations Management
-
Controls Assurance Program Management
-
Financial Controls Monitoring
-
Data Governance
-
Privacy Program Management
See Regulatory & Corporate Compliance Management Help for information about each solution use case.
Resilience Management
Archer Resilience Management provides an automated approach to business continuity, disaster recovery planning and execution, and operational resilience. This solution area allows organizations to prioritize their most critical operations for resilience and swiftly respond to crisis situations.
Resilience Management includes the following use cases:
-
Business Impact Analysis
-
Incident Management
-
Business Continuity & IT Disaster Recovery Planning
-
Crisis Management
-
Operational Scenario Analysis
See Resilience Management Help for information about each solution use case.
Third Party Governance
Archer Third Party Governance automates and streamlines oversight of your vendor relationships by facilitating key activities necessary to fulfill regulatory obligations and best practices across the entire third party management lifecycle.
Third Party Governance includes the following use cases:
-
Third Party Catalog
-
Third Party Risk Management
-
Third Party Engagement
-
Third Party Governance
See Third Party Governance for information about each solution use case.
Data dictionaries
Each Archer solution use case has a Data Dictionary, which gives a detailed look into the applications and questionnaires included in each use case. Obtain the Data Dictionary for the use case by contacting your Archer Account Representative.
I need help using a particular application or questionnaire
The Archer Help Center contains help for each Archer solution use case. Based on the application or questionnaire you're working in, use the table below to find your relevant help.
Note: Ask your admin if you're unsure of which version of a use case you're using.
Jump to: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
|
Application or Questionnaire |
Use Case |
Help Link |
|---|---|---|
|
Business Continuity & IT Disaster Recovery Planning |
||
|
Allocated Controls |
Assessments & Authorization |
|
|
Agency
|
Assessments & Authorization |
|
|
Continuous Monitoring |
||
|
Application Assessment |
IT Risk Management |
|
|
Applications
|
Audit Engagements & Workpapers |
|
|
Data Governance |
||
|
Operational Risk Management |
||
|
Third Party Governance |
||
|
Appointment |
Audit Engagements & Workpapers |
|
|
Article 30 Checklist |
Data Governance |
|
|
Assessment Campaign |
Operational Risk Management |
|
|
Assessment Objective Library |
Assessments & Authorization |
|
|
Assessment Objectives |
||
|
Audit Engagement
|
Audit Engagements & Workpapers |
Audit Management Help
|
|
Audit Planning & Quality |
||
|
Audit Entity
|
Audit Engagements & Workpapers |
|
|
Audit Planning & Quality |
||
|
Audit Observations |
Audit Engagements & Workpapers |
|
|
Audit Plan |
Audit Planning & Quality |
|
|
Audit Program Library |
Audit Engagements & Workpapers |
|
|
Audit Workpaper |
||
|
Authoritative Sources |
Policy Program Management |
|
|
Authorization Package |
Assessments & Authorization |
|
|
|
Audit Engagements & Workpapers |
|
|
Audit Planning & Quality |
||
|
BC/DR Plans |
Business Continuity & IT Disaster Recovery Planning |
|
|
BIA Archive
|
Business Impact Analysis |
|
|
Operational Scenario Analysis |
||
|
BIA Campaign
|
Business Impact Analysis |
|
|
Operational Scenario Analysis |
||
|
Breach Response Procedure Library |
Cyber Incident & Breach Response |
IT & Security Risk Management Help
|
|
Breach Risk Assessment |
||
|
Breach Tasks |
||
|
Business Impact Analysis
|
Business Impact Analysis |
|
|
Operational Scenario Analysis |
||
|
Business Processes
|
Audit Engagements & Workpapers |
|
|
Risk Assessment Management |
||
|
Business Impact Analysis |
||
|
Data Governance |
||
|
IT Controls Assurance |
