RSA Archer Loss Event Management

Use Case Guide

6.1 and 6.2
Contact Information
Go to the RSA corporate web site for regional Customer Support telephone and fax numbers:
https://community.rsa.com/community/rsa-customer-support.
Trademarks
RSA, the RSA Logo, RSA Archer, RSA Archer Logo, and Dell are either registered trademarks or trademarks of Dell
Corporation ("Dell") in the United States and/or other countries. All other trademarks used herein are the property of their
respective owners. For a list of RSA trademarks, go to www.emc.com/legal/emc-corporation-trademarks.htm.
License agreement
This software and the associated documentation are proprietary and confidential to Dell, are furnished under license, and may
be used and copied only in accordance with the terms of such license and with the inclusion of the copyright notice below. This
software and the documentation, and any copies thereof, may not be provided or otherwise made available to any other person.
No title to or ownership of the software or documentation or any intellectual property rights thereto is hereby transferred. Any
unauthorized use or reproduction of this software and the documentation may be subject to civil and/or criminal liability.
This software is subject to change without notice and should not be construed as a commitment by Dell.
Third-party licenses
This product may include software developed by parties other than RSA. The text of the license agreements applicable to third-
party software in this product may be viewed on RSA.com. By using this product, a user of this product agrees to be fully
bound by terms of the license agreements.
Note on encryption technologies
This product may contain encryption technology. Many countries prohibit or restrict the use, import, or export of encryption
technologies, and current use, import, and export regulations should be followed when using, importing or exporting this
product.
For secure sites, Dell recommends that the software be installed onto encrypted storage for secure operations.
For customers in high security zones, Dell recommends that a full application sanitization and reinstallation from backup occur
when sensitive or classified information is spilled.
Note on Section 508 Compliance
The RSA Archer® Suite is built on web technologies which can be used with assistive technologies, such as screen readers,
magnifiers, and contrast tools. While these tools are not yet fully supported, RSA is committed to improving the experience of
users of these technologies as part of our ongoing product road map for RSA Archer.
The RSA Archer Mobile App can be used with assistive technologies built into iOS. While there remain some gaps in support,
RSA is committed to improving the experience of users of these technologies as part of our ongoing product road map for the
RSA Archer Mobile App.
Distribution
Use, copying, and distribution of any Dell software described in this publication requires an applicable software license.
Dell believes the information in this publication is accurate as of its publication date. The information is subject to change
without notice. Use of the software described herein does not ensure compliance with any laws, rules, or regulations, including
privacy laws that apply to RSA’s customer’s businesses. Use of this software should not be a substitute for consultation with
professional advisors, including legal advisors. No contractual obligations are formed by publication of these documents.
THE INFORMATION IN THIS PUBLICATION IS PROVIDED "AS IS." DELL INC. MAKES NO REPRESENTATIONS OR
WARRANTIES OF ANY KIND WITH RESPECT TO THE INFORMATION IN THIS PUBLICATION, AND SPECIFICALLY
DISCLAIMS IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Copyright © 2010-2017 Dell Inc. or its subsidiaries. All Rights Reserved.

March 2016
RSA Archer Loss Event Management Use Case Guide

Contents

Loss Event Management Release Notes 5

What's New in Release 6.1 5

Chapter 1: Loss Event Management 6

RSA Archer Loss Event Management 6
Get started 7

Chapter 2: Loss Event Management Design 8

Architecture Diagram 8
Applications 10
Access Roles and Record Permissions 10
Dashboards 11
Advanced Workflow 12

Chapter 3: Installing Loss Event Management 14

Step 1: Prepare for the Installation 14
Step 2: Update the License Key 14
Step 3: Install the Package 15
Step 4: Perform Post-Install Cleanup 15
Step 5: Resolve Dependencies Between Packages 15
Step 6: Test the Use Case Installation 15
Installing the Loss Event Management Package 16
Step 1: Back Up Your Database 16
Step 2: Import the Package 16
Step 3: Map Objects in the Package 16
Step 4: Install the Package 19
Step 5: Review the Package Installation Log 20
Performing Post-Installation Cleanup for Loss Event Management 20
Step 1: Review and Fix Dependencies on Other Use Cases 20
Step 2: Delete Obsolete Objects 35
Step 3: Validate Formulas and Calculation Orders 35
Step 4: Verify Key Fields 36

3
RSA Archer Loss Event Management Use Case Guide

Step 5: Update Inherited Record Permissions Fields 36

Appendix A: Package Installation Log Message Examples 37

4
RSA Archer Loss Event Management Use Case Guide

Loss Event Management Release Notes

What's New in Release 6.1

The following items have been changed in the 6.1 release.

Enhancement Description

Workspaces l The Risk Assessments workspace has been deprecated.

l The Risk Management workspace has been renamed Operational

Risk Management. For a complete list of sub-solutions and dashboards in
this workspace, see the Data Dictionary.

Sub-solutions l The following new sub-solutions have been created:

l Loss Event Management

l Key Indicator Management

l Risk Catalog

l The Risk Management sub-solution has been renamed Top-Down

Assessment

l The Risk Assessments sub-solution has been renamed Bottom-Up Risk

Assessment

Dashboards l The following new persona-based dashboards have been created:

l Executive Management

l Business Unit Manager

l Risk Manager

l Data Quality Administration

Applications The Risk Register and Risk Hierarchy Solutions have been added to the Risk
Catalog sub-solution.

Loss Event Management Release Notes 5

RSA Archer Loss Event Management Use Case Guide

Chapter 1: Loss Event Management

Understanding and managing loss events is essential to an effective operational risk management
program. Many organizations today have impaired visibility into the frequency, amount, type and
source of loss events. This is frequently due to lack of complete or comprehensive lists of loss
events, lack of accountability for management of loss events, and inadequate root cause analysis.
These organizations are not fully aware of their actual losses, nor are they aware of near misses or
losses being incurred by others in their industry that may warn of the organization’s own future
losses. Lack of accountability promotes a less effective risk management culture, and these
organizations typically suffer from a higher frequency and amount of loss events due to poor loss
event analysis and remediation.

