Presentation is loading. Please wait.

Presentation is loading. Please wait.

1© Copyright 2011 EMC Corporation. All rights reserved. RSA Education Services RSA SecurWorld GRC: Product and Technology SE Associate Security Management.

Published byAdela Fleming Modified over 9 years ago

Similar presentations

Presentation on theme: "1© Copyright 2011 EMC Corporation. All rights reserved. RSA Education Services RSA SecurWorld GRC: Product and Technology SE Associate Security Management."— Presentation transcript:

1 1© Copyright 2011 EMC Corporation. All rights reserved. RSA Education Services RSA SecurWorld GRC: Product and Technology SE Associate Security Management Presales Process Solutions Product & Technology Portfolio Messaging

2 2© Copyright 2011 EMC Corporation. All rights reserved. Instructions for Completing This Training This training consists of: A self-paced learning format Intuitive UI Player controls Course continuation Downloadable course slides and reference docs Note: these reference documents are RSA Confidential.

3 3© Copyright 2011 EMC Corporation. All rights reserved. Course Learning Objectives Upon completion of this course, you will be able to: Describe the RSA Archer eGRC Suite architecture Describe the deployment and integration options for RSA Archer

4 4© Copyright 2011 EMC Corporation. All rights reserved. Course Modules

5 5© Copyright 2011 EMC Corporation. All rights reserved. Product and Technology Module 1: RSA Archer Product Architecture RSA Education Services

6 6© Copyright 2011 EMC Corporation. All rights reserved. Module Objectives Upon completion of this module, you will be able to: Explain the general platform architecture and functional components of the RSA Archer eGRC Suite Understand the logical architecture of the major tier components

7 7© Copyright 2011 EMC Corporation. All rights reserved. RSA Archer eGRC Suite RSA Archer eGRC Platform RSA Archer eGRC Platform Data Integration Business System Data User Data (LDAP) External Policy/Risk Data Governance/Compliance Data Queries, Dashboards, Reports Analyst Interface

8 8© Copyright 2011 EMC Corporation. All rights reserved. RSA Archer eGRC Suite Platform Components Threat Management Vendor Management Incident Management Enterprise Management Compliance Management Risk Management Policy Management Business Continuity Audit Management Click on a component to learn more about it. Solutions

9 9© Copyright 2011 EMC Corporation. All rights reserved. RSA Archer eGRC Suite Platform Components Click on a component to learn more about it. Threat Management Vendor Management Incident Management Enterprise Management Compliance Management Risk Management Policy Management Business Continuity Audit Management Solutions

10 10© Copyright 2011 EMC Corporation. All rights reserved. Logical Architecture The architecture of the RSA Archer eGRC Platform is divided into three logical tiers: Interface Tier ASP.NET pages (C#) Separates presentation logic from business logic through the use of Code-Behind files Invokes the Application Tier to retrieve and manipulate data Application Tier Collection of objects encapsulating the application business logic Communicates with the database via a common database object Not allowed to make direct SQL calls Database Tier Collection of stored procedures that act upon the underlying data model Utilizes Microsoft Search functionality for high-speed text searching Requires Microsoft SQL Server 2005 SP3

11 11© Copyright 2011 EMC Corporation. All rights reserved. Module Summary Now that you have completed this module, you should be able to: Explain the general platform architecture and functional components of the RSA Archer eGRC Suite Understand the logical architecture of the major tier components

12 12© Copyright 2011 EMC Corporation. All rights reserved. Product and Technology Module 2: RSA Archer Product Options RSA Education Services

13 13© Copyright 2011 EMC Corporation. All rights reserved. Module Objectives Upon completion of this module, you will be able to: Explain a customer’s deployment options for the RSA Archer eGRC platform Describe integration options of RSA Archer with other data sources

14 14© Copyright 2011 EMC Corporation. All rights reserved. Deployment Options On-Premise Deployment Licensed RSA Archer eGRC Platform deployed it a customer’s environment Hardware, software and upgrades managed on-premise Software as a Service (SaaS) Access to the RSA Archer eGRC Platform via the web Avoids IT requirements associated with on-premise deployment Combined Deployment Customer manages some applications on-premise and utilizes SaaS for others Because all applications built on the RSA Archer eGRC Platform can be packaged and moved from one environment to another, a deployment strategy can be changed at any time.

15 15© Copyright 2011 EMC Corporation. All rights reserved. Integration RSA Archer is designed to integrate with cross-departmental and enterprise data systems Challenges: – Data accumulated through diverse technologies create challenges for consolidation and reporting – eGRC initiatives require evaluation of data across inter- departmental as well as external systems Solution: – Archer is vendor neutral and content independent – allowing a consolidation point for different data systems

16 16© Copyright 2011 EMC Corporation. All rights reserved. Integration Capabilities Data Feed Manager – Flexible, code-free tool for collecting enterprise data Web services API – Supports integration with other business systems through custom code Data Publication Manager – Allows extraction of information from Archer and load it into external systems for data analysis and modeling Data Import Manager – For infrequent data loads, such as a policy content import LDAP and Active Directory Integration – Streamlines the management of user accounts and groups

