Review on Archimigo by Todd Phillips
ARCHIMIGO - a great compliance software for the security industry!
The best thing about archi is that it provides us with all of our security requirements from risk analysis to design validation in one place - which saves time! It's not great at having an easy way for non-security professionals (such as myself) who are new/unfamiliar with this software or industry standards / processes etc., to understand what we're looking at when reviewing designs within their system.
I would recommend using someone more familiar than yourself if you don't have previous experience working under these terms but otherwise there isn't anything really wrong here; just make sure your expectations match up with how they want things done before signing off on any work being carried out by them. We use ARCHIMIGO primarily because its been designed specifically around PCI DSS compliance so has made life easier during audits where previously my team had no idea whether something was compliant.
- It's simple, easy to use and very thorough in reporting on the security of your system
- It's pretty inflexible and doesn't do a great job of highlighting things which may seem more obvious to security professionals