RSA Archer Loss Event Management

RSA Archer Loss Event Management allows organizations to capture and inventory actual loss
events and near misses, as well as relevant external industry-related loss events. Coupled with
adjacent applications, loss event root cause analysis can be performed to understand why the loss
occurred and take appropriate actions to reduce the likelihood and impact of similar losses occurring
in the future. Loss events can be evaluated as part of top-down risk assessments and risk self-
assessments, if those are utilized. Loss events can also be exported to perform Monte Carlo
simulations of operational risk using external Monte Carlo engines, such as Palisade @Risk.

Key Features
l Consolidated loss event catalog including actual losses, near misses, and calibrated external loss
events

l Assignment of loss events by business unit and named individuals

l Root cause analysis

l Review and approval of loss events by key stakeholders

l Visibility into aggregate losses by type, source, and area of ownership

l Ability to drill into specific loss events for greater detail

l Consolidated list of remediation plans to reduce likelihood and impact of similar future loss events

l Loss events can be correlated to risk and control procedure registers used to inform risk
assessments and Monte Carlo simulations, if those use cases are employed

Key Benefits
Loss Event Management provides:

Chapter 1: Loss Event Management 6

RSA Archer Loss Event Management Use Case Guide

l Consolidated view of loss events by frequency amount, type, source, and owner

l Clear understanding of the cause of loss events and the actions being taken to remediate problems
that led to the loss event including whether remediation plans are being executed on time, as
planned

l Reduced frequency and number of loss events

l Greater engagement of business unit managers in the management of losses

Get started
l Learn more about the use case design

l Install and set up the use case

Chapter 1: Loss Event Management 7

RSA Archer Loss Event Management Use Case Guide

Chapter 2: Loss Event Management Design

This topic contains high-level use case design information.

Architecture Diagram
The following diagram shows the relationships between the applications in the Loss Event
Management use case.

Chapter 2: Loss Event Management Design 8

RSA Archer Loss Event Management Use Case Guide

Chapter 2: Loss Event Management Design 9

 RSA Archer Loss Event Management Use Case Guide

Note:
1. Feeds that create Metrics from a metric library (either the Business Process or Risk Register) do
not also create Risk Register records from the associated Risk Library records.

2. Business Asset Catalog objects and their associated assessments are not automatically scoped
into Risk Project and must each be scoped in manually.
Ap p lic a tio n s

Applications

Application Description

Contacts The Contacts application serves as a central repository for contact information, is
utilized across multiple areas of RSA Archer, and contains information that is
often leveraged by other use cases. Updates to a profile record within this
application automatically propagate in any records where that contact information
is displayed.

Loss Events The Loss Events application allows you to respond to internal exposures and
external events that present a financial risk to your organization. You can
document, classify, and manage actual losses, near misses, and external
comparable loss events if tracked by the organization and loss classification,
capture event impacts, and perform root cause analyses and remedial activities.
You can also relate loss events to statements of potential risk in the Risk Register
to quantify the likelihood and impact of a risk.

Ac c e s s r o le s a n d r e c o r d p e r mis s io n s

Access Roles and Record Permissions

The use case provides the following access roles and rights.

Access Role Description

RM: Admin This role serves as the administrator for the use case. (Risk Manager, Risk
Manager Specialist)

RM: Executives This role provides the appropriate access levels within the use case to the
executives team (CFO, CEO, Controller).

RM: Manager This role provides create, read, and update access to management stakeholders
within the use case.

RM: Owner This role provides create, read, and update access to business process owners
within the use case.

RM: Read Only This role provides read-only access for the use case.

Chapter 2: Loss Event Management Design 10

 RSA Archer Loss Event Management Use Case Guide

Note: For detailed, page-level access rights, see the Data Dictionary.

The following are specific roles (fields) within the Loss Event Management applications. These
fields may correspond to different members of the team depending on the actual nature of the
policies or standards. As part of the implementation process, these roles should be designated.

Role Description

Business Unit Can be used to create loss events records and to accept or reject
Manager assessments.

Business Unit Can be used to create loss events records.

Coordinator

Risk Manager Can be used to review and update loss events records or to reassign them to
a Risk Specialist.

Risk Specialist Can be used to review and update loss events records.

Controller Can be used to review, sign-off on, or reject loss events records that have
exceeded thresholds.

CFO Can be used to review, sign-off on, or reject loss events records that have
exceeded thresholds.

CEO Can be used to review, sign-off on, or reject loss events records that have
exceeded thresholds.
Da s h b o a r d s

Dashboards
The use case provides the following dashboards.

Dashboard Description

Business This persona-based dashboard is used by Business Unit Managers and Business
Unit Unit Coordinators to create new loss events, unapproved loss events, and loss
Manager events requiring executive review or sign-off.

Executive This persona-based dashboard is used by Controllers, CFOs, and CEOs to track
Management risk exposure and review loss events that require executive sign-off.

Risk This persona-based dashboard is used by Risk Managers and Risk Specialists to
Manager view loss events awaiting review.

Chapter 2: Loss Event Management Design 11

 RSA Archer Loss Event Management Use Case Guide

Ad v a n c e d Wo r k flo w

Advanced Workflow
The following advanced workflow is applied to all loss events in the use case.

Step 1: Initial Loss Entry

The Business Unit Manager or Business Unit Coordinator first creates a loss events record
corresponding to the losses that have occurred for the company. The loss events record is then
enrolled in advanced workflow, and is assigned to the Risk Manager. The risk manager receives a
notification, and the record progresses to the Review Stage.

Step 2: Review Stage

The Risk Manager reviews and updates the loss event record. The Risk Manager provides Root
Cause Analysis and ties the loss to an existing Risk. If the Risk Manager needs additional
information, he can reassign the record to a Risk Specialist. The Risk Specialist then updates the
record with the data required. Once all of the data is entered by the Risk Manager or the Risk
Specialist, the record is reassigned to the Business Unit Manager. The Business Unit Manager can
then accept or reject the assessment. Once the assessment has been accepted, the record advances
to step 3: the Check Threshold Stage.