17 17© Copyright 2011 EMC Corporation. All rights reserved. Module Summary Now that you have completed this module, you should be able to: Explain a customer’s deployment options for the RSA Archer eGRC platform Describe integration options of RSA Archer with other data sources

18 18© Copyright 2011 EMC Corporation. All rights reserved. Course Summary Now that you have completed this course, you should be able to: Describe the RSA Archer eGRC Suite architecture Describe the deployment and integration options for RSA Archer

19 19© Copyright 2011 EMC Corporation. All rights reserved. Product and Technology Assessment To complete your accreditation training, you are required to complete the assessment that includes the four Security Management Product and Technology courses. Under the course menu, select SE Associate in Security Management: Product and Technology Assessment to begin this assessment. It should take 20-30 minutes to complete the assessment. Note: A score of 80% is required to pass the course assessment. If you do not achieve 80% or higher, please review the materials and retake the test. It may take up to 24 hours for your score to be available in your personal training transcript.

20 20© Copyright 2011 EMC Corporation. All rights reserved. Thank You The Security Division of EMC

21 21© Copyright 2011 EMC Corporation. All rights reserved. RSA Archer eGRC Platform Supports business-level management of governance, risk and compliance (GRC) activities for an organization. Allows adaptation of various solutions to GRC requirements, building applications and integration with other systems without complex custom coding Provides a foundation and uniform interface for operational components and solution modules Return

22 22© Copyright 2011 EMC Corporation. All rights reserved. Application Builder Offers powerful tools and a user-friendly interface Allows building and tailoring business applications with no programming required Allows design of applications to capture and display any kind of data Offers full control over the page layout – Can provide an intuitive experience for end users Return

23 23© Copyright 2011 EMC Corporation. All rights reserved. Reports and Dashboards Through the RSA Archer eGRC Platform, you can: Generate actionable reports Share data with other users Track the status of various initiatives Build graphical, role-specific dashboards to monitor metrics across business units Return

24 24© Copyright 2011 EMC Corporation. All rights reserved. Access Control Access controls can be created and enforced so that: Data integrity is ensured Users have a streamlined interface experience Users can interact only with the information that is appropriate for their roles Information access can be controlled at the system, application, record and field level Return

25 25© Copyright 2011 EMC Corporation. All rights reserved. Workflow Business processes can be defined and streamlined Allows automatic assignment of tasks based on data conditions such as: – Asset ownership – Issue priority – Escalation path Content can be routed to defined reviewers for editing or authorization before sharing it with a broader audience Return

26 26© Copyright 2011 EMC Corporation. All rights reserved. Notifications Users can be automatically notified via email when: – New information requires their attention – Tasks enter their queue – Nearing a deadline Simple or complex notification rules can be defined Ensures the right users are alerted at the right time Email notifications can include direct links to the content on which users need to take action or make a decision Return

27 27© Copyright 2011 EMC Corporation. All rights reserved. Integration RSA Archer eGRC Platform is vendor neutral and content independent It serves as a point of consolidation for governance, risk and compliance information of any type Allows seamless integration of data systems without the need for additional software Movement of data can be automated into and out of the Platform to support data analysis, process management and reporting Return

28 28© Copyright 2011 EMC Corporation. All rights reserved. User Experience A simple interface for branding applications with a corporate look and feel A company can use their company colors, graphics, icons and text to facilitate end-user adoption Instructions can be embedded in the user interface to facilitate self-training and diminish the learning curve Return

29 29© Copyright 2011 EMC Corporation. All rights reserved. Policy Management Solution Provides the foundation for a governance, risk and compliance program Allows a comprehensive and consistent process for managing policy and exception lifecycle Offers a centralized infrastructure for creating policies, standards and control procedures Maps to corporate objectives, regulations, industry guidelines and best practices Allows communication of policies across the enterprise – Tracks acceptance – Assesses comprehension – Manages exceptions Return

30 30© Copyright 2011 EMC Corporation. All rights reserved. Risk Management Solution Enables a company to proactively address reputational, financial, operational and IT risks against corporate objectives Delivers a central management system for: – Identifying risks – Evaluating their likelihood and impact – Relates them to mitigating controls – Tracks resolution Pre-built risk assessments can be leveraged or created to deliver targeted risk assessments within a particular environment Management of risk treatment processes is built in – Allows management of the full risk management lifecycle Return

31 31© Copyright 2011 EMC Corporation. All rights reserved. Compliance Management Solution Provides a centralized, access-controlled environment for: – Automating enterprise compliance processes – Assessing deficiencies – Managing remediation efforts Allows an organization to: – Document process and technical controls – Link controls to authoritative sources – Perform risk-based scoping – Execute design and operating tests – Respond to identified gaps Assessment results and remediation activities can be reported to senior management and regulators – Real-time status dashboards – Results dashboards Return

32 32© Copyright 2011 EMC Corporation. All rights reserved. Enterprise Management Solution Provides a central repository of information on an organization’s business hierarchy and operational infrastructure Allows an aggregate view of organizational divisions Determines the criticality of supporting technologies Uses information in the context of eGRC processes Risk and compliance stature for products, services and business processes can be: – Tracked – Associated with devices, applications, and information that support them – Related to technologies and facilities where they reside GRC activities can be reported at the company, division and business-unit levels Return

