Gartner Blog Network

John A. Wheeler
Research Director, Integrated Risk Management
6 years at Gartner
28 years IT Industry

John A. Wheeler is a Research Director with responsibility for leading analyst coverage of integrated risk management (IRM) technology solutions and professional services. His areas of specialty include risk management, executive leadership and corporate governance. Follow him on Twitter @JohnAWheeler Read Full Bio

Seven Ways to Engage the Board on IRM

by John A. Wheeler  |  November 6, 2017

Based on public disclosures of risk oversight practices, such as those mandated by the U.S. Securities and Exchange Commission (SEC), public companies are focusing more effort and attention on improving their risk management programs, especially those related to cybersecurity and technology risk. In fact, in a recent survey of more than 600 board members by […]

Read more »

How to Get Your CEO to Embrace Digital Risk Management

by John A. Wheeler  |  October 19, 2017

As a CIO, you want to sit down with your CEO to discuss her new plan to implement cloud-based software. You’re concerned about security risks. But after some back and forth with her office, it’s clear she isn’t looking forward to meeting with you. You normally have a good rapport with her, and haven’t had […]

Read more »

Equifax Data Breach: It’s the End of Cybersecurity as We Know It

by John A. Wheeler  |  September 14, 2017

As most everyone knows by now, one of the single largest data breaches in history was disclosed last week by the credit reporting giant, Equifax. While most people are rightly focused on the immediate impacts of this breach – personal fraud, credit and identity protections, waivers of right to sue, class-action lawsuits, etc. – few […]

Read more »

Gartner’s New IRM Magic Quadrant Signals End of GRC Era

by John A. Wheeler  |  August 16, 2017

Over the past several years, Gartner has evolved its research of Governance, Risk and Compliance (GRC) technology solutions to meet the increasingly complex needs of the security and risk management leaders it serves. In addition, Gartner continues to enhance its groundbreaking research associated with the future of digital business. As a result, Gartner is shifting […]

Read more »

Gartner’s Hype Cycle Focuses on Integrated Risk Management

by John A. Wheeler  |  July 24, 2017

Gartner just released its 2017 Hype Cycle for Risk Management focusing on the importance of integrated risk management (IRM). The 2017 Hype Cycle for Risk Management report describes the related services, software platforms, applications, methods and tools that organizations can use to develop programs to withstand risk events or to take advantage of risk-related opportunities. In […]

Read more »

Bringing Clarity to “Fluffy Management Stuff” With IRM

by John A. Wheeler  |  March 29, 2017

I had the honor and privilege to spend several days last week with 400 IT leaders at our Gartner Peer Forum in Orlando, Florida. Speaking to the group gave me the opportunity to explain what many, including my fellow Gartner research colleagues, call “fluffy management stuff” or FMS for short. What is FMS? Well, it […]

Read more »

IRM Solutions Market Will Grow to $7.3 Billion by 2020

by John A. Wheeler  |  March 20, 2017

Earlier this month, Gartner released its inaugural forecast of the integrated risk management (IRM) software solutions market. The IRM market — formerly referred to as “governance, risk management and compliance (GRC)” — is estimated to have grown by 17.4% from 2014 to 2015 and by 17% from 2015 to 2016. The market is projected to […]

Read more »

NIST Cybersecurity Framework Supports Use of IRM

by John A. Wheeler  |  January 9, 2017

2017 brings a new focus and urgency to improving cybersecurity at all levels of our society. While a fierce debate rages in Washington, DC over the cyber-intrusion impact on the US presidential election results, our clients are working to strengthen their risk management programs to propel their businesses forward in a safe and profitable way. […]

Read more »

GRC Redefined: Gartner Adopts an Integrated Risk Management View

by John A. Wheeler  |  October 17, 2016

The time has come for a new viewpoint on the maturing discipline known as governance, risk and compliance (GRC). The term GRC was spawned from the need for better internal control and governance within large enterprises in the early 2000’s. Much of this need was driven by the compliance requirements associated with the U.S. Sarbanes […]

Read more »

Emerging Risks in Cybersecurity: Gartner’s Top Ten Predictions

by John A. Wheeler  |  August 26, 2016

This week, I presented Gartner’s top ten strategic predictions for security at the South Africa Reserve Bank Cybersecurity Conference in Johannesburg, South Africa. In my remarks, I explained that today’s security professionals battle threats from outside the organization as well as those from their own employees. But what about threats that they already know exist? […]

Read more »