Step 3: Check Threshold Stage

The assessment is checked against the threshold numbers for the Controller, the CFO, and the CEO
in that order. The threshold numbers for the Controller are set in the Business Unit record. The
threshold numbers for the CFO and CEO are set in the Company record. If the loss amount exceeds
any of the thresholds set for those three personas, notifications are sent to the appropriate personas.
If no thresholds were exceeded, the advanced workflow is complete, and the record exits the
advanced workflow. If any of the thresholds were exceeded, the record progresses to step 4: the
Threshold Review Stage.

Chapter 2: Loss Event Management Design 12

RSA Archer Loss Event Management Use Case Guide

Step 4: Threshold Review Stage

In the Threshold Review Stage, the Controller, CFO, and CEO must review the record if the
thresholds are exceeded. When the initial threshold is exceeded, the Controller must sign-off on the
assessment. When the medium threshold is exceeded, both the Controller and the CFO must sign-off
on the assessment. If the highest threshold is exceeded, the Controller, CFO, and CEO must sign-off
on the assessment.
Any of these three personas can accept or reject the assessment that the Business Unit Manager
submitted. If anyone rejects the assessment, the record is sent back to the Threshold Review Stage,
and the Business Unit Manager must update the record again. Once all of the appropriate personas
have signed-off on the assessment, the record exits the advanced workflow.

Chapter 2: Loss Event Management Design 13

 RSA Archer Loss Event Management Use Case Guide

Chapter 3: Installing Loss Event Management

Ste p 1 :P r e p a r e fo r th e in s ta la tio n

Step 1: Prepare for the Installation

1. Ensure that your RSA Archer system meets the following requirements:
l RSA Archer Platform version 6.1 or later.

l Valid license for Loss Event Management version 6.1 or later.

l You have already installed the following use case: Issues Management.

l User account on RSA Link to download the use case files.

2. Download the RSA_Archer_Loss_Event_Management_6_2.zip file from the Archer

Customer/Partner Community on RSA Link on the RSA Archer Solutions and Use Cases page
(https://community.rsa.com/community/products/archer-grc/archer-customer-partner-
community/solutions).

3. Obtain the Data Dictionary for the use case by contacting your RSA Archer Account
Representative or calling 1-888-539-EGRC. The Data Dictionary contains the configuration
information for the use case.

4. Read and understand the Packaging Data section of the RSA Archer Online Documentation.

5. Review the Release Notes to understand any known issues before installing and configuring the
solution.
Ste p 2 :Up d a te th e lic e n s e k e y

Step 2: Update the License Key

You must update the license key if you are installing a new application, questionnaire, workspace, or
dashboard.

Note: All customers who are upgrading from version 6.0 or earlier are required to get a new license
key for 6.1 or later. Ensure that you are using a valid 6.1 or later license key prior to installing
packages.

The administrator (a web or database administrator) on the server on which the Archer Control
Panel resides must update the license key in the Archer Control Panel before the application
package is imported in order for the new items to be available for use.
1. Open the RSA Archer Control Panel.

2. From the Instance Management list, click to expand the Instances list.

Chapter 3: Installing Loss Event Management 14

 RSA Archer Loss Event Management Use Case Guide

3. Right-click the instance that you want to update, and click Update License Key.

4. Update the applicable information: Serial Number, Contact Info, and Activation Method.

5. Click Activate.

Important: If you do not update your license key to 6.1 or later prior to installing the package, you
will not be able to access workspaces, dashboards and applications.

Ste p 3 :In s ta lth e p a c k a g e

Step 3: Install the Package

Installing a package requires that you import the package file, map the objects in the package to
objects in the target instance, and then install the package. See Installing The Loss Events
Management Package.
Ste p 4 :P e r fo r mp o s t-in s ta lc le a n u p

Step 4: Perform Post-Install Cleanup

The package installation does not update some attributes of objects, or delete obsolete objects that
are not included in the current solution. RSA recommends that you compare the objects in your
database with the information in the Data Dictionary to determine which objects are obsolete or
have been updated. See Performing Post-Installation Cleanup for Loss Event Management.
Ste p 5 :Re s o lv e d e p e n d e n c ie s b e twe e n p a c k a g e s

Step 5: Resolve Dependencies Between Packages

After completing the initial installation, you must re-install the use case package and any applicable
prerequisite use case packages to resolve any dependencies.
1. Install the Issues Management package file. See the RSA Archer Issues Management Use Case
Guide.

2. Install the Loss Event Management package file.

Ste p 6 :T e s th e u s e c a s e in s ta la tio n

Step 6: Test the Use Case Installation

Test the use case according to your company standards and procedures, to ensure that the use case
works with your existing processes.

Chapter 3: Installing Loss Event Management 15

 RSA Archer Loss Event Management Use Case Guide

Installing the Loss Event Management Package

Ste p 1 :Ba c k u p y o u r d a ta b a s e

Step 1: Back Up Your Database

There is no Undo function for a package installation. Packaging is a powerful feature that can make
significant changes to an instance. RSA strongly recommends backing up the instance database
before installing a package. This process enables a full restoration if necessary.
An alternate method for undoing a package installation is to create a package of the affected objects
in the target instance before installing the new package. This package provides a snapshot of the
instance before the new package is installed, which can be used to help undo the changes made by
the package installation. New objects created by the package installation must be manually deleted.
Ste p 2 :Imp o r th e p a c k a g e

Step 2: Import the Package

1. Go to the Install Packages page.

a. From the menu bar, click .

b. Under Application Builder, click Install Packages.

2. In the Available Packages section, click Import.

3. Click Add New, then locate and select the package file that you want to import.

4. Click OK.
The package file is displayed in the Available Packages section and is ready for installation.

Ste p 3 :Ma p o b je c ts in th e p a c k a g e

Step 3: Map Objects in the Package

1. In the Available Packages section, select the package you want to map.

2. In the Actions column, click for that package.

The analyzer runs and examines the information in the package. The analyzer automatically
matches the system IDs of the objects in the package with the objects in the target instances and
identifies objects from the package that are successfully mapped to objects in the target instance,
objects that are new or exist but are not mapped, and objects that do not exist (the object is in the
target but not in the source).

