Skip to main content
Integrated Risk Management (IRM)/Governance Risk and Compliance (GRC)

Integrated Risk Management (IRM)/Governance Risk and Compliance (GRC)


Integrated Risk Management/Governance Risk and Compliance

GRC is an organization's coordinated strategy for managing the broad issues of corporate governance, enterprise risk management, and corporate compliance with regard to regulatory requirements. It describes technology platforms and business processes applied to monitor, inform, and manage an organization's: 1) governance relative to specific legal, contractual, internal, social, and ethical parameters, 2) comprehensive risk management efforts; 3) compliance with relevant industry regulations.

IRM is an approach to risk management that integrates risk activities from across an organization to enable better and more sustainable strategic decision making. Gartner coined the term in 2016 to describe the evolution of technologies and processes beyond what the firm now considers to be “legacy” GRC (Governance, Risk, and Compliance) approaches. Gartner differentiates IRM from GRC by suggesting GRC is primarily compliance-focused, confined within organizational silos and used by technical practitioners. By contrast, IRM is risk-focused, comprehensive, and used by business leaders. IRM considers comprehensive operational and IT risk posture to drive strategic decision making.

Seeking Clarity?

View the Cybersecurity Dictionary for top terms searched by your peers.

Explore the Dictionary

Related Assets

March 06, 2018

Cybersecurity, Where Art Thou?

Infosecurity Magazine | March 6, 2018 Looking at the existential crisis of when, where, and how much to invest in cybersecurity.

See Details

September 07, 2017

Cybersecurity Executives Changes

SC Media | September 7, 2017 Venafi has named Ben Golub to its board of directors. Golub is currently the executive chairman and interim CEO at Storj...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.

Privacy Policy

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.


Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.