Search Results

At Archer we recently wrapped up the books on our fiscal year, and so I wanted to share our progress and outstanding results. Uncertainty in various market conditions worked to our benefit again in 2021. Between the pandemic, environmental and social concerns, supply chain disruptions, increasing regulation, and the horrific war in Ukraine, Risk Management and Operational Resiliency have never played a more crucial role. These seismic shocks are requiring companies to manage Risk across their Enterprise – just as they do with CRM, HCM and Finance. Archer is uniquely positioned to meet these demands with over 300 customers in each Risk Function (Operations, Audit , IT , 3rd Parties and Business Resilience ) - with over 80% of customers using our products for several, or all, departments. Our goal is to provide the best Risk Management platform to be the system of record to identify, plan, manage, mitigate/avoid and quantify your risk. I would like to personally and sincerely thank our clients, employees and partners who helped make last year so special. Archer’s CY 2021/FY 2022 highlights include: After our divesture from Dell in Sept ’20, Archer is now a fully autonomous company where we now have our own systems, processes, dedicated team and board. With this independence, we have grown the team by 30% last year to 750 employees. 17% organic revenue growth which extends our position as the largest pure-play GRC / IRM provider. New account bookings grew by +60%. SaaS revenues more than doubled and bookings increased by 94%. Substantial product improvements such as Operational Resilience , CMMC and an improved User Interface that removed a dependency on Microsoft Silverlight. Released Archer Engage as a mobile-first, zero training, no code companion product to facilitate remote access. Released Archer ESG ( Environmental Social Governance ) led by industry expert Peadar Duffy and his Soluxr team who joined Archer last summer. Released Archer Insight to enable Risk Quantification and Intelligence led by renown expert David Vose who joined as our VP of Risk Management. Added Dr. French Caldwell, former Gartner lead analyst and one of leading experts of the GRC space as our Chief Strategy Officer Launched a customer success program centered on time-to-value and continuous improvements. Our latest fiscal year is off to another great start as we look to expand adoption of the many new capabilities released last year and continue to support our customers as they look to navigate complex business challenges in uncertain times. Contact us to learn how Archer can help you establish, adapt, and mature your integrated risk management program.

Frank Sinatra is an icon. No one can dispute that. But exactly how much of an icon? Sure, he was a prolific music entertainer, movie star, and the epitome of cool -- but does that make him “iconic”? Noting that Sinatra sold approximately 11,415 years of music over the course of his career – enough to play from the time man invented farming until Captain Kirk took the command of the Starship Enterprise – puts more weight on the scale towards “iconic” status. My point is that numbers make an impact. Most often, the benefits to an organization in taking a strategic and comprehensive approach to risk management are evident across different types of metrics, including fewer compliance violations, less disruptions, and more effective responses to operational events. This integrated risk management (IRM) approach seeks to connect different domains of risk management within a cohesive picture. It requires an extensive list of processes across different operational groups, creating a complex tapestry of activity. Since “it takes a village” to manage risk, true financial impact of risk management is not something easy to calculate. Why would you need to calculate its impact? Well, risk management activities require investments in time and resources and someone along the way needs to foot the bill. Can you put a number to the overall impact of an integrated risk management program? I explored this topic by applying a technique typically used for micro risks to this macro issue. Bow tie analysis is often used to analyze individual risk events but can also be applied at the macro level. To provide an illustrative example of this approach, I used Archer Insight to create multiple bow tie analyses of IRM elements and to determine a measurable impact. I then ran control scenarios utilizing common IRM processes against through these models. The result was an interesting exploration of the financial impact of IRM programs. Want to learn more? You are cordially invited to register to attend our webinar, What Is Risk Management Worth To Your Organization? at 2:00pm Eastern on January 24, 2023. I hope you can attend!

Looking ahead at 2023, it will be more important than ever for organizations to manage their supplier risk. Larger and more complex supplier networks, changing regulatory requirements, and an often volatile global risk landscape will require organizations to ensure effective evaluation of their supply chain dependencies. Having the right strategy and the right tools in place is essential in helping to circumvent potential issues with your suppliers and can significantly contribute to the financial health and overall well-being of your organization. The ability to consistently assess, monitor, and manage your organization’s supply chain risk results in better business outcomes for both your organization and your supply chain management program. To learn more, join us for our webinar “ Prioritizing Supply Chain Risk Management in 2023 – A Look Ahead ” featuring GRC 20/20 market analyst Michael Rasmussen and Archer’s Wes Loeffler to learn: How supply chain risk is expected to impact organization in the year ahead How to make supply chain risk management a strategic priority for your organization How Archer can help you manage supply chain risk more effectively Webinar: January 19, 2023 2:00 pm Easter Time Register Now! Visit Archer Third Party Governance for more information. Contact us to speak to an Archer Expert.