Chapter 3: Installing Loss Event Management 16

RSA Archer Loss Event Management Use Case Guide

Note: This process can take several minutes or more, especially if the package is large, and may
time out after 60 minutes. This time-out setting temporarily overrides any IIS time-out settings
set to less than 60 minutes.

When the analyzer is complete, the Advanced Package Mapping page lists the objects in the
package file and corresponding objects in the target instance. The objects are divided into tabs,
depending on whether they are found within Applications, Solutions, Access Roles, Groups, Sub-
forms, or Questionnaires.

3. On each tab of the Advanced Mapping Page, review the icons that are displayed next to each
object name to determine which objects require you to map them manually.

Icon Name Description

Awaiting Indicates that the system could not automatically match the object or
Mapping children of the object to a corresponding object in the target instance.
Review Objects marked with this symbol must be mapped manually through the
mapping process.
Important: New objects should not be mapped. This icon should remain
visible. The mapping process can proceed without mapping all the objects.

Note: You can execute the mapping process without mapping all the

objects. The icon is for informational purposes only.

Mapping Indicates that the object and all child objects are mapped to an object in
Completed the target instance. Nothing more needs to be done with these objects in
Advanced Package Mapping.

Do Not Indicates that the object does not exist in the target instance or the object
Map was not mapped through the Do Not Map option. These objects will not be
mapped through Advanced Package Mapping, and must be remedied
manually.

Undo Indicates that a mapped object can be unmapped. This icon is displayed in
the Actions column of a mapped object or object flagged as Do Not Map.

4. For each object that requires remediation, do one of the following:

l To map each item individually, on the Target column, select the object in the target instance
to which you want to map the source object. If an object is new or if you do not want to map
an object, select Do Not Map from the drop-down list.

Chapter 3: Installing Loss Event Management 17

RSA Archer Loss Event Management Use Case Guide

Important: Ensure that you map all objects to their lowest level. When objects have child or
related objects, a drill-down link is provided on the parent object. Child objects must be
mapped before parent objects are mapped. For more details, see "Mapping Parent/Child
Objects" in the RSA Archer Online Documentation.

l To map all objects in a tab automatically that have different system IDs but the same object
name as an object in the target instance, do the following:

a. In the toolbar, click Auto Map.

b. Select an option for mapping objects by name.

Option Description

Ignore Select this option to match objects with similar names regardless of the case
case of the characters in the object names.

Ignore Select this option to match objects with similar names regardless of whether
spaces spaces exist in the object names.

c. Click OK.
The Confirmation dialog box opens with the total number of mappings performed. These
mappings have not been committed to the database yet and can be modified in the
Advanced Package Mapping page.

d. Click OK.

l To set all objects in the tab to Do Not Map, in the toolbar, click Do Not Map.

Note: To undo the mapping settings for any individual object, click in the Actions column.

When all objects are mapped, the icon is displayed in the tab title. The icon is displayed
next to the object to indicate that the object will not be mapped.

5. Verify that all other objects are mapped correctly.

6. (Optional) To save your mapping settings so that you can resume working later, see "Exporting
and Importing Mapping Settings" in the RSA Archer Online Documentation.

7. Once you have reviewed and mapped all objects, click .

8. Select I understand the implications of performing this operation, and then click OK.
The Advanced Package Mapping process updates the system IDs of the objects in the target
instance as defined on the Advanced Package Mapping page. When the mapping is complete, the
Import and Install Packages page is displayed.

Chapter 3: Installing Loss Event Management 18

 RSA Archer Loss Event Management Use Case Guide

Important: Advanced Package Mapping modifies the system IDs in the target instance. Any
Data Feeds and Web Service APIs that use these objects will need to be updated with the new
system IDs.

Ste p 4 :In s ta lth e p a c k a g e

Step 4: Install the Package

All objects from the source instance are installed in the target instance unless the object cannot be
found or is flagged to not be installed in the target instance. A list of conditions that may cause
objects not to be installed is provided in the Log Messages section. A log entry is displayed in the
Package Installation Log section.
1. Go to the Install Packages page.

a. From the menu bar, click .

b. Under Application Builder, click Install Packages.

2. In the Available Packages section, locate the package file that you want to install, and click
Install.

3. In the Configuration section, select the components of the package that you want to install.

l To select all components, select the top-level checkbox.

l To install only specific global reports in an already installed application, select the checkbox
associated with each report that you want to install.

Note: Items in the package that do not match an existing item in the target instance are selected
by default.

4. In the Configuration section, under Install Method, select an option for each selected component.
To use the same Install Method for all selected components, select a method from the top-level
drop-down list.

Note: If you have any existing components that you do not want to modify, select Create New
Only. You may have to modify those components after installing the package to use the changes
made by the package.

5. In the Configuration section, under Install Option, select an option for each selected component.
To use the same Install Option for all selected components, select an option from the top-level
drop-down list.

Chapter 3: Installing Loss Event Management 19

 RSA Archer Loss Event Management Use Case Guide

Note: If you have any custom fields or formatting in a component that you do not want to lose,
select Do not Override Layout. You may have to modify the layout after installing the package to
use the changes made by the package.

6. To deactivate target fields and data-driven events that are not in the package, in the Post-
Install Actions section, select the Deactivate target fields and data-driven events that are not in
the package checkbox. To rename the deactivated target fields and data-driven events with a
user-defined prefix, select the Apply a prefix to all deactivated objects checkbox, and enter a
prefix. This can help you identify any fields or data-driven events that you may want to review
for cleanup post-install.

7. Click Install.

8. Click OK.
Ste p 5 :Re v ie wth e p a c k a g e in s ta la tio n lo g

Step 5: Review the Package Installation Log

1. Go to the Package Installation Log tab of the Install Packages page.

a. From the menu bar, click .

b. Under Application Builder, click Install Packages.

c. Click the Package Installation Log tab.

2. Click the package that you want to view.

3. In the Package Installation Log page, in the Object Details section, click View All Warnings.
For a list of packaging installation log messages and remediation information for common
messages, see Package Installation Log Messages.

