RSA Archer Business Resiliency
Protect Your Organization During Crisis Events
Overview:
- A four-year leader in the Gartner Magic Quadrant for Business Continuity Management
- Identify your most critical business processes and technologies
- Instill senior management’s confidence in your resiliency program
Organizations are becoming a complex tapestry of products and services, processes, technologies, third parties, employees and more. Each element adds another level of complexity, which in turn magnifies the fragility and complexity of your business processes, critical IT, infrastructure and ever-growing third party relationships. And your business is continually evolving. New relationships are created and new services are offered, which require business and IT infrastructure to support. This changing ecosystem impacts your ability to maintain resiliency in the face of disruption, whether it is a major natural event, a reputational crisis or a cyber-attack. In addition, the complexity makes it more difficult to clearly see where risks are, where they are emerging, and at what velocity risks could affect the resiliency of the organization. Critical business functions and supporting infrastructure should be designed both to withstand disruptions, and to enable quick recovery or restoration if they fail.
Business continuity (BC) and IT disaster recovery (DR) plans go a long way in ensuring that critical business and IT functions continue to operate or can be recovered to an operational state within an acceptable amount of time if a crisis occurs. However, managing the myriad of plans for all of these complex processes, systems, suppliers and more is complicated. Business continuity management teams usually capture static BC/DR plan documentation in multiple tools and inflexible systems that are costly to customize and upgrade. What’s more, there are often uncoordinated, ad hoc processes for creating, approving, maintaining, and testing plans. With limited coordination among BC, DR and crisis teams, there is often little visibility into new or emerging IT or business risks that may impact the continuity or resilience of your organization’s standard operations. As a result, it is difficult to prove and report to your senior management that continuity and recovery plans are in place and will work as intended.
Transform recovery to a resiliency mindset
Recovery implies that the business has made reactive plans to restore needed services after bad things happen. Conversely, resiliency programs are designed to address and mitigate “systemic risk” to the continuity of your organization in addition to maintaining recovery plans. Resiliency requires building processes that naturally adapt to adverse conditions, make midcourse corrections, and avoid the negative impacts of a disruption.
A successful business resiliency program aligns your business impact analysis, business continuity planning, IT disaster recovery planning, crisis planning and incident response activities with objectives and strategies of the business as a whole.
Now more than ever, your organization needs business continuity and disaster recovery teams to work closely to create a more resilient organization and minimize the impact of any disruption to your organization’s reputation, finances, legal status, employees or customers. And senior management needs a better understanding of continuity risks, insight into needed budget requirements, and a level of confidence that plans are in place if a crisis should occur.
Conclusion
Without a coordinated approach to business resiliency, organizations can suffer significant losses when critical business processes or IT infrastructure cannot be sustained or recovered quickly after a disruption. RSA Archer Business Resiliency provides a resiliency-driven approach to help your organization mature from just reactive business and IT recovery objectives to a proactive posture that enables your team to significantly reduce the effects of disruptions to your business. With RSA Archer, you can transform the efficiency of your resiliency team to protect your critical business operations.
Benefits:
Accelerates Your Response to Crisis Events
RSA Archer Business Resiliency automates business continuity and IT disaster recovery planning, testing and execution, which enhances your organization’s ability to respond swiftly to crisis events.
Allows You to Address the Most Critical Areas of Your Business
RSA Archer Business Resiliency features uses cases to help you identify which business processes and technologies are most critical so that you can prioritize and sequence them accordingly.
Eases Case Management and Incident Response
The use case for incident management allows you to quickly evaluate the criticality of an incident, determine appropriate response procedures and assign response team members.
Helps You Build Confidence with Senior Management
Dashboards and reports give senior management a better understanding of resiliency risks, insight into budget requirements and confidence that a solid resiliency program is in place.
Advantage:
RSA Archer Business Resiliency provides an automated approach to planning and recovery, allowing you to respond swiftly in crisis situations to protect your ongoing operations. With RSA Archer, you can transform the efficiency of your resiliency and recovery teams, address the most critical areas of the business quickly, and partner across the business to achieve your organization’s resiliency goals.
Bring Business Context to Continuity and Recovery Planning
How do you know what is most critical to your business? Which business processes are most critical for you to ensure they are resilient? What are the upstream and downstream dependencies, systems and processes, and how does your team plan for them? These critical questions must be assessed in concert with an understanding of business criticality and corresponding recovery priorities. RSA Archer offers a centralized business process and asset repository tied to the supporting IT infrastructure. This enables management to catalog and better understand the context of the organization, assess the criticality of each process and supporting technologies and infrastructure, prioritize the BC/DR planning process based on criticality, and then put recovery plans in place.
