Integrated risk management (IRM) solutions combine technology, processes and data that fulfill the objective of enabling the simplification, automation and integration of strategic, operational and IT risk management across an organization*. IRM obviously includes the cash and treasury management risks that are traditionally covered by the TMS.
Gartner believe that, “To understand the full scope of risk, organizations require a comprehensive view across all business units and risk and compliance functions, as well as key business partners, suppliers and outsourced entities. As a result, new technology solutions are emerging to increase the collaborative nature of risk management, both within and external to an organization.”
The main areas that IRM vendors cover in their automation of the workflows that support cross-organization collaboration for risk management: Gartner identified six use cases:
- Digital Risk Management (DRM) which integrates the management of risks of digital business components, such as cloud, mobile, social and big data, and third-party technologies like artificial intelligence and machine learning, operational technology (OT), and the Internet of Things (IoT).
- Vendor Risk Management (VRM) which help organizations manage the risks of third parties with adequate controls for business continuity management, performance, viability, security and data protection.
- Business Continuity Management (BCM): the practice of coordinating, facilitating and executing activities to identify risks of business disruptions, implement disaster recovery solutions and recovery plans, respond to disruptive events and recover mission-critical business operations.
- Audit Management (AM): the independent and objective evaluation, analysis and assessment of the effectiveness of an organization's system of internal control, governance processes and risk management capability.
- Corporate Compliance and Oversight (CCO): regulatory compliance and change management
- Enterprise Legal Management (ELM): focuses on supporting legal and compliance departments, corporate secretaries, boards of directors and senior management.
Major IRM players
Gartner identified five critical capabilities for Integrated Risk Management solutions:
- Risk and Control Documentation/Assessment
- Incident Management
- Risk Mitigation Action Planning
- KRI Monitoring/Reporting
- Risk Quantification and Analytics
Using these key criteria Gartner team placed the top 16 IRM suppliers in their traditional Magic Quadrant chart:
Where does corporate treasury department fit?
The role and the importance of Integrated Risk Management systems is growing rapidly. Companies are having to consider all their risks and exposures together. The issues for corporate treasury departments include how to ensure:
- it is clear who is responsible for assessing each type of risk
- their risk and exposure management work is recognised and understood, and used effectively
- their own risk management assessments are integrated within the overall IRM positions.
Source: Gartner “Magic Quadrant for Integrated Risk Management” by John A. Wheeler, Jie Zhang, Earl Perkins.
CTMfile take: IRM is vital. CTMfile will be holding WEBchats on where corporate treasury departments fit in IRM programmes.
Like this item? Get our Weekly Update newsletter. Subscribe today