How to Achieve Federal Information Assurance: Find out at RSA Archer GRC Summit

As a governance, risk and compliance (GRC) and security professional, I’m happy to see continued strategic interest from Federal governments in solving cybersecurity challenges.

As the spotlight on cybersecurity continues to intensify, what better venue than RSA Archer GRC Summit in Washington, DC to continue the discussion on cybersecurity, governance and compliance in context of Federal applications? RSA will showcase RSA Archer Federal Assessment & Authorization (A&A) and Continuous Monitoring (CM) solutions designed to solve Information Assurance (IA) use cases specifically for the federal government.

Stay tuned for a number of interesting developments at the show around RSA Archer Risk Management and Vendor Management Solutions, the powerful Archer Community online social network and Archer Exchange online marketplace. Check back here tomorrow for details.


Federal Information Assurance (IA) professionals face the challenge of achieving FISMA compliance, as well as integrating real operational security data into compliance activities. At the core of FISMA compliance is the assessment and authorization process, to identify whether  each information system is operating at an acceptable level of risk. Federal IA professionals can deploy RSA Archer Assessment & Authorization solution not just as a compliance tool but also as a foundation for a comprehensive Information Assurance Management solution. The RSA Archer A&A solution serves as the system of record for every person, location, component and tier in an organization, as well as every piece of hardware, software and information asset, allowing for the creation of information system boundaries. Additionally, the RSA Archer A&A solution can manage the full cycle of NIST RMF (800-37) activities.

Federal agencies are also faced with a constantly changing and dynamic cyber landscape in which they operate  and current tools deployed by these agencies are often inadequate in adapting to the constantly changing security requirements. As a result, the agencies could be late in responding to latest security threats. But RSA can help make their jobs easier: The Continuous Monitoring Solution is designed to provide near real-time insight into the security posture of every device in the enterprise. It takes that deluge of information and scores, sorts and ranks each device by risk – for fast, efficient “worst first” risk resolution. In addition to targeting individual high risk devices, the RSA Archer CM solution can inform the Authorizing Official (AO) on a wide range of risk decisions for A&A and FISMA compliance activities.

The federal team at RSA has taken an innovative approach to address the Information Assurance use cases. The team purpose built Archer A&A and CM solutions from ground-up to solve Information Assurance use cases for Federal Agencies and Departments.  As a result, agencies can experience a more seamless integration and are able to enhance return on their investment as they incorporate additional use cases like contingency planning, vendor management and incident management to manage not just compliance activities but, offer extended operational security capabilities as well.

For more information on this topic, register for our upcoming webcast:  Solve Information Assurance with RSA Archer Assessment & Authorization and Continuous Monitoring Solutions

About the Author: Raj Meel