||
|
Third Party Engagement |
||
|
Enterprise Risk Management |
||
|
Business Processes Assessment Data |
Operational Risk Management |
|
|
Business Unit
|
Business Impact Analysis |
|
|
ESG Management |
||
|
Issues Management |
||
|
Key Indicator Management |
||
|
Third Party Catalog |
||
|
PCI Management |
||
|
Certificates of Insurance |
Third Party Engagement |
|
|
Change Requests
|
Controls Assurance Program Management |
Regulatory & Corporate Compliance Help
|
|
Financial Controls Monitoring |
||
|
Issues Management |
||
|
IT Controls Assurance |
||
|
Policy Program Management |
||
|
Cloud Service |
Assessments & Authorization |
|
|
Company
|
Business Impact Analysis |
|
|
ESG Management |
||
|
Issues Management |
||
|
Key Indicator Management |
||
|
Third Party Catalog |
||
|
Compliance Engagement
|
Controls Assurance Program Management |
Regulatory & Corporate Compliance Help
|
|
Financial Controls Monitoring |
||
|
IT Controls Assurance |
||
|
Compliance Project |
PCI Management |
|
|
Compliance Scope
|
Controls Assurance Program Management |
|
|
IT Controls Assurance
|
IT & Security Risk Management Help
|
|
|
Configuration Check Results |
||
|
Configuration Checks |
||
|
Contacts
|
Audit Engagements & Workpapers |
|
|
Data Governance |
||
|
ESG Double Materiality Calculator |
||
|
ESG Management |
||
|
Incident Management |
||
|
Loss Event Management |
||
|
Operational Risk Management |
||
|
Third Party Catalog |
|
|
|
Contracts |
Third Party Catalog |
|
|
Control 302 Certifications |
Financial Controls Monitoring |
|
|
Control Assessment Data |
Operational Risk Management |
|
|
Control Catalog |
Assessments & Authorization |
|
|
Control Generator
|
Controls Assurance Program Management |
|
|
IT Controls Assurance |
||
|
Control Implementation |
Assessments & Authorization |
Public Sector Help |
|
Control Matrix |
PCI Management |
IT & Security Risk Management Help |
|
Control Overlay |
Assessments & Authorization |
|
|
Control Procedures
|
Controls Assurance Program Management |
|
|
Data Governance |
||
|
Financial Controls Monitoring |
||
|
Information Security Monitoring System |
||
|
IT Controls Assurance |
||
|
IT Risk Management |
||
|
PCI Management |
||
|
Enterprise Risk Management |
||
|
Control Scoping Unit
|
Audit Engagements & Workpapers |
|
|
Controls Assurance Program Management |
||
|
PCI Management |
||
|
Control Self Assessments
|
Controls Assurance Program Management |
|
|
IT Controls Assurance |
||
|
Control Snapshots
|
Controls Assurance Program Management |
|
|
IT Controls Assurance |
||
|
Control Standards |
Policy Program Management |
|
|
Corporate Global Variables |
Archer Insight |
|
|
Corporate Objectives |
Operational Risk Management |
|
|
Crisis Events |
Crisis Management |
|
|
Cyber Incident & Breach Response |
||
|
Data Identification Assessment |
Privacy Program Management |
|
|
Data Protection Impact Assessment |
||
|
Data Protection Projects |
||
|
Degrees and Certifications
|
Audit Planning & Quality |
|
|
Cyber Incident & Breach Response |
||
|
Department
|
Assessments & Authorization |
|
|
Continuous Monitoring |
||
|
Design Test Results
|
Controls Assurance Program Management |
|
|
IT Controls Assurance |
||
|
Device Assessment |
IT Risk Management |
|
|
Devices
|
Audit Engagements & Workpapers |
|
|
Data Governance |
||
|
Third Party Governance |
||
|
Digital Identity |
Assessments & Authorization |
|
|
Disclosures |
Sustainability Reporting |
|
|
Division
|
Business Impact Analysis |
|
|
ESG Management |
||
|
Issues Management |
||
|
Key Indicator Management |
||
|
Third Party Catalog |
||
|
Double Materiality Calculator |
Double Materiality Calculator |
|
|
Third Party Risk Management |
|
|
|
Engagement Types |
Third Party Catalog |
|
|
Engagements
|
||
|
Third Party Engagement |
||
|
Third Party Risk Management |
||
|
Entity Scoping Unit |
Audit Engagements & Workpapers |
|
|
