Gartner Blog Network


Here’s Why IRM Solutions Are Superior to Archaic GRC Technology

by John A. Wheeler  |  May 2, 2019  |  Submit a Comment

Gartner clients are consistently searching for ways to improve their risk management programs to deliver greater value to the enterprise. Whether it is to bolster performance in support of new digital transformation efforts or to reduce spend associated with bloated governance, risk and compliance (GRC) bureaucracies, the need for better solutions is real. That’s why Gartner has been promoting integrated risk management (IRM) solutions for the past 4 years. As a result, companies and organizations across the globe are achieving better performance and growth.

As evidence of the IRM benefits, Deloitte recently released its 2019 Risk Management Survey and the results are telling. According to the survey respondents, IRM solutions are essential to fueling higher levels of growth. Here’s an excerpt from the report:

An integrated approach to risk eschews siloed solutions and aims to develop both an enterprise-wide view of risk tied to the attainment of key corporate objectives, and enterprisewide methods of identifying, assessing, monitoring, and mitigating risks. Among organizations that achieve a CAGR of over 5 percent, about one-third characterize their risk programs as highly integrated while only about one-fifth of those with a CAGR under 5 percent characterize their programs as such.

Unfortunately, GRC technology limits an organization’s ability to move beyond a siloed approach because it remains rooted in myopic solutions designed for individual risk and compliance programs. Gartner sees legacy GRC technology providers evolving their product sets to link three primary risk management program areas – enterprise, operational and IT/cybersecurity (see figure below). By doing so, technology can enable better visibility and understanding of the dynamic set of risks across the entire organization.

To learn more about IRM, check out the following Gartner blog posts or, if you are a Gartner client, read our latest IRM research provided below.

Market Trends: GRC Era Is Over as Customers Adopt Integrated Risk Management
John A. Wheeler and Elizabeth Kim

Competitive Landscape: Integrated Risk Management Solutions
Elizabeth Kim and John A. Wheeler

Top Use Cases and Capabilities for Integrated Risk Management
John A. Wheeler

Magic Quadrant for Integrated Risk Management
John A. Wheeler, Jie Zhang and Earl Perkins

Critical Capabilities for Integrated Risk Management
John A. Wheeler, Jie Zhang

Market Insight: Fuel Digital Business Transformation via a Digital Risk Management Solution Stack
John A. Wheeler

Additional Resources

Category: audit-and-risk  compliance-management  driving-digital-business-transformation-for-industry-leadership  enterprise-risk-management-program-management  risk-assessment-process-and-methodologies  risk-coverage  risk-response-strategies  

Tags: cyber-risk-2  cybersecurity  digital-risk-2  digital-risk-management  enterprise-risk-management-2  erm  grc  integrated-risk-management  irm  operational-risk-management  risk-management  

John A. Wheeler
Global Research Leader - Risk Management Technology
8 years at Gartner
30 years IT Industry

John A. Wheeler is global research leader for risk management technology solutions and professional services. His areas of specialty include integrated risk management, executive leadership and corporate governance. Follow him on Twitter @JohnAWheeler Read Full Bio




Leave a Reply

Your email address will not be published. Required fields are marked *

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.