Earlier this month, Gartner released its inaugural forecast of the integrated risk management (IRM) software solutions market. The IRM market — formerly referred to as “governance, risk management and compliance (GRC)” — is estimated to have grown by 17.4% from 2014 to 2015 and by 17% from 2015 to 2016. The market is projected to grow at a 13.4% compound annual growth rate (CAGR) to reach $7.3 billion by 2020, from $3.9 billion in 2015.
The IRM market is the largest of all the solutions provider markets covered by Gartner in the security & risk management (SRM) software ecosystem. It also ranks third highest in terms of estimated profitability margin. As a result, this is one of the most dynamic software markets within our coverage and looks to be one to watch for the next several years.
So, you may be asking, just what are IRM solutions?
Gartner defines IRM solutions as “the combined technology, processes and data that serves to fulfill the objective of enabling the simplification, automation and integration of strategic, operational and IT risk management across an organization.”
Currently, I lead our analyst coverage of the following seven market segments within the broader IRM market:
Operational Risk Management (ORM)
IT Risk Management (ITRM)
Business Continuity Management (BCM) Planning
IT Vendor Risk Management (VRM)
Corporate Compliance and Oversight (CCO)
Audit Management (AM)
Enterprise Legal Management (ELM)
Given the size and anticipated growth of this market, we plan to provide a stronger focus on solution providers who can address these seven market segments via an integrated solution set. In December, we will publish our first Magic Quadrant for Integrated Risk Management report as well as a companion Critical Capabilities for Integrated Risk Management report. As more companies seek integrated solutions to help manage their rapidly expanding cyber risks, these reports will prove invaluable to security and risk management leaders.
To learn more, please read “Forecast Snapshot: Integrated Risk Management Solutions, Worldwide, 2017” and “Definition: Integrated Risk Management Solutions” at Gartner.com (current subscription required). You can also learn more about IRM by attending one of our upcoming 2017 Security & Risk Management Summit Events across the globe.
Category: audit-and-risk audit-management business-continuity-management compliance-management cyber-risk cyber-security cyberinsurance digital-risk enterprise-risk-management enterprise-risk-management-program-management grc integrated-risk-management irm it-risk-management it-vendor-risk-management operational-risk-management risk-assessment-process-and-methodologies risk-coverage risk-management risk-response-strategies security strategic-risk technology-and-emerging-trends third-party-risk-management
Tags: audit-management-2 business-continuity compliance cyber-risk-2 digital-risk-2 grc integrated-risk-management irm legal-risk-2 risk-management vendor-risk
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.