ESG Data Gathering Programs |
ESG Management
|
|
|
ESG Library |
||
|
ESG Management System |
||
|
ESG Metric Results |
||
|
ESG Metrics |
||
|
ESG Organization Metrics |
||
|
Ethics Violations |
Incident Management
|
|
|
Evidence Repository
|
Audit Engagements & Workpapers |
|
|
Controls Assurance Program Management |
Regulatory & Corporate Compliance Help
|
|
|
Financial Controls Monitoring |
||
|
IT Controls Assurance |
||
|
Exception Requests |
Issues Management |
|
|
Expense Reports |
Audit Planning & Quality |
|
|
Expense Slips |
||
|
|
Audit Engagements & Workpapers |
|
|
Risk Assessment Management |
||
|
Assessments & Authorization |
|
|
|
Continuous Monitoring |
||
|
Data Governance |
||
|
ESG Management |
||
|
Incident Management |
||
|
IT Risk Management |
||
|
Third Party Catalog |
||
|
Facility Assessment |
Risk Assessment Management |
|
|
Findings
|
Assessments & Authorization |
|
|
Issues Management |
||
|
POA&M Management |
||
|
Findings Folders
|
Issues Management |
Audit Management Help |
|
POA&M Management |
||
|
Forensic Analysis |
Cyber Incident & Breach Response |
|
|
Fraud Assessment |
Risk Assessment Management |
|
|
Financial Controls Monitoring |
Regulatory & Corporate Compliance Help
|
|
|
General Ledger Risk Assessment |
||
|
|
Continuous Monitoring |
|
|
POA&M Management |
||
|
Audit Planning & Quality |
||
|
Impact Approval Rules |
Loss Event Management |
|
|
Impact Tolerances |
Operational Scenario Analysis |
|
|
Incident Investigations |
Cyber Incident & Breach Response |
IT & Security Risk Management Help
|
|
Incident Journal |
||
|
Incident Response Procedure Library |
||
|
Incident Response Procedures |
||
|
Incidents |
Incident Management |
|
|
Information Asset Assessment |
IT Risk Management |
|
|
Information Assets |
Data Governance |
|
|
Information Types |
Assessments & Authorization
|
|
|
Interconnections |
||
|
Insight Consequences |
Archer Insight
|
|
|
Insight Control Probability |
||
|
Insight Driver Probability |
||
|
Insight Drivers |
||
|
Insight Risk Event |
||
|
Insight Upstream Risk Probability |
||
|
Insurance |
Operational Risk Management |
|
|
Internal Audit Customer Survey |
Audit Planning & Quality |
|
|
Internal Audit Department Annual Review |
||
|
Internal Audit Quality Assurance Review Checklist |
||
|
Investigations |
Incident Management |
|
|
ISMS |
Information Security Monitoring System |
IT & Security Risk Management Help
|
|
ISMS Audit |
||
|
ISMS Controls |
||
|
ISMS Risks |
||
|
ISO 27001 Gap Analysis |
||
|
Crisis Management |
||
|
Location Based Risk Assessment |
Third Party Governance |
|
|
Loss Event Impacts |
Loss Event Management |
|
|
Loss Events |
||
|
|
Continuous Monitoring |
|
|
IT Security Vulnerabilities Program |
||
|
Management of Material Topics |
ESG Management |
|
|
Master Service Agreement |
Third Party Engagement |
|
|
Material Topic Identification Questionnaire |
ESG Management
|
|
|
Material Topic Repository |
ESG Double Materiality Calculator |
|
|
ESG Management |
||
|
Material Topic Responses |
ESG Management |
|
|
Materiality Assessment Campaign |
ESG Double Materiality Calculator |
|
|
ESG Management |
||
|
Metric Provider Identification Survey |
ESG Management |
|
|
Metrics |
Key Indicator Management |
|
|
Metrics Library |
||
|
Metrics Results |
||
|
Milestones |
Continuous Monitoring |
|
|
POA&M Management |
||
|
Missions |
||
|
Data Governance |
||
|
Notification History
|
Crisis Management |
|
|
Cyber Incident & Breach Response |
||
|
Notifications and Call Trees
|
Business Continuity & IT Disaster Recovery Planning |
|
|
Cyber Incident & Breach Response |
||
|
|
Assessments & Authorization |
|
|
Continuous Monitoring |
||
|
Operating Effectiveness Testing Package |
Financial Controls Monitoring |
Regulatory & Corporate Compliance Help
|
|
Operating Test Results
|
Controls Assurance Program Management |
|
|
IT Controls Assurance |
||
