Blog post

Gartner’s Hype Cycle Focuses on Integrated Risk Management

By John A. Wheeler | July 24, 2017 | 2 Comments

Technology and Emerging TrendsTech and Service ProvidersStrategic riskSocial MediaSecurity and Risk Management LeadersRisk ManagementOperational risk managementLegal and ComplianceIT risk managementIRMintegrated risk managementGRCEnterprise risk managementDigital riskBusiness Continuity ManagementAudit and RiskEnterprise Risk Management Program ManagementRisk Assessment Process and MethodologiesRisk CoverageRisk Response Strategies

Gartner just released its 2017 Hype Cycle for Risk Management focusing on the importance of integrated risk management (IRM).

The 2017 Hype Cycle for Risk Management report describes the related services, software platforms, applications, methods and tools that organizations can use to develop programs to withstand risk events or to take advantage of risk-related opportunities. In short, risk management programs mitigate the impact of uncertainty on business performance. Gartner recommends an integrated risk management (IRM) approach to build and sustain successful risk management.

What is IRM?

Many organizations are good at domain-specific risk management, but they struggle to harmonize the three key pillars of a successful security and risk management program: a strong framework, metrics and systems. IRM can remedy this challenge.

IRM is a set of practices and processes supported by a risk-aware culture and enabling technologies that improve decision making and performance through an integrated view of how well an organization manages its unique set of risks.

IRM encompasses a holistic analysis of internal and external risk factors. Successful organizations design a framework that seamlessly connects risks at a strategic, operational and IT level. To understand the full scope of risk, organizations require a comprehensive view across all business units and risk and compliance functions, as well as key business partners, suppliers and outsourced entities.

Risk management continues to be an area of growing maturity and investment for most organizations as the risk landscape becomes ever more complex and interconnected. In fact, according to a 2017 survey of executives by the American Institute of Certified Public Accountants, 70% of respondents perceive that the volume and complexities of risks have increased “mostly” or “extensively” in the past five years.

Moreover, 79% of executives stated that their organization experienced risks that have actually translated into significant operational surprises and business disruptions in past five years. To understand the full scope of risk, organizations require a comprehensive view across all business units and risk and compliance functions, as well as key business partners, suppliers and outsourced entities. As a result, new technology solutions are emerging to increase the collaborative nature of risk management to support data-driven decision making, both within and external to an organization.

What is the Future of Risk Management? 

Gartner predicts, by 2021, 50% of large enterprises will use an IRM solution set to provide better decision-making capabilities, and that the IRM solutions market will grow to $7.3 billion by 2020. Digitized organizations are prioritizing the need for risk management programs that alleviate IT and cyber security threats.

The Hype Cycle for Risk Management demonstrates organizations’ increasing need to understand the full scope of their digital business risks. Areas such as digital risk management (DRM), social media risk management, cloud security intelligence, business continuity management (BCM), IT risk management (ITRM), Internet of Things (IoT) and vendor risk management (VRM) are critical components of the evolving digital business landscape. The technologies covered in this Hype Cycle report provide the risk insights that are required to create strategies to build successful digital business processes.

Why is IRM important?

Key decision makers are increasingly focused on major operational risks across the extended global organization. Security and risk management leaders need to manage the diversity of these extended risks with an integrated approach to risk management. Adopting a risk management program that addresses the threats associated with digitization is imperative. They should implement an IRM solution to meet the demands of digital transformation and move their organization forward in a safe, profitable way.

Gartner Security & Risk Management Summit

To learn more about IRM and other technologies highlighted in our Hype Cycle report, plan to attend one of our upcoming Gartner Security & Risk Management Summits 2017, taking place in Mumbai; Sao Paulo; Sydney; and London. Also, follow news and updates from the events on Twitter at #GartnerSEC.


Comments are closed


  • You actually make it seem really easy together with your presentation but
    I find this matter to be actually something that I believe I’d by no means understand.

    It kind of feels too complex and extremely vast for me.

    I am looking ahead for your next put up, I will attempt to get the cling of

  • Niki says:

    Besten Dank im interessanten und spannenden Artikel!
    Ich folge dem Blog bereits seit einiger Zeit und lese
    jede neue Publikation deshalb durch Perspektive zur zeitliche Entwicklung des Inhalt.
    Desto erfreuter stelle ich also fest, dass sich hier seit Beginn und Start noch mehr zum Positiven entwickelt hat.
    Wohlgemerkt sage ich dadurch nicht, dass anfangs keinerlei erstklassigen Artikel
    zu lesen waren – eher möchte ich unterstreichen, dass eine deutliche Reihe zu erkennen ist.

    Ich bin deshalb gespannt, ob jene Fortschritte sich auch in Zukunft weiterhin belegen. Ich für meinen Bereich werde dem Blog weiterhin folgen und
    bei Gelegenheit gern weitere Meinungen verfassen.