Gartner Blog Network


4 IRM Market Trends Will Accelerate Demand in COVID-19 Recovery

by John A. Wheeler  |  March 31, 2020  |  Submit a Comment

Integrated Risk Management (IRM) technology is uniquely suited to address the myriad of risks arising from the current crisis and future COVID-19 recovery. Gartner’s 2020 expanded coverage of IRM use cases (see figure below) coincides with rapidly evolving customer demands linked to crisis response and recovery efforts. These efforts demonstrate the rising need for an integrated approach to risk management and highlight the following four IRM market trends.

IRM Objectives and Risk Domains

1. IRM buying center continues shift from IT leaders to business leaders

As more businesses are maturing their risk management practices, the buying center for IRM is shifting. This is primarily driven by an increasing need to better understand the tactical view of technology risks in a strategic business context. In 2019, Gartner saw a 36% increase in IRM client inquiry by business leaders. In addition, 73% of the more than 760 IRM client interactions in 2019 were business leader focused.

This heavy focus on business leaders is a key reason why Gartner’s IT Leaders analyst group selected to suspend the IRM Magic Quadrant in 2020. The analysts who authored last year’s 2019 IRM Magic Quadrant are now focused on IT security buyers who are no longer well positioned as IRM buyers. As Gartner grows its coverage of IRM and related risk management technology in other parts of the research organization, the publication of the IRM Magic Quadrant may be resumed.

2. The current crisis is operationally-centered

Unlike the 2008-2009 Great Recession that was financially-centered in its origin and resolution, the COVID-19 crisis is operationally-centered. This means that the economic impacts from this crisis are driven by a break-down in business operations due to health-related closures. The financial stimulus provided by governments around the globe are merely a bridge to the other side of the crisis – business operations recovery. Once recovery begins, IRM will provide visibility of interconnected risks (i.e. third-party, digital, business continuity, health & safety, legal and ethics & compliance risks) businesses must navigate to succeed.

3. Risk visibility is needed vertically through the enterprise, not just horizontally

This risk visibility is needed both horizontally across the organization (as seen in most enterprise risk management (ERM) programs) and vertically down through the organization (see figure below). A single view of the key linkages between strategic, operational and technology risks will be needed to re-start business operations as the workforce slowly transitions back to full speed.

IRM Vertical Risk Visibility

4. Digital transformation is rapidly becoming a “must have” for businesses

As we all now know, digital transformation is now a “must have” not only for future competitiveness and growth, but also for survival. The entire business world is now relying on digital operations to maintain business continuity in this crisis. This shift will not fade as we recover. It will remain as a new way of conducting business in a cost-optimized, more efficient environment. As such, management of digital risks in an integrated way will become a top priority for businesses.

These are trying times for business leaders and their organizations. The only way through this crisis is to increase our degree of certainty in a highly uncertain world. That is what IRM is designed to help organizations do. If you want to learn more, please read my latest research publication, “Why Leading Technology Providers Have Shifted From GRC to IRM” (Gartner subscription required).

Additional Resources

View Free, Relevant Gartner Research

Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.

Read Free Gartner Research

Category: audit-and-risk  enterprise-risk-management-program-management  risk-coverage  risk-response-strategies  

Tags: digital-risk-2  enterprise-risk-management-2  erm  gartner  integrated-risk-management  irm  operational-risk  risk-management  vendor-risk  

John A. Wheeler
Global Research Leader - Risk Management Technology
9 years at Gartner
30 years IT Industry

John A. Wheeler is global research leader for risk management technology solutions and professional services. His areas of specialty include integrated risk management, executive leadership and corporate governance. Follow him on Twitter @JohnAWheeler Read Full Bio




Leave a Reply

Your email address will not be published. Required fields are marked *

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.