Performing Post-Installation Cleanup for Loss Event Management

Step 1: Review and Fix Dependencies on Other Use Cases

After you have installed the use case, certain items may not appear or function as designed because
they are dependent on use cases that you have not licensed. For example, a calculated field that
references an application outside of this use case will not validate unless you have also licensed
another use case that contains that application. The following sections list the most common
dependencies and provide steps to resolve the dependencies. In each section, the Related Use Case

Chapter 3: Installing Loss Event Management 20

RSA Archer Loss Event Management Use Case Guide

column lists the use case(s) that you may or may not have licensed. If you have licensed any of the
listed use cases, you can skip that row. If you have not licensed any of the listed use cases, then the
dependencies apply to your installation and you may want to resolve them.

Note: Resolving these dependencies is not required. You may opt to skip this step, but leaving these
fields as they are may cause confusion or generate calculation errors.

Review the following sections and resolve any dependencies that apply to your installation. You only
need to resolve any dependencies that apply to use cases you have not licensed.

Business Unit application

Related Use Case Dependency Resolution

Audit Planning The following reference fields are not available: No action
needed.
l Audit Engagement

l Audit Entity

BC/DR Planning The Activated Plans reference field is not No action

available: needed.

Bottom-Up Risk The following reference fields are not available: No action
Assessment needed.
l Red Flag Rules Assessment

l Risk Project

Controls Assurance The following calculated fields do not validate: Drag off layout
Program Management / delete.
l % of Non-Compliant Controls

l Compliance Rating

l Count of Non-Compliant Controls

Chapter 3: Installing Loss Event Management 21

RSA Archer Loss Event Management Use Case Guide

Related Use Case Dependency Resolution

Controls Monitoring The following calculated fields do not validate: Drag off layout
Program Management / delete.
l Corporate Objectives

l Current Financial Certification Status

l Last Quarterly Certification Date

l Last Quarterly Certification Quarter

l Last Quarterly Certification Year

l Quarterly Financial Certifications

Enterprise Management The following calculated fields do not validate: Drag off layout
/ delete.
l Total Applications

l Total Devices

l Total Facilities

l Total Information Assets

l Total Processes

l Total Products & Services

Chapter 3: Installing Loss Event Management 22

RSA Archer Loss Event Management Use Case Guide

Related Use Case Dependency Resolution

Key Indicator Management The following calculated fields do not validate: Drag off layout
/ delete.
l Average % of Failed KRIs

l Average Risk Level Status

l Calculated Risk

l Count of Warning Indicators

l Key Indicator

l KRI Tolerance Status

l Maximum % of Failed KRIs

l Maximum Calculated Risk Level

l Maximum Risk Level Status

l Metrics Library

l Operational Risk Value

l Risk Warning Level

l Warning Indicator

Incident Management The following reference fields are not available: No action
needed.
l Incident

l Investigations

IT Risk Management The Threat Project (Business Unit) calculated Drag off layout
field does not validate. / delete.

IT Security Vulnerabilities The following reference fields are not available: No action
Program needed.
l Vulnerability Trending (Business Unit)

l Vulnerability Scans

l Vulnerability Scan Results

Chapter 3: Installing Loss Event Management 23

RSA Archer Loss Event Management Use Case Guide

Related Use Case Dependency Resolution

Operational Risk The following reference fields are not available: No action
Management needed.
l Assessment Campaign

l Assessment Campaign (Previously Processed

Business Units)

l Business Process Assessment Data

l Self-Assessment History

Operational Risk The following calculated fields do not validate: Drag off layout
Management / delete.
l Currently Included in Open Assessment

l Last Full Assessment Date

Policy Program The Corporate Objectives reference field is not No action

Management available. needed.

Security Incident The following reference fields are not available: No action
Management needed.
l Incident Investigations

l Security Incidents (Affected Business Unit)

Security Operations The Data Breach (Business Unit(s) Impacted) No action

& Breach Management reference field is not available. needed.

Third Party Risk The Engagements reference field is not available. No action
Management needed.

Chapter 3: Installing Loss Event Management 24

RSA Archer Loss Event Management Use Case Guide

Related Use Case Dependency Resolution

Top-Down Risk The following calculated fields do no validate: Drag off layout
Assessment / delete.
l Count of Controls

l Heat Map

l Inherent Risk

l Inherent Risk Value

l Maximum Inherent Risk Level

l Maximum Residual Risk Level

l Residual Risk

l Residual Risk Value

l Risk Register Library

l Risk Response Overview

l Risk Scorecard

Multiple The following reference fields are not available: No action

needed.
l Applications

l Business Processes

l Contacts

l Control Procedures

l Devices

l Facilities

l Metrics

l Products and Services

l Information

Chapter 3: Installing Loss Event Management 25

RSA Archer Loss Event Management Use Case Guide

Company application

Related Use Case Dependency Resolution

Controls Assurance Program The following calculated fields do not Drag off layout /
Management validate: delete.
l % of Non-Compliant Controls

l Compliance Rating

l Count of Non-Compliant Controls

Controls Monitoring Program The following calculated fields do not Drag off layout /
Management validate: delete.
l % or Certified Divisions

l Count of Certified Divisions

l Current Financial Certification

Status

l Last Quarterly Certification Date

l Last Quarterly Certification Quarter

l Last Quarterly Certification Year

l Overall Financial Certification

Status

l Subsidiary Financial Certification

Status

Chapter 3: Installing Loss Event Management 26

RSA Archer Loss Event Management Use Case Guide

Related Use Case Dependency Resolution

Enterprise Management The following calculated fields do not Drag off layout /
validate: delete.
l Total Applications

l Total Devices

l Total Facilities

l Total Information Assets

l Total Processes

l Total Products & Services

Key Indicator Management The following calculated fields do not Drag off layout /
validate: delete.
l Calculated Residual Risk

l Operational Risk Value

Top-Down Risk Assessment The following calculated fields do not Drag off layout /
validate: delete.
l Count of Controls

