The GRC for assurance leaders solutions market offers technologies that support identifying, assessing, managing, monitoring and reporting on risks associated with the enterprise and compliance risks assurance leaders manage. These solutions commonly include tools for tracking workflow associated with these activities and their related aggregate data. Solutions in this market also support wide varieties of risk domains and niche workflows of risk managers or owners throughout the enterprise. Vendors’ products included in this research offer at least one capability in all core risk management capabilities and a module or solution package to support more than one risk domain. They are designed to facilitate coordination throughout the “three lines of defense” by providing a synthesized view of assurance activity and data to second-line functions — especially enterprise risk management (ERM) and compliance.
The IT risk management (ITRM) market focuses on solutions that support the ITRM discipline through automating common workflows and requirements. For the purposes of defining this market, IT risks are risks within the scope and responsibility of the IT department. These include IT dependencies that create uncertainty in daily tactical business activities, and IT risk events resulting from inadequate or failed internal IT processes, people or systems, or from external events.
Gartner defines Integrated risk management (IRM) as the combined technology, processes and data that serves to fulfill the objective of enabling the simplification, automation and integration of strategic, operational and IT risk management across an organization.