Click here to access subscription content at The RTJ Bridge - The Premium Version of The RiskTech Journal

〰️

Click here to access subscription content at The RTJ Bridge - The Premium Version of The RiskTech Journal 〰️

The RiskTech Journal

The RiskTech Journal is your premier source for insights on cutting-edge risk management technologies. We deliver expert analysis, industry trends, and practical solutions to help professionals stay ahead in an ever-changing risk landscape. Join us to explore the innovations shaping the future of risk management.

Where Autonomous IRM Begins—And Where It Must Go Next
Autonomous IRM, Cybersecurity, ServiceNow, Tuskira John A. Wheeler Autonomous IRM, Cybersecurity, ServiceNow, Tuskira John A. Wheeler

Where Autonomous IRM Begins—And Where It Must Go Next

The Quiet Rise of Autonomous IRM—From the Middle Out

Autonomous IRM is no longer theoretical. AI-powered platforms are starting to deliver tangible value: agentic systems that simulate attacker behavior, validate control effectiveness, and recommend mitigation actions—often autonomously.

The June 5 announcement from Tuskira, integrating directly with ServiceNow’s Vulnerability Response and SecOps modules, is a prime example. By embedding simulation-backed scoring and posture-aware mitigation into operational workflows, Tuskira is delivering intelligence in real time.

But there’s something missing: the announcement doesn’t mention Integrated Risk Management (IRM) at all.

That silence is a signal. Tuskira operates in what Wheelhouse Advisors defines as Layer 3: Intelligence & Validation—the middle of the risk architecture. And while this layer is where automation is gaining traction, it’s also where many organizations are managing in isolation, without input from either end of the enterprise risk stack.

Read More
From Permit to Platform—How CTRL WRK Turns Lockout/Tagout into an Autonomous IRM Use Case
Autonomous IRM, Operational Risk Management, ServiceNow Samantha "Sam" Jones Autonomous IRM, Operational Risk Management, ServiceNow Samantha "Sam" Jones

From Permit to Platform—How CTRL WRK Turns Lockout/Tagout into an Autonomous IRM Use Case

A high-risk, paper-bound safety workflow finds new life on the ServiceNow platform—signaling a broader shift toward AI-enabled operational risk intelligence.

What was once a clipboard-bound safety task has now become a signal of something larger: the acceleration of Autonomous Integrated Risk Management (Autonomous IRM) through purpose-built, domain-native micro-apps. On June 2, CTRL WRK—a GenAI-powered “Control of Work” (CoW) application focused on lockout/tagout (LOTO) permitting—launched on the ServiceNow Store. While its function is precise, the implications are far-reaching.

This is more than digitization. It’s the embodiment of a broader market shift: from static compliance toward dynamic, AI-enabled risk management embedded directly into operational workflows.

Read More
Generative AI Is Steering Banks Toward Autonomous IRM—But the Bridge Isn’t Finished Yet
Artificial Intelligence, GenAI, Autonomous IRM, McKinsey Samantha "Sam" Jones Artificial Intelligence, GenAI, Autonomous IRM, McKinsey Samantha "Sam" Jones

Generative AI Is Steering Banks Toward Autonomous IRM—But the Bridge Isn’t Finished Yet

When McKinsey & Company published “How generative AI can help banks manage risk and compliance” in March 2024, it put blue-chip credibility behind a growing consensus: large-language models and related GenAI tools will automate swaths of the three-lines-of-defense and up-end conventional governance, risk, and compliance (GRC) workflows. What McKinsey did not say—but unmistakably implied—is that the old compliance-first paradigm is now on borrowed time. The firm’s use-case catalogue—from virtual regulatory advisors to code-generating “risk bots”—maps neatly onto the early layers of Autonomous Integrated Risk Management (IRM): continuously sensing risk, generating controls, and feeding decision-grade insight back into the business.

Yet the report also reveals a tension. McKinsey still frames GenAI as a helper inside discrete risk silos, guarded by human-in-the-loop checkpoints. Autonomous IRM envisions something bolder: an AI-directed control fabric that dissolves those silos, embeds itself in front-line processes, and—over time—lets the machine take the first swing at routine risk decisions while humans govern the exceptions.

Read More
Live from RSA: Autonomous IRM Moves from Vision to Reality
Autonomous IRM, RSA 2025 Vendor Insights, Artificial Intelligence Ori Wellington Autonomous IRM, RSA 2025 Vendor Insights, Artificial Intelligence Ori Wellington

Live from RSA: Autonomous IRM Moves from Vision to Reality

The RSA Conference is renowned for highlighting significant shifts in cybersecurity and risk management. This year, alongside familiar conversations about persistent cybersecurity threats and regulatory pressures, a deeper transformation is occurring: the rise of Autonomous Integrated Risk Management (Autonomous IRM). Vendors at RSA 2025 are showcasing solutions that go beyond merely automating routine tasks, moving toward independently identifying, assessing, and mitigating risks across enterprise ecosystems without constant human intervention.

Read More