Skip to main content
IRM - Integrated Risk Management (Gartner)



IRM - Integrated Risk Management (Gartner)

IRM is a new approach to risk management that integrates risk activities from across an organization to enable better and more sustainable strategic decision making.

Gartner coined this term in 2016 to describe the evolution of technologies and processes beyond what Gartner now considers legacy GRC (Governance, Risk, and Compliance) approaches. Gartner differentiates IRM from GRC by suggesting GRC is primarily compliance-focused, confined within organizational silos, and used by technical practitioners. By contrast, IRM is risk-focused, comprehensive, and used by business leaders.  IRM considers comprehensive operational and IT risk posture to drive strategic decision making.  

Seeking Clarity?

View the Cybersecurity Dictionary for top terms searched by your peers.

Explore the Dictionary

Related Assets

June 20, 2018

Information Risk Management

Optiv Security helps you evaluate current practices, identify needs and gaps and map your security goals to business objectives.

See Details

April 09, 2018

Risk and Its Place in the Ever Changing Role of Security

Learn about recent changes in the cyber security landscape.

See Details

March 08, 2018

The Five Steps to Managing Third-Party Risk

Learn how to manage the many forms of third-party risk.

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.

Privacy Policy

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.


Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.