l Inherent Risk

l Inherent Risk Value

l Residual Risk

l Residual Risk Value

Chapter 3: Installing Loss Event Management 27

RSA Archer Loss Event Management Use Case Guide

Contacts application

Related Use Case Dependency Resolution

Audit Planning The following reference fields are not No action

available: needed.
l Base Availability

l Degrees and Certifications

l Expense Reports

l Training Courses

Chapter 3: Installing Loss Event Management 28

RSA Archer Loss Event Management Use Case Guide

Related Use Case Dependency Resolution

BC/DR Planning The following reference fields are not No action

available: needed.
l Activated Plans (Recovery Team)

l Applications (Application Support)

l Business Continuity Plans (BCP Team

Members)

l Business Continuity Plans (External

Contacts)

l Business Continuity Plans (Plan Declaration

Authority)

l Devices (Alternate Administrator)

l Emergency Notifications (Call Initiator)

l Emergency Notifications (Call Recipient)

l Facilities (Key Personnel)

l Product/Service Contact

l Roles and Responsibilities (Primary Lead)

l Roles and Responsibilities (Secondary

Contact)

l Roles and Responsibilities (Tertiary

Contact)

l Storage Devices (Contacts)

Chapter 3: Installing Loss Event Management 29

RSA Archer Loss Event Management Use Case Guide

Related Use Case Dependency Resolution

Business Impact Analysis The following reference fields are not No action
available: needed.
l BIA (Audit Participant)

l BIA (Finance Participant)

l BIA (IT Participant)

l BIA (Process Owner)

l BIA (Real Estate Participant)

l BIA (Regulatory Participant)

l Business Processes (Business Process

Participants)

Bottom-Up Risk Assessment The Risk Project (Participant) reference field No action
is not available. needed.

Security Incident Management The following reference fields are not No action
available: needed.
l Security Alerts (Related Contact)

l Storage Devices (Contacts)

Chapter 3: Installing Loss Event Management 30

RSA Archer Loss Event Management Use Case Guide

Related Use Case Dependency Resolution

Security Operations & Breach The following reference fields are not No action
Management available: needed.
l BIA (Audit Participant)

l BIA (Finance Participant)

l BIA (IT Participant)

l BIA (Process Owner)

l BIA (Real Estate Participant)

l BIA (Regulatory Participant)

l Business Processes (Business Process

Participants)

l Degrees and Certifications

l Emergency Notifications (Call Initiator)

l Emergency Notifications (Call Recipient)

l Team Membership

l Training Courses

Third Party Catalog The Third Party Profile reference field is not No action
available. needed.

Division application

Related Use Case Dependency Resolution

Controls Assurance Program The following calculated fields do not Drag off layout /
Management validate: delete.
l % of Non-Compliant Controls

l Compliance Rating

l Count of Non-Compliant Controls

Chapter 3: Installing Loss Event Management 31

RSA Archer Loss Event Management Use Case Guide

Related Use Case Dependency Resolution

Controls Monitoring Program The following calculated fields do not Drag off layout /
Management validate: delete.
l % of Certified Business Units

l Current Financial Certification

Status

l Count of Certified Business Units

l Last Quarterly Certification Date

l Last Quarterly Certification Quarter

l Last Quarterly Certification Year

l Overall Financial Certification

Status

l Products and Services

l Quarterly Financial Certifications

l Subsidiary Financial Certification

Status

Enterprise Management The following calculated fields do not Drag off layout /
validate: delete.
l Total Applications

l Total Devices

l Total Facilities

l Total Information Assets

l Total Products & Services

l Total Processes

Chapter 3: Installing Loss Event Management 32

RSA Archer Loss Event Management Use Case Guide

Related Use Case Dependency Resolution

Key Indicator Management The following calculated fields do not Drag off layout /
validate: delete.
l Average Risk Level Status

l Business Unit Scorecard (Averages)

l Business Unit Scorecard

(Maximums)

l Count of Warning Indicators

l Maximum Calculated Risk Level

l Maximum Risk Level Status

l Operational Risk Value

l Risk Warning Level

Top-Down Risk Assessment The following calculated fields do not Drag off layout /
validate: delete.
l Count of Controls

l Inherent Risk

l Inherent Risk Value

l Maximum Inherent Risk Value

l Maximum Residual Risk Value

l Residual Risk

l Residual Risk Value'

Chapter 3: Installing Loss Event Management 33

RSA Archer Loss Event Management Use Case Guide

Loss Events application

Related Use
Dependency Resolution
Case

Bottom-Up Risk The following reference fields are not available: No action
Assessment needed.
l Facility Risk Assessments

l Risk Staging

Incident The Related Incidents reference field is not available. No action

Management needed.

IT Risk The following reference fields are not available: No action

Management needed.
l Application Risk Assessments

l Associated Business Process(es)

l Associated Risks

l Device Risk Assessments

l Failed Control Procedures

l Information Asset Risk Assessment

Multiple The Associated Business Processes reference field is not No action

available. needed.

Operational Risk The Set Read Only page has layout discrepancies, and the No action
Management following reference fields are not available: needed.
l Insurance

l Applicable Insurance Policy

l Losses Associated with Policy Coverage

Policy Program The Violated Policies reference field is not available. No action
Management needed.

Crisis The Related Crisis Events reference field is not available. No action
Management needed.

Chapter 3: Installing Loss Event Management 34

 RSA Archer Loss Event Management Use Case Guide

Related Use
Dependency Resolution
Case

Third Party The Associated Engagements reference field is not available. No action
needed.

Ste p 2 :De le te o b s o le te o b je c ts

Step 2: Delete Obsolete Objects

Packaging does not delete obsolete objects. RSA recommends that you delete these objects because
they may affect how the applications function. For the following examples, follow these guidelines:
l If you select Override Layout when you install the package, the package installation process
removes old fields from the layout, if those fields do not also exist on the Source Package layout.
All fields removed from the layout are in the Available Fields list.

l Evaluate your need for certain data driven events (DDE), pre-existing rules, and actions that were
not updated through Packaging. Delete any obsolete rules and actions.

l Verify the DDE and calculation order and update it if necessary.

l Evaluate pre-existing notifications and reports that Packaging did not update. Delete obsolete
notifications and reports.

