Click here to access subscription content at The RTJ Bridge - The Premium Version of The RiskTech Journal

〰️

Click here to access subscription content at The RTJ Bridge - The Premium Version of The RiskTech Journal 〰️

The RiskTech Journal

The RiskTech Journal is your premier source for insights on cutting-edge risk management technologies. We deliver expert analysis, industry trends, and practical solutions to help professionals stay ahead in an ever-changing risk landscape. Join us to explore the innovations shaping the future of risk management.

Why DORA Metrics Belong in the Risk Committee Packet
DORA, Board of Directors, IRM Navigator™ Samantha "Sam" Jones DORA, Board of Directors, IRM Navigator™ Samantha "Sam" Jones

Why DORA Metrics Belong in the Risk Committee Packet

Boards increasingly receive dashboards showing deployment speed, incident counts, and technology uptime. What is often missing is the recognition that software delivery performance is now a primary driver of enterprise risk. Every material change to products, services