Integrate Incident and Crisis Response
Muddling through a crisis event and being saved by “heroic efforts” is not the type of experience your team wants to experience, much less repeat. Continuity and recovery professionals must adequately plan for and proactively build steps to manage incidents as they arise into the organization’s processes, and effectively deal with crisis events to bring them to swift and successful resolution. Bringing the resiliency program together managing day-to-day incidents or planning and testing for crisis events, your programs must include a cycle for learning and improving processes. With RSA Archer, you can more effectively keep your resiliency program in line with changes within your organization, new or changing regulations, and new business, building resiliency into the very processes you perform.
Adapt Your Resiliency Program
Businesses are fluid and prone to changes, and priorities need to be evaluated on a regular basis. Why shouldn’t resiliency planning and execution follow the same pattern? The ISO 22301 standard recommends developing a resilient organization in line with business priorities and strategic objectives in a way that is flexible enough to adapt and react to changing priorities. With RSA Archer, you can build your resiliency program on the most configurable software in the industry. You can tailor continuity, recovery and response processes, add new workflow, and program new reports while maintaining your approaches and taxonomies. RSA Archer’s flexible platform allows you to easily expand your current continuity and recovery use cases with no custom code or professional service requirements. And the RSA Archer Business Resiliency solution uses a standards-based approach that aligns with the ISO 22301 international standard for BC planning.
Use Cases:
RSA Archer Business Resiliency provides an automated approach to business continuity and disaster recovery planning and execution, allowing swift response in crisis situations to protect your ongoing operations. With RSA Archer, you can assess the criticality of business processes and supporting technologies, and develop detailed business continuity and disaster recovery plans using an automated workflow for plan testing and approval. Key dashboards and reports provide visibility to your senior management providing a better understanding of resiliency risks, insight into needed budget requirements, and a level of confidence that a solid resiliency program is in place if a crisis occurs.
RSA Archer Business Resiliency provides several use cases to meet your specific business needs and progress in the business resiliency maturity journey, including the following.
Business Impact Analysis
To understand the criticality of business processes in any organization, you must develop business impact analyses. RSA Archer Business Impact Analysis (BIA) is designed to help you determine the criticality of business processes so they can be prioritized and sequenced for recovery planning and building resiliency measures. Campaign capabilities enable you to automatically update or create BIAs across sets of business processes that support a certain product or service, or with particular business units or other organizations. The use case provides out-of-the-box workflow to drive updates through your business process owners, with built-in approval, monitoring, notification and reporting across all users. You can share information with interdependent teams across the organization to help align your business continuity, IT disaster recovery, and crisis teams so everyone has the same planning and recovery priorities.
Incident Management
RSA Archer Incident Management provides a case management and incident response solution for reporting and categorizing events such as cyber, ethics violations and physical incidents. The use case enables you to quickly evaluate the criticality of an incident, determine the appropriate response procedures, and assign response team members based on factors like business impact and regulatory requirements. Incident Management also integrates with the Crisis Management use case to seamlessly handle incidents that turn into crises. The use case also includes dashboards for tracking and reporting on costs, related incidents, losses and recovery.
Business Continuity and IT Disaster Recovery Planning
RSA Archer Business Continuity and IT Disaster Recovery Planning offers a coordinated, consistent, and automated approach to business continuity and IT disaster recovery planning, testing and execution. It allows you to respond swiftly in crisis situations to protect your ongoing operations. Organizations can also use the RSA Archer BCM mobile application to view business or IT recovery plans, strategies and tasks, and recovery requirements according to user role. This decreases dependency on hard copy plans and enables faster response to crisis events.
Crisis Management
RSA Archer Crisis Management provides a coordinated, consistent, and automated approach for swift response in crisis situations to protect your ongoing operations. With RSA Archer, you can manage business continuity and disaster recovery, and align activated plans with the organization’s crisis team activities to manage crisis events holistically. The solution also aligns risk assessment with other GRC disciplines and automates the process of testing business continuity, IT disaster recovery, and crisis plans for consistent crisis response to minimize risks.
Documentation:
Download the RSA Archer Business Resiliency Datasheet (.PDF)