The RiskTech Journal

The RiskTech Journal is your premier source for insights on cutting-edge risk management technologies. We deliver expert analysis, industry trends, and practical solutions to help professionals stay ahead in an ever-changing risk landscape. Join us to explore the innovations shaping the future of risk management.

John A. Wheeler 5/14/26 John A. Wheeler 5/14/26

Why Your ERM Program Cannot Get a Seat at the Strategy Table

Every chief risk officer reading this knows the conversation. The CEO asks what the top three strategic risks are this quarter. The answer comes from a quarterly risk register refresh and a heat map. The CEO nods, thanks the CRO, and moves on. Nothing changes.

The new COSO/Crowe practitioner guide, From Guidance to Action: Exploring Practical Enterprise Risk Management, just put a number on how widespread this pattern is. Ninety-three percent of enterprise risk management programs are stuck on the wrong side of the strategy conversation, and the reason is not what most risk leaders have been told.

John A. Wheeler 4/11/25 John A. Wheeler 4/11/25

No Manager, No Strategy—Why GRC Alone Can’t Win the Risk Game

If Governance, Risk, and Compliance (GRC) is like a team without a manager, IRM is the system that brings structure, alignment, and leadership to the field. Without a manager, even talented players operate in silos—doing what they think is best individually but without strategic coordination or shared purpose. That’s the reality in many organizations today: siloed compliance, governance, and risk functions acting without integration.

IRM provides the playbook and the leadership. It integrates GRC with Enterprise Risk Management (ERM), Operational Risk Management (ORM), and Technology Risk Management (TRM) to form a unified team—managed strategically, guided by data, and aligned around shared enterprise objectives.