Taking a Risk-Based Approach to IRM Yields Actionable Insights Aligned With Business Objectives
Steven Minsky | Nov. 16, 2018
Gartner’s 2018 Magic Quadrant for Integrated Risk Management positions LogicManager highest for ability to execute and identifies a shift in focus by end-user organizations from compliance-based GRC to IRM solutions.
The Gartner report states that “IRM goes beyond traditional, compliance-driven GRC technology solutions to provide actionable insights that are aligned with business strategies, not just regulatory mandates.”
The reason for this shift, according to Gartner, is that “risk management—in particular, operational and IT risk management—continues to mature as a discipline and is becoming a more practical approach to improve corporate governance and internal control.”
I believe this shift towards IRM is driven by the revenue and company market value consequences of the see-through economy, which rewards or punishes organizations based on their competency in managing risk.
The proliferation of new communications technologies like social media, smartphones, and other internet-driven innovations have empowered consumers, investors, stakeholders, and employees to speak out and demand accountability for corporate negligence and malfeasance.
IRM is the Solution to Ever-Increasing Risks in the Age of Ultra-Transparency
To thrive in a see-through economy, companies need to be proactive in their approach to protecting their consumers, investors, employees, and communities. LogicManager’s innovative, integrated approach to risk management empowers organizations across industries to look out for reputational risk in every part of their business so they never land in the wrong kind of spotlight.
Some organizations use the term “GRC” to refer to IRM solutions. I believe this term fails to properly characterize the nature of risk management as a discipline. The Magic Quadrant for IRM states that, historically, clients surveyed were unfamiliar with the term GRC, and as such were not intending to invest in GRC solutions.
Conversely, “many global CEOs and senior executives have stated that their investment in risk management tools and practices is falling behind.” This perception gap serves as an indicator as to why the independent analysis firm has shifted its focus from GRC to IRM.
From Day-One, LogicManager has Taken an Integrated Approach to Risk Management
LogicManager has advocated for an integrated approach to risk management since its founding in 2005. In fact, LogicManager is the only vendor in the Integrated Risk Management or Governance, Risk, and Compliance sector that was initially developed as a risk-based, integrated solution. Most other vendors in the space began as compliance solutions.
Our intent was to empower front-line employees, risk managers, and security professionals to take a risk-based approach throughout departments and across silos in their organizations. Our technology is built on the very idea that managing risk within silos hinders success. An integrated approach to risk management is the only way companies can succeed in today’s era of ever-increasing transparency.
The traditional GRC model just isn’t compatible with today’s risk management landscape. The label “GRC,” or “Governance, Risk, and Compliance” creates silos rather than transcending them. As a concept, GRC is too limiting. Integrated risk management or enterprise risk management programs, when implemented properly, are inherently inclusive.
IRM brings together information across all departments and silos within a company. Risk management covers every business function at every level of an organization; compliance and governance are just two components of a multi-faceted risk management program.
At LogicManager, we’ve always felt that risk management is entirely about empowering better decision making, optimizing performance management and revenue generation, and identifying risks to an organization’s intangible assets, which are often their most valuable.
Studies conducted by Queens University have repeatedly found that companies with risk management programs that fail to bridge silos and transcend company hierarchy are, on average, 25% less valuable than those who practice truly integrated risk management.
From the very beginning, LogicManager has considered itself to be a truly integrated risk management solution with our industry-leading taxonomy technology, earning the highest position in the ability to execute axis of the 2018 Gartner Magic Quadrant for IRM.