This relatively new term, “Operational Resilience” has many asking, “is this the same as business recovery?”, or “what’s the difference?” While there are similarities, let me explain the differences. There are similarities but let me attempt to show how they’re different. Operational Resilience is an evolution from traditional business recovery (also called Business Continuity, IT Disaster Recovery) to, instead of focusing only on being able to recover the business when it’s disrupted, to making the business resilient so impacts from disruption are minimized and the organization can keep operating even when disruptions occur. Considering an average company can lose as much as 10% of its value by being disrupted, Operational Resilience focuses on preventive measures to reduce those potential impacts. Traditional Business Continuity For decades, organizations worldwide have had Business Continuity functions to help the business recover after a disruption. This entails documenting and testing recovery plans that are focused on the internal business processes, facilities, people, and IT systems. Business impact analyses (BIAs) identify which internal business processes or IT systems are most critical to the company. I want to emphasize that this approach is reactive (recovery) and focused inwardly (internal business processes, IT systems, etc.). Operational Resilience This concept originated from regulators in the financial services industry, primarily in the UK. Recent regulations have been implemented which are reverberating around the world as other global regulatory bodies follow suit. Unlike Business Continuity, Operational Resilience is more effective at preparing organizations for disruptions resulting from pandemics, supply chain shortages, geopolitical disruptions, and cyber-attacks. The main components of Operational Resilience are in the term itself. Operational (the way the company operates) Resilience (building measures in to reduce impact from disruption). It’s proactive versus reactive. Another distinction is the focus. Operational Resilience starts with identifying the most important products and services the company offers to its customers. This is outward-focused. Because of that focus the priorities and metrics can be very different. The most important metric is “Impact Tolerance”, or to what extent a customer or the company itself be impacted before the disruption is considered intolerable. For example, if our online banking portal is down and customers can’t get to their money, how long will it be tolerable to a customer? Or if the company is losing revenue because online banking is down, how much revenue can the company afford to lose? The metrics are in real impact – dollars and cents in this example. This analysis drives a different approach than just having recovery plans when online banking is down. The company is going to be much more proactive in their measures to make sure online banking isn’t down at all. I’ve talked about a few examples of the difference between Business Recovery and Operational Resilience. Here’s a table that highlights some of the differences. ​ Business/IT Recovery Operational Resilience Objectives Focused on recovery of what’s disrupted ​Focused on building resilience across the organization Business Impact Analysis Focused on determining criticality of internal business processes Focused on identifying important products and services offered to customers Metrics Recovery Time Objective and Recovery Point Objective Impact tolerances, such as: what can customers tolerate if our products and services to them are disrupted. how much revenue can we afford to lose if our products and services are disrupted Risk Management BCM team does cursory risk analysis ​Coordination with risk management function is vital so there is one risk approach across the company. Often called Integrated Risk Management Testing Typically consists of walkthroughs of recovery plans to see if they make sense ​Comprehensive scenario testing of what could go wrong and how do we react. What operational measures do we have or need in place. Dependencies Focus on a business process or an IT system or a facility. Sometimes considering the interdependencies ​Starting with the product/service offered to the customer, identify the business processes, systems, people, data, facilities and third parties that are involved in providing that product/service – then build resilience into this entire ‘value chain’ Third Parties Make sure they have their own recovery plans ​The third parties’ impact tolerances have to match ours. They’re part of the value chain mentioned above, and we have to make sure they’re as resilient as our company is. Some may say there isn’t much difference but having spent the last 30 years of my career in this field, I’m here to say this is an evolution. Even though, for now, it’s a topic stemming from regulation, it’s a best practice that should be adopted by every organization. For more information, look at resources posted at Archer Operational Resilience . Contact us to speak to an Archer expert.