|
Operational Resilience Assessment |
Operational Scenario Analysis |
|
|
Operational Scenario Analysis |
||
|
Operational Scenario Library |
||
|
|
Continuous Monitoring |
|
|
IT Security Vulnerabilities Program |
||
|
PBC Documentation Requests
|
Audit Engagements & Workpapers |
|
|
Financial Controls Monitoring |
||
|
PCI 3.2.1 Self-Assessment (SAQ) |
PCI Management |
IT & Security Risk Management Help
|
|
PCI 4.0 Self-Assessment (SAQ) |
||
|
PCI Controls |
||
|
Plan Entity
|
Audit Engagements & Workpapers |
|
|
Audit Planning & Quality |
||
|
POA&Ms
|
Continuous Monitoring |
|
|
POA&M Management |
||
|
Policies |
Policy Program Management |
|
|
PPSM |
Assessments & Authorization |
Public Sector Help |
|
Primary Controls
|
Controls Assurance Program Management |
Regulatory & Corporate Compliance Help |
|
IT Controls Assurance |
||
|
PCI Management |
||
|
Privacy Impact Assessment
|
Privacy Program Management |
|
|
Assessments & Authorization |
Public Sector Help | |
|
Privacy Roles and Responsibilities |
Data Governance |
Regulatory & Corporate Compliance Help |
|
Privacy Threshold Analysis |
Assessments & Authorization |
|
|
Process Narrative Walkthrough |
Financial Controls Monitoring |
Regulatory & Corporate Compliance Help |
|
Process Narratives |
||
|
Processing Activities |
Data Governance |
|
|
Products and Services
|
Risk Assessment Management |
|
|
Operational Scenario Analysis |
||
|
Third Party Engagement |
|
|
|
Third Party Risk Management |
||
|
Financial Controls Monitoring |
||
|
Question Library
|
Audit Planning & Quality |
|
|
Risk Assessment Management |
||
|
Assessments & Authorization |
||
|
Controls Assurance Program Management |
||
|
Crisis Management |
||
|
Cyber Incident & Breach Response |
IT & Security Risk Management Help
|
|
|
IT Controls Assurance |
||
|
IT Risk Management |
||
|
PCI Management |
||
|
Third Party Engagement |
|
|
|
Third Party Risk Management |
||
|
Business Continuity & IT Disaster Recovery Planning |
|
|
|
Recovery Tasks |
||
|
Regulatory Communications |
Privacy Program Management |
Regulatory & Corporate Compliance Help
|
|
Regulatory Intelligence Items |
Corporate Obligations Management |
|
|
Regulatory Intelligence Review |
||
|
Remediation Plans |
Issues Management |
|
|
Requirements |
Business Continuity & IT Disaster Recovery Planning |
|
|
Resilience Scorecard |
Operational Scenario Analysis |
|
|
Resilience Threat Register
|
Business Continuity & IT Disaster Recovery Planning |
|
|
Operational Scenario Analysis |
||
|
Response Procedures |
Incident Management |
|
|
Retention Schedules |
Data Governance |
|
|
Risk Acceptance
|
Continuous Monitoring |
|
|
POA&M Management |
||
|
Risk Analysis |
PCI Management |
|
|
Risk Approval Assessment |
Enterprise Risk Management |
|
|
Risk Assessment
|
Risk Assessment Management |
|
|
IT Risk Management |
||
|
Risk Assessment Data |
Operational Risk Management |
|
|
Risk Generator
|
IT Risk Management |
|
|
Enterprise Risk Management |
Enterprise & Operational Risk Management Help
|
|
|
Risk Hierarchy |
||
|
Risk Project
|
Risk Assessment Management |
|
|
IT Risk Management |
||
|
Risk Scoping Unit |
Audit Engagements & Workpapers |
|
|
Risk Statements
|
IT Risk Management |
|
|
Enterprise Risk Management |
||
|
Risks (formerly Risk Register)
|
Information Security Monitoring System |
IT & Security Risk Management Help
|
|
IT Risk Management |
||
|
Operational Scenario Analysis |
||
|
Enterprise Risk Management |
||
|
Roles and Responsibilities
|
Business Continuity & IT Disaster Recovery Planning |
|
|
Financial Controls Monitoring |
||
|
Continuous Monitoring
|
|
|
|
Scanner and Sensor Results |
||
|
Scanner and Sensor Rules |
||
|
Scenario Results
|
Audit Engagements & Workpapers |
|
|
Operational Scenario Analysis |
||
|
Scoping Units
|
Controls Assurance Program Management |
|
|
IT Controls Assurance |
IT & Security Risk Management Help