To ensure that all obsolete objects are deleted, compare the Data Dictionary to your environment.
For more information about objects, see "Packaging" in the RSA Archer Online Documentation.
Ste p 3 :V a lid a te fo r mu la s a n d c a lc u la tio n o r d e r s

Step 3: Validate Formulas and Calculation Orders

Follow these guidelines on validating formulas and calculation orders:
l The packaging process logs an error if a formula does not validate. This error may be caused by a
formula that references applications or fields that do not exist in the instance and were not part of
the package (for example, fields in applications that are part of a different use case). Review
those fields to determine if they are needed.
o If a field is needed, modify the formula to remove references to applications or fields that do
not exist in your instance. Fields that do not exist in your instance are identified with an
exclamation mark.

Chapter 3: Installing Loss Event Management 35

 RSA Archer Loss Event Management Use Case Guide

o If a field is not needed, delete the field or remove it from the layout. If the field is not deleted,
removing the formula prevents errors from being written in the log files when records are
saved.

l Verify the order of calculations for each application and sub-form in the use case. See the Data
Dictionary for calculation orders for each individual application or sub-form.

l Update the order of calculations as needed for each application and subform in the use case.

For more information about deleting objects, see "Deleting Fields" in the RSA Archer Online
Documentation.
Ste p 4 :V e r ify k e y fie ld s

Step 4: Verify Key Fields

Packaging does not change key fields. To verify the key fields in each application, see the Data
Dictionary.
Ste p 5 :Up d a te in h e r ite d r e c o r d p e r mis s io n s fie ld s

Step 5: Update Inherited Record Permissions Fields

Packaging does not remove inherited record permissions fields or user/groups populated in a record
permissions field. To verify the record permissions fields in each application, see the Data
Dictionary.

Chapter 3: Installing Loss Event Management 36

RSA Archer Loss Event Management Use Case Guide

Appendix A: Package Installation Log Message

Examples
When you install a use case package, certain error messages are expected, depending on which
other use cases you have licensed in your system. The following sections describe some of the most
common error messages that you may see. You may use these as guidelines, but you should review
your package installation log and determine any actions you need to take.
For information on the dependencies for each solution, see the Data Dictionary.

Object
Message Explanation Remediation
Type

Alias Object Name This message is an informational warning This message is only
Alias was indicating that the Alias was updated on the potentially an issue if
changed from object. There are two reasons for an alias in the change occurs on
Original Alias the Target Instance to have been updated: a field that is utilized
to New Alias. in a Mail Merge
l Update was in the Source Package.
Template or Data
l Alias has to be unique in the Target Publication Service.
Instance. If the alias already exists in In that scenario,
update the DPS or the
Target, packaging adds a unique
mail merge template
identifier to the end. with the new alias.

Field Field Name in This message is an informational warning Change the field to
the notifying you that packaging does not public manually
application change a private field in the target instance (optional).
Application to a public field.
Name cannot
be changed
from a private
field to a
public field.

Appendix A: Package Installation Log Message Examples 37

RSA Archer Loss Event Management Use Case Guide

Object
Message Explanation Remediation
Type

Field Field Field This message is seen when a cross- If the use case is not
Name could reference or related record field could not licensed, no action is
not be saved be created because the related application necessary.
due to does not exist in the target instance. This
inability to message usually occurs because the field is Note: If you later
identify the part of a related use case that is not license a use case
related licensed or has not been updated in the that contains that
module. target instance. application, you may
re-install the Use
Case Name package
in order to resolve this
warning.

If the use case has not

been updated, do the
following:
1. Install the
package for the
use case
containing the
related
application. You
must have a
license for the
related
application.

2. Reapply the
original package
to resolve the
warning.
See the Data
Dictionary.

Appendix A: Package Installation Log Message Examples 38

RSA Archer Loss Event Management Use Case Guide

Object
Message Explanation Remediation
Type

Field The The formula in the calculated field is Do either of the

calculated incorrect. Most often, this message occurs following:
field Field when the formula references a field in a
l Modify the formula
Name in the related application and either the field or the
application application does not exist in the target to remove the
Application instance or is not licensed. This may be reference to the
Name cannot because the application is in a related use unavailable field.
be verified. case that has not been updated.
l Install the package

for the use case

containing the
related application.
(You must have a
license for the
related
application), then
reapply the original
package to resolve
the warning.

See the Data

Dictionary.

Appendix A: Package Installation Log Message Examples 39

RSA Archer Loss Event Management Use Case Guide

Object
Message Explanation Remediation
Type

Field Field Field This warning may be seen on Inherited 1. Install the
Name was not Record Permission fields, cross- package for the
found and reference/related record fields (record
use case
removed from lookup and grid display), or as a display
a collection. field in a report. The warning means that containing the
the field could not be found in the target related application
instance and was not included in the (to obtain the
package. This is usually because the field is missing field).
part of an application in a related core
You must have a
solution that has not been updated in the
target instance or is not licensed. license for the
related
application.

2. Reapply the
original package
to resolve the
warning.
See the Data
Dictionary.
If you do not have a
license for the related
application, you may
ignore this message,
and the field remains
omitted from the
object.

Advanced The advanced All advanced workflows are installed as Go to the Advanced
Workflow workflow was inactive. You must review and activate the Workflow tab in the
installed, but workflow. application or
is inactive. questionnaire, review
Please review the workflow, then
and activate. click Activate.

Appendix A: Package Installation Log Message Examples 40

RSA Archer Loss Event Management Use Case Guide

Object
Message Explanation Remediation
Type

Advanced Minor failure: This failure message may appear if certain 1. Verify that the
Workflow Advanced services were not running when you Advanced
workflow installed the package.
Workflow Service
HTTP request
error: 404 not and the Job
found. Service are
running.

2. Reapply the
package.

Access Access rights The Module Name application or None.

Role to the questionnaire belongs to a use case that you If you later license a
following have not licensed or does not exist in the use case that contains
page could instance. that application, you
not be may re-install the Use
configured Case Name package
due to missing in order to resolve this
module warning.
Module
Name.

Access The following Page Name belongs to an application in a None.