Building an operationally resilient organization is more important than ever, in light of increasing global regulatory pressures and the constant barrage of potentially disruptive events. Your organization must be prepared to address changing business and competitive forces to ensure that the business stays operational, regardless of the obstacles. Did you know that building operational resilience not only considers disruptive factors on an organization like natural disasters, cyberattacks and geopolitical unrest, but also business impacts like talent shortages, remote work implications, and competition? With operational resilience proving to be an evolution for many organizations, there are a number of key lessons learned and emerging trends to consider that could impact your approach to operational resilience in the coming year. Interested in learning more? Register for our January 11 webinar, Operational Resilience: Lessons Learned & A Look Ahead , to learn about: Current regulatory guidance on operational resilience Where operational resilience has been adopted successfully Key considerations for operational resilience planning in 2023 Contact us to speak to an Archer expert.

When a single ship aground in the Suez Canal rattles financial markets, it's easy to attribute rising interest in third-party risk management to supply chain disruptions. And in the IT supply chain, It seems that the stakes in the battle for control of our information are ever higher. Ransomware is a seemingly unstoppable threat, and IT supply chain hacks are sponsored by advanced persistent threats (APTs), aka nation states. It’s no longer just criminal threats, many private enterprises find themselves caught in crossfire of cyberwar. These and other risks are driving corporate boards and government overseers to demand ever better third-party risk management . Despite the cyber threats and supply chain disruptions, many enterprises struggle with advancing their third-party risk management programs from basic due diligence to true risk management. So, what can be done? Here are three suggestions for alignment, monitoring, and optimization of the third-party risk management program . Alignment: Align third-party risk management governance to your strategic business objectives When it comes to third-party risk management governance, there are two goals: to improve business performance and to ensure compliance with regulations and standards. Alignment of customer and service provider goals is always an important element third party governance and is even more important when the vendor is more closely tied to the customer's strategic business objectives. The challenge for the customer is that the governance of the provided goods and services must be managed through the provider, and, therefore, it's doubly important for alignment to be maintained. Maintaining that alignment for strategic vendors essentially is the means available to ensure effective governance. The more strategic the provider, the closer the vendor management will resemble direct governance of the provider's services. Here's another way to look at this: the greater the chance that the provider could introduce risks into the customer's business goals and objectives, the more the vendor management office will need to control the governance and compliance of the provider's services. Monitoring: Continuously monitor third-party digital risks Not all vendors pose high risk, but those with both high business value and high switching cost are strategic and require more in-depth risk assessment and frequent updates. With respect to digital risks, with a short time to onset for risk events, continuous monitoring is required. Third-party risk management programs do some initial triage on vendor’s and categorize them into three risk tiers. The highest risk tier includes no more than 10% of vendors and usually much fewer than that. It may be further subdivided into levels of scrutiny required. For instance, a handful may require background checks of board members or executives to see if they are politically exposed persons (PEPs) or exposed to governmental sanctions. A significant number of vendors may require site audits. The second tier includes 20% or fewer and the bottom tier is where most of the third parties are. Essentially the second tier are vendors that could possibly move into the top tier and deserve more frequent assessment. The bottom tier must meet basic service agreement requirements. Optimize: Conduct assessments of and prioritize improvements to the third-party risk management program Enterprises with large numbers of vendors cannot advance quickly from due diligence to an advanced third-party risk management program. However, identifying segmenting vendors into tiers can be done relatively quickly. The basic segmentation above provides an excellent starting point for advancing the third-party risk management program. Tier 1 – High Value/High Switching Cost: These are strategic vendors. Comprehensive assessments should include vendor resilience and crisis management, the vendor's risk management program, and the risks the vendor presents to your strategic business objectives. High Value/Low Switching Cost: Although switching costs for a given vendor low, when considering the amount of business value that will be transferred to a new vendor, in aggregate switching costs may be higher. Assess the effectiveness of the vendor’s risk management and compliance practices. Tier 2 -- Low Value/High Switching Cost: Financial viability and qualifications that are suitable for purpose are key. Ensure there are contingency plans that can be executed in the event of disruption of the vendor’s goods and services. Frequently reassess vendor viability. Tier 3 -- Low Value/Low Switching Cost: These vendors offer commoditized goods and services and alternatives are plentiful. However, your enterprise could be subject to reputational risks, or the vendor may not maintain necessary qualifications. Conduct thorough background checks and validate the vendor's qualifications before onboarding and at contract renewal. To learn more, watch our on-demand webinar " Getting Started with Third Party Risk Management ," featuring Archer Chief Strategy Officer French Caldwell, who discusses: The importance of aligning third-party risk management with your organization's business objectives How to incorporate third-party risk management within enterprise and IT risk management programs Evaluating the capabilities of your current due diligence efforts to move towards an effective third-party risk management program W atch Replay Now Visit Archer Third Party Governance and Archer Engage for Vendors for more information. Contact us to speak to an Archer Expert.

