The concept and definition for the First, Second and Third Line of Defense roles have been established for many years. However, the neat categorization of the lines of defense rarely cover the intermediate “First and a half” Line of Defense that operates between the First and Second Line. As a risk management service provider and a broad GRC transformation and advisory firm, CastleHill actively performs in that intermediary role for our clients. Recently, we have both been witnessing and driving an evolution of the First and a half Line of Defense responsibilities across our clients that is raising the risk identification bar and helping to reduce the noise. Though we partner with many different GRC technology providers we must drive consistency across those tools, implementations, and frameworks to achieve our required level of efficiency. To reduce the reliance on our First and a half Line of Defense and increase the effectiveness of our client’s risk frameworks, we needed to institute a change of approach to achieve the desired value and insights from the risk management processes and investments.
Let’s face it. System upgrades can be overwhelming for even the most prepared user. This is true even when that system upgrade has been planned for in detail over months of work. For companies that use RSA Archer version 5.X for their critical risk management functions, RSA has announced that support for Version 5.X is ending in December of 2017, meaning migration to RSA Archer version 6 is just around the corner.
As you prepare for your company’s migration, here are some questions you may be asking:
Topics: Platforms & Software