33 33© Copyright 2011 EMC Corporation. All rights reserved. Incident Management Solution Centralizes and streamlines case management lifecycle for cyber and physical incidents and ethics violations Allows the capture of organizational events that may escalate into incidents Evaluates incident criticality Assigns response team members based on business impact and regulatory requirements. Response procedures can be consolidated, investigations managed, and reports created on: – Trends – Losses – Recovery efforts – Related incidents Return

34 34© Copyright 2011 EMC Corporation. All rights reserved. Vendor Management Solution Enables the automation and streamlining of ongoing oversight of vendor relationships Facilitates three key activities as part of an effective vendor management process: – Risk-based vendor selection – Relationship management – Compliance monitoring Return

35 35© Copyright 2011 EMC Corporation. All rights reserved. Threat Management Solution Provides a consolidated repository of threat data Provides clear reporting of activities related to threat remediation Offers a consistent and repeatable threat management process for an organization Threat Management can: – Document geopolitical threats – Consolidate vulnerability, malicious code and patch information from security intelligence providers – Capture vulnerability results from scan technologies into one consistent threat management system Return

36 36© Copyright 2011 EMC Corporation. All rights reserved. Business Continuity Management Solution Provides a centralized, automated approach to business continuity and disaster recovery planning Allows swift response in crisis situations to protect ongoing operations Combines business continuity, disaster recovery and crisis management into a single management system. Helps an organization: – Assess criticality – Develop plans – Utilize automated workflow Plan execution and communication can be managed in crisis situations Return

37 37© Copyright 2011 EMC Corporation. All rights reserved. Audit Management Solution Allows control of the complete audit lifecycle Enables improved governance of ongoing audit-related activities, data and processes without the limitations of manual or stand- alone solutions Aligned with the Institute of Internal Auditors (IIA) standards Provides an aggregate view of an audit program – including: – Planning – Scheduling – Risk-based prioritization – Staffing – Management of audit procedures – Tracking remediation efforts Return

Download ppt "1© Copyright 2011 EMC Corporation. All rights reserved. RSA Education Services RSA SecurWorld GRC: Product and Technology SE Associate Security Management."

Similar presentations

Module N° 4 – ICAO SSP framework

Module N° 4 – ICAO SSP framework
DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.

DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.
LYDIA HARKEY EIR ACCESSIBILITY OFFICER TEXAS A&M UNIVERSITY COMMERCE FALL 2014 1 Implementing Accessibility Strategically at Your Organization.

LYDIA HARKEY EIR ACCESSIBILITY OFFICER TEXAS A&M UNIVERSITY COMMERCE FALL Implementing Accessibility Strategically at Your Organization.
HP Quality Center Overview.

HP Quality Center Overview.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Misys Treasury & Capital Markets

Misys Treasury & Capital Markets
Distributed Capture within a Microsoft Environment.

Distributed Capture within a Microsoft Environment.
SERVING CORPORATES AND INDIVIDUALS ©2012 BUSINESS REPORTING MANAGEMENT SERVICES, INC WELCOME.

SERVING CORPORATES AND INDIVIDUALS ©2012 BUSINESS REPORTING MANAGEMENT SERVICES, INC WELCOME.
Validata Release Coordinator Accelerated application delivery through automated end-to-end release management.

Validata Release Coordinator Accelerated application delivery through automated end-to-end release management.
The Business Value of CA Solutions Ovidiu VALEANU Senior Consultant DNA Software – CA Regional Representative.

The Business Value of CA Solutions Ovidiu VALEANU Senior Consultant DNA Software – CA Regional Representative.
Experience, Technology and Focus in Mid Market CRM Soffront Asset management: An Overview.

Experience, Technology and Focus in Mid Market CRM Soffront Asset management: An Overview.
Sarbanes-Oxley Compliance Process Automation

Sarbanes-Oxley Compliance Process Automation
Security Controls – What Works

Security Controls – What Works
© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE www.visible.com Holistic View of the Enterprise Business Development Operations.

© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE Holistic View of the Enterprise Business Development Operations.
© 2006 IBM Corporation IBM Software Group Relevance of Service Orientated Architecture to an Academic Infrastructure Gareth Greenwood, e-learning Evangelist,

© 2006 IBM Corporation IBM Software Group Relevance of Service Orientated Architecture to an Academic Infrastructure Gareth Greenwood, e-learning Evangelist,
Www.lumension.com © Copyright 2008 - Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.

© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.
1 Meeting the Reporting Challenges at International Paper.

1 Meeting the Reporting Challenges at International Paper.
Nu Project Management Office A web based tool to Manage Projects.

Nu Project Management Office A web based tool to Manage Projects.
Why Managers Must Understand IT Managers play a key role –Frame opportunities and threats so others can understand them –Evaluate and prioritize problems.

Why Managers Must Understand IT Managers play a key role –Frame opportunities and threats so others can understand them –Evaluate and prioritize problems.

Similar presentations

Ads by Google