Managing supply chain risk in an expanding threat landscape has become extremely complex, and events like the global pandemic and conflict in Ukraine have only exacerbated the issue. It has become necessary to go beyond a traditional risk management approach to understand supply chain risk. What can you do to manage your supply chain risks effectively? Set up a third-party risk management program that includes assessing and managing the cyber risk from your vendors to improve the efficiencies and ensure better risk outcomes for your organization from your supply chain management program. To develop an effective strategy, you must understand your supply chain risks and how to mitigate those risks. Some key supply chain risks to consider are cyberattacks, natural disasters, and supply chain disruptions. Cyberattacks When considering cyberattacks, it is critical to have a cyber risk management strategy in place. Think about catastrophic events like the SolarWinds breach and the Log4J vulnerability. Both events illustrate that cyber threats that impact nth parties can have a downstream effect on your business.. Your organization relies on your third, fourth and nth party vendors to do business, but that can also put your company’s sensitive data at risk. As part of your strategy, develop partnerships with your suppliers and understand the controls they have in place to mitigate cyber risk. You can then determine if your supplier’s cyber risk management strategies align with your standards. Natural Disasters Natural disasters are a supply chain risk that can impact multiple suppliers in a specific region. These disasters can have a global impact. You must develop a strategy to prepare for a natural disaster to minimize the disruption of your supply chain and the impact on your business. It’s important to understand not only the location of critical vendors and nth parties, but concentrations that may exist within a specific region. Supply Chain Disruptions Supply chain disruptions have become more common on a global scale. Covid, the Colonial Pipeline attack, and the conflict in Ukraine are just a few examples that have led to supply chain disruptions. Organizations can evaluate supply chain dependencies and identify regional dependencies to understand supply chain risk. This information can be beneficial to understand the risk level and how to mitigate those risks if an unforeseen event causes a supply chain disruption. Watch our on-demand webinar “ Monitor and Manage Your Supply Chain Risk ” featuring Archer’s Wes Loeffler and RiskRecon/Mastercard’s Mark Nafe to learn what steps you can take to better manage your supply chain risk. W atch Replay Now Visit Archer Third Party Governance for more information. Contact us to speak to an Archer Expert.

Given the extreme importance of every organization’s technology infrastructure, and the ongoing battle with security threats, cyber risk is an area of risk management that garners much attention. Quantifying cyber risk has been a challenge that many organizations have tackled. Dealing with the many inputs, nuances, shifts and scale of technology risk makes the calculation of cyber risk extremely demanding. The Open Group ’s Open FAIR™ model has been one of the leading approaches to apply quantitative methods to the calculation of cyber risk. Recently, the Open Group published “ The Mathematics of the Open FAIR™ Methodology ”. In this interview, Steve Schlarman sits down with David Vose, Archer Vice President of Risk Management and the lead author of this new standard, to discuss how this update to the mathematical underpinning of the Open Fair model unfolded and what it means to those organizations looking to implement quantification methods for cyber risk. Learn more on how Archer enables organization to manage IT and Security Risk Management and implement risk quantification . Contact us to speak to an Archer Expert.