|
|
|
Security Alerts |
Cyber Incident & Breach Response |
|
|
Security Controls |
||
|
Security Events |
||
|
Security Incidents |
||
|
Self-Assessment |
Operational Risk Management |
|
|
Service Interruption Results |
Operational Scenario Analysis |
|
|
Service Interruptions |
||
|
SOC Policies |
Cyber Incident & Breach Response |
|
|
Software
|
Continuous Monitoring |
|
|
POA&M Management |
||
|
Statement of Applicability |
Information Security Monitoring System |
|
|
Storage Devices |
Third Party Governance |
|
|
Subcontractors |
Third Party Engagement |
|
|
Subsystems
|
Assessments & Authorization |
|
|
Continuous Monitoring |
||
|
Supplier Request Form |
Third Party Engagement |
Third Party Governance |
|
Sustainability Report |
Sustainability Reporting |
|
|
System of Record Notice (SORN) |
Assessments & Authorization |
|
|
Cyber Incident & Breach Response |
IT & Security Risk Management Help
|
|
|
Teams |
||
|
Technical Control Manual Assessment |
IT Controls Assurance |
|
|
Technologies
|
Continuous Monitoring |
|
|
Third Party Governance |
||
|
Testing/Exercise |
Business Continuity & IT Disaster Recovery Planning |
|
|
Third Party Campaign |
Third Party Governance |
|
|
Third Party Contract Reviews |
Third Party Engagement |
|
|
Third Party Document Repository |
Third Party Risk Management |
|
|
Third Party ESG Assessment |
||
|
Third Party Financial Viability Assessments |
Third Party Engagement |
|
|
Third Party Metrics |
Third Party Governance |
|
|
Third Party Metrics Library |
||
|
Third Party Metrics Results |
||
|
Third Party Profile
|
Operational Scenario Analysis |
|
|
Third Party Catalog |
|
|
|
Third Party Resilience Assessment |
Third Party Risk Management |
|
|
Threat Assessment |
IT Risk Management |
IT & Security Risk Management Help
|
|
Threat Intelligence |
||
|
Threat Project |
||
|
Thresholds |
ESG Management |
|
|
Timesheet Tasks |
Audit Planning & Quality |
|
|
Training
|
Audit Planning & Quality© |
|
|
Cyber Incident & Breach Response |
||
|
Archer Insight |
||
|
|
Continuous Monitoring |
|
|
IT Security Vulnerabilities Program |
||
|
Vulnerability Library
|
Continuous Monitoring |
Public Sector Help |
|
IT Security Vulnerabilities Program |
||
|
Vulnerability Reference Lists
|
Continuous Monitoring |
|
|
IT Security Vulnerabilities Program |
IT & Security Risk Management Help | |
|
Vulnerability Scan Definition |
IT Security Vulnerabilities Program |
|
|
Vulnerability Scan Requests |
||
|
Vulnerability Scan Results
|
Continuous Monitoring |
|
|
IT Security Vulnerabilities Program |
IT & Security Risk Management Help | |
|
Vulnerability Tickets
|
Continuous Monitoring |
|
|
IT Security Vulnerabilities Program |
IT & Security Risk Management Help | |
|
Third Party Governance |
System applications
Two system applications, Task Management and Appointments, are included in every deployment, regardless of which Archer solution use cases you have licensed.
Building solutions
By grouping applications into a solution, you can also search those applications as a single entity, access reports for just those applications from the Reports Listing, and more.
An application can be grouped into multiple solutions. For example, a Contacts application can be associated with Vendor Management, Customer Relationship Management, and Service Request solutions. By grouping an application with multiple solutions, you can reuse the same information for a variety of purposes.
On-demand applications
On-Demand Applications (ODAs) are applications that are built from scratch to support ancillary processes. An ODA allows administrators to create their own configurable application or use pre-built Archer Exchange offerings, which can leverage advanced workflow, notifications, reporting, access control capabilities and more. ODAs are not part of the standard Archer solutions and use cases and require additional licensing.
