Press release

24 Sep 2021 London, GB

EY announces strengthened alliance with RSA to help organizations accelerate risk transformations with Archer

LONDON, 24 SEPTEMBER 2021. EY today announces a strengthened alliance with RSA that is focused on risk management and cyber security.

Press contact
Eric Minuskin

Associate Director, Global Media Relations and Social Media, Markets, Ernst & Young LLP

Media relations and social media leader. Passionate about creative storytelling. Love to listen, learn and laugh.

  • Alliance will help EY US and RSA clients establish and enhance robust governance, risk and compliance strategies
  • Leverages industry-leading Archer suite and EY US consulting services to provide integrated risk management solutions

EY today announces a strengthened alliance with RSA that is focused on risk management and cyber security. The alliance can help enterprises to accelerate their operational and IT risk transformation through the combined capabilities of Ernst & Young LLP (EY US) — a leader in risk management and cybersecurity consulting — and Archer, an RSA business and leader in integrated risk management solutions.

As businesses continue to digitize their systems and processes, developing cohesive and robust governance, risk and compliance (GRC) processes and solutions has become essential. EY US and Archer are working together to help organizations build their risk management and cybersecurity strategies. The alliance can help EY US and RSA clients develop and deploy scalable operational risk and cybersecurity transformation programs by deploying Archer’s suite of GRC and integrated risk management offerings, combined in leading large risk and compliance transformations.

Marsha Reppy, EY Global and EY Americas Governance Risk Compliance Technology Leader, says:

“Today’s complex digital landscape requires cohesive and comprehensive risk management and cybersecurity strategies supported by the right technologies. Leading consulting capabilities provided by EY teams can help enterprises harness the power of the Archer platform to gain business insights and simplify compliance and operational risk management programs.”

The alliance is designed to help businesses across all industries tackle issues including the risk of regulatory actions, lack of risk-informed decision-making, and limited visibility and transparency of risk and compliance to stakeholders. With the EY US experience in building, deploying and managing risk management and cybersecurity programs using the Archer suite, EY US can help develop solutions supported by the platform. These include GRC, cybersecurity, third-party risk management (TPRM) and risk transformation as a service (RTaaS) solutions. By placing humans at the center of risk management and cybersecurity operations, EY US teams can help businesses leverage technology at speed while enabling innovation at scale.

Bill Diaz, CEO, Archer, says:

“The combination of the Archer suite and EY US leading risk management and cybersecurity consulting experience provides clients with skills and technology to establish a foundational GRC strategy that can evolve into integrated risk management with the needs of the business. Organizations are looking to better understand their operational risks as they accelerate their business transformation journeys, and together, Archer and EY US can help organizations fulfill this need.”


Notes to editors

About EY

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. Information about how EY collects and uses personal data and a description of the rights individuals have under data protection legislation are available via EY member firms do not practice law where prohibited by local laws. For more information about our organization, please visit

This news release has been issued by EYGM Limited, a member of the global EY organization that also does not provide any services to clients.