“A perfect storm” is defined as a bad or critical situation that arises due to several negative and unpredictable factors occurring at once. That sounds a lot like the past few years, doesn’t it? The current storm of geopolitical upheaval, economic uncertainty, persistent cyberattacks, residual effects of the pandemic and more continue to impact most organizations. While you can’t control the storm, you can take steps to calm its impact on your organization. It’s imperative for organizations to not only be able to recover from disruptions but become resilient to them - so that the organization ‘bends but doesn’t break,’ so to speak. A critical aspect of building a resilient organization is anticipating and mitigating risks before they impact your organization and exceed your organization’s tolerance to impact or risk appetite. Measuring the quantifiable and qualitative impacts of these risks enables risk teams and executives to determine the best strategic and tactical actions needed to either mitigate the risks or take advantage of business opportunities that may arise. Ongoing measurement is also a vital part of building resilience because you need to define goals and know when they’re attained or when an adjusted approach is needed. The Archer Operational Resilience solution now offers new functionality enabling you to improve measurement and monitoring of the state of your organization’s resilience: The new Operational Resilience Assessment allows you to evaluate the resilience of business units across five resilience “pillars” -- Cyber, IT Infrastructure, Facilities, People, and Suppliers – as referenced in current regulatory guidance and used by top-tier consulting firms. A new Resilience Scorecard enables you to track scenario testing results, metrics, third-party metrics, resilience assessment results, and third-party resilience assessment results. The Archer Metrics application now features both quantitative and qualitative thresholds using red, amber, and green ratings to define quantitative and qualitative metrics thresholds and provide more granularity in measurement than traditional “pass/fail” criteria. Integration with Archer Engage for Business Users allows publication of Metrics Results to all your internal stakeholders. Weathering storms requires planning and preparation, testing your organization’s ability to be resilient, and measuring progress toward your resiliency goals. The new and updated capabilities for Archer Operational Resilience make it an ideal part of your “all hands on deck” approach to measuring and building a risk-resilient organization. To learn more, we invite you to register now for our webinar " Building Operational Resilience with Integrated Risk Management ." on August 16, 2022, at 11:00am Eastern Time. Visit Archer Operational Resilience for more information. Contact us to speak to an Archer Expert.

Risk management used to be a slow, laborious, disconnected process with spreadsheets and checklists circulated through an organization’s email system. It is no wonder that risk management was left to be managed independently by various departments, with the ways risks interact across domains often overlooked. The limits of the risk management toolset limited the reach of risk management. The risk management landscape has changed – and continues to morph - with organizations contending with more risk while trying to build greater operational resilience all at once. Luckily, as risk evolves, so do the tools used to manage risk. New tools allow live reporting from mobile devices, connecting front-line stakeholders to central risk management teams. Easy to use and automated visualization, prediction, and even machine learning software take the guesswork out of trying to anticipate future risk. Quantization allows different kinds of risk from all across an organization to be directly compared. These innovations come at a time when organizations are anticipating more disruptions. In 2020, we surveyed employees from all levels of a variety of leading organizations who not only survived but thrived during the last year of disruption in their risk management efforts. Nearly three out of four respondents felt that their organization’s risk profile would expand in the next two years. To get more information about current best practices in risk management , read our report “ The State of Integrated Risk Management .” New Risk Management Tools to Solve Old Problems Risk management that relies on qualitative risk assessments is outdated. Heatmaps simply put colors on words like “minimal” or “catastrophic” without offering any guidance on how to allocate resources toward risk mitigation. Qualitative assessments also cannot tell you the price of a “catastrophe”, what steps need to be taken to avoid fallout, and how to weather the proverbial storm to come out successfully on the other side. The limitations of qualitative assessments and the struggle to determine how expensive a given disruption could be has led to the creation of more rigorous quantitative methods. While it is easy to see that a “minimal” effect is better than a “highly adverse” one, there is no qualitative way to compare multiple small effects against one larger one. Quantitative risk assessment tools allow risk management teams to perform just such an analysis, as the universal language of numbers allows for apples-to-apples comparisons and aggregations. Organizations can now place hard numbers on how to allocate resources with the new tools of risk assessment and management. Smart Organizations Look to the Future An organization that makes sure its integrated risk management platform can incorporate future developments is making smart moves. As any organization that has had to transition legacy systems into digital tools knows, the task of incorporating new methods can generate a great deal of friction. Part of an organization being able to incorporate future risk management methods and developments is ensuring that stakeholders understand that integrated risk management is an ongoing and ever-evolving process. Today's challenges require managing a cultural shift from reactively checking the boxes for compliance to a proactive risk management model that necessitates participation across the organization. Tomorrow’s challenges will require as much, if not more, engagement. Operational Resilience Is More Critical than Ever The pandemic demonstrated just how important it is for organizations to be able to adapt quickly to rapid changes and sudden disruptions. Digital risk profiles expanded as much of the workforce began to work remotely, requiring critical information technology assets to be placed online. The struggle to achieve regulatory compliance grew as new mandates to limit the spread of the SARS-CoV-2 virus were put into place. Supply-chain disruptions limited inputs and choked the market for outputs of physical goods and services. The dense web of connections that form the global economy and the strong ties between adjacent organizations increase exposure to third-party risk and disruptions. The ease with which the internet makes it possible to find new vendors or service providers means that organizations that have operational resilience stand at an advantage over organizations that are unreliable or inconsistent. Maintaining Integrated Risk Management Momentum Integrated risk management is a journey - not a destination. Even organizations with well-structured programs continue to need to connect risk to the business with cross-functional processes. We have found that small, achievable steps that can be maintained over the long run are better for keeping momentum than large, all-hands-on-deck efforts. Integrated risk management should be as ingrained in the undertakings of an organization as the core mission is. After all, being able to increase operational resilience and mitigate disruptions allows for organizations to continue providing the services they provide. When risk management is deeply integrated into workplace decision-making and actions, organizations can do what they do best more effectively. Our 20+ years of industry leading experience along with the analysis of our current customer base and general risk management community gives us enormous insight into the way risk is being managed. We know that departments have different risk profiles and operational requirements, so we built a common platform called Archer that integrates risk from a variety of sources. Archer provides a central place for governance, risk, and compliance integration, automation, and reporting . The platform can be customized and even extended, offering OOB solutions and specialized use cases for managing an organization’s risk profile. We’ve distilled this industry knowledge into our new report, “ The State of Integrated Risk Management. ” Read the report today to see how top companies have worked to achieve operational resilience, and what steps can be taken to mitigate changing risk in the future .