Role page use case that you have not licensed. If you later license a
referenced in use case that contains
a link cannot that application, you
be resolved: may re-install the Use
Page Name. Case Name package
in order to resolve this
warning.

Appendix A: Package Installation Log Message Examples 41

RSA Archer Loss Event Management Use Case Guide

Object
Message Explanation Remediation
Type

Event Module Name This warning usually occurs when a cross- Review the DDE and
Action DDE Name reference or related record field is on the the layout and
was updated layout in the package but is not licensed or determine if any
but has page does not exist in the target instance. Occurs modifications should
layout on Apply Conditional Layout actions. be made to the layout.
discrepancies. If you later license a
use case that contains
that application, you
may re-install the Use
Case Name package
in order to resolve this
warning.

Field Contained Field Name 1 references an application that None.

Reference does not exist in the target instance or is not If you later license a
field :Field licensed. use case that contains
Name 1 was that application, you
not found in may re-install the Use
the target Case Name package
instance and in order to resolve this
was removed warning.
from multi-
reference
field : Field
Name 2.

Field Cross Field Name 1, configured to display in the No action is

Reference reference field grid, is missing from the necessary. You can
View/Edit application it belongs to. also add the field to
Display field : the other application
Field Name 1 by installing the
was not found package that the
in the target related application
instance and belongs to.
was removed
from field :
Field Name 2.

Appendix A: Package Installation Log Message Examples 42

RSA Archer Loss Event Management Use Case Guide

Object
Message Explanation Remediation
Type

Field Related Field Name 1, configured to display in the No action is

Record reference field grid, is missing from the necessary. You can
View/Edit application it belongs to. also add the field to
Display field the other application
:Field Name by installing the
1 was not package that the
found in the related application
target belongs to.
instance and
was removed
from field :
Field Name 2.

Field History Log This message usually occurs when a history None.
Field log field includes a cross-reference or If you later license a
Selection related record as a tracked field, but that use case that contains
field : Field cross-reference or related record could not that application, you
Name was not be created because the related application may re-install the Use
found in the either does not exist in the target or is not Case Name package
target licensed. in order to resolve this
instance and warning.
was removed
from history
log field :
History Log.

Field Inherited Field Name 1 belongs to an application in a None.

User/Group use case that does not exist in the target or If you later license a
field : Field is not licensed. use case that contains
Name 1 was that application, you
not found in may re-install the Use
the target Case Name package
instance and in order to resolve this
was removed warning.
from field :
Field Name 2.

Appendix A: Package Installation Log Message Examples 43

RSA Archer Loss Event Management Use Case Guide

Object
Message Explanation Remediation
Type

iView The following Page Name belongs to an application in a Modify the iView to
page use case that does not exist in the target or remove the
referenced in is not licensed. unresolved link or
a link cannot delete the iView
be resolved: If you later license a
Page Name. use case that contains
that application, you
may re-install the Use
Case Name package
in order to resolve this
warning.

Navigation Unable to Application Name belongs to an use case None.

Menu update that does not exist or is not licensed. If you later license a
Navigation use case that contains
Menu that application, you
Application may re-install the Use
Name. Field Case Name package
Field Name in order to resolve this
not found. warning.

Report Report Name Occurs when no display fields could be None.

report could included in the report because the fields do
not be not exist in the target or are not licensed.
created. This error is most common on statistics
There are no reports.
display fields
for this report.

Appendix A: Package Installation Log Message Examples 44

RSA Archer Loss Event Management Use Case Guide

Object
Message Explanation Remediation
Type

Report Display field : Field Name belongs to an application in a If the report functions
Field Name use case that does not exist or that is not without that field,
was not found licensed. then no action is
in the target needed. Otherwise,
instance and modify the report or
was removed remove it.
from report: If you later license a
Report Name. use case that contains
that application, you
may re-install the Use
Case Name package
in order to resolve this
warning.

Report Field : Field Field Name belongs to an application in a If the report functions
Name use case that does not exist or is not without that field,
referenced by licensed. then no action is
a statistic step needed. Otherwise,
was not found modify the report or
in the target remove it.
instance and If you later license a
was removed use case that contains
from report : that application, you
Report Name. may re-install the Use
Case Name package
in order to resolve this
warning.

Appendix A: Package Installation Log Message Examples 45

RSA Archer Loss Event Management Use Case Guide

Object
Message Explanation Remediation
Type

Report Field : Field Field Name belongs to an application in a If the report functions
Name used use case that does not exist or is not without that field,
for charting licensed. then no action is
was not found needed. Otherwise,
in the target modify the report or
instance and remove it.
was removed If you later license a
from report : use case that contains
Report Name. that application, you
may re-install the Use
Case Name package
in order to resolve this
warning.

Report Field : Field Occurs when a filter condition in a report is If the report functions
Name was not referencing an application that does not without that field,
found in the exist or is not licensed. then no action is
target needed. Otherwise,
instance and modify the report or
the condition remove it.
was removed If you later license a
from the use case that contains
filter. that application, you
may re-install the Use
Case Name package
in order to resolve this
warning.

Appendix A: Package Installation Log Message Examples 46

RSA Archer Loss Event Management Use Case Guide

Object
Message Explanation Remediation
Type

Report Module The Module Name application or If the report functions

Module Name questionnaire belongs to a use case that you without that field,
was not found have not licensed. then no action is
and removed needed. Otherwise,
from a search modify the report or
report. remove it.
If you later license a
use case that contains
that application, you
may re-install the Use
Case Name package
in order to resolve this
warning.

Report Module Occurs with n-tier reports when the report If the report functions
Module Name includes display fields from a related without that field,
was not application that does not exist or is not then no action is
found. The licensed. needed. Otherwise,
relationship modify the report or
and remove it.
associated If you later license a
display fields use case that contains
were removed that application, you
from a search may re-install the Use
report. Case Name package
in order to resolve this
warning.

Workspace The following The Module Name application or None.

module questionnaire belongs to a use case that If you later license a
referenced in does not exist or is not licensed. use case that contains
the that application, you
Navigation may re-install the Use
menu could Case Name package
not be in order to resolve this
resolved: warning.
Module
Name.

Appendix A: Package Installation Log Message Examples 47