Building a resilient organization has traditionally been done through the lens of “what do we do after a disaster strikes? How long can we be down? How do we recover?” These are all valid questions. However, if the recent pandemic, ongoing cyber attacks, and supply chain issues have taught us anything, it is that people and organizations everywhere must be prepared for what may come. Effective preparation not only includes what to do when (not if) a disruption occurs, but it starts earlier and often to identify potential disruptive scenarios and impacts and implement measures to proactively deal with them. Remember, disruption to your organization is not limited to natural disasters, pandemics, and cyber attacks. It can also come from your competition, outdated business models, and other places you may not be readily aware of. Building resilience has, of necessity, become more about proactive planning, understanding what could impact the business, adapting, preparing for the inevitable, and learning from it all. But have you considered that building resilience can be a positive thing? Have you ever thought about how disruptive forces, if managed well, can make your organization stronger? Let me give you an example. Wind plays a major role in a tree’s life. In fact, the presence of wind makes a tree stronger by constantly keeping the tree moving. This causes stress in the wood as the load bearing structure of the tree. To compensate, the tree grows what is called stress wood. This effect helps the tree grow stronger and position itself to get the best light. The tree grows in a more solid manner, thanks to the stress wood formed in response to the wind. Taking this example, the tree is your organization. The winds are disruptive forces coming at you every day – natural disasters, cyber attacks, supply chain issues and more. These factors -- no matter how you react or the impact of these factors -- is in effect creating stress wood, which is what you have learned and measures you have put in place to be prepared or react, that makes your organization stronger to not only survive but thrive. Building a resilient organization includes your people, processes, IT, third parties and more. Your organization becomes resilient by planning and preparing and by going through the experience of disruptions and mistakes made. It is all part of the process of learning and growing. I am of the opinion that business resilience is more than worth the effort and price paid. It can be a daunting undertaking, with many not knowing where or how to start building business resilience for their organization. Visit our website to learn more information on how Archer helps organizations build resilience .

In today’s world, all customers want the ability to store files in a location where they can be easily accessed and shared, and where they are safe from disasters and secure from unwanted eyes. Microsoft® 365 OneDrive and SharePoint have become two of the most commonly used platforms for file storage and sharing, making it very important to support customers’ ability to transfer files from these platforms. We’re pleased to announce our new integration with Microsoft 365 OneDrive and SharePoint significantly streamlines the ability to move and edit files without needing to re-upload them back into Archer once you are done. With the Microsoft 365 OneDrive and SharePoint integration, you can: Easily select files from your OneDrive or SharePoint with an enhanced External Links field within an Archer record View or edit attached Microsoft 365 documents within the confines of the Archer record layout Visit our website or contact us to speak to an Archer expert to learn more about Archer. If you are an existing customer watch an on-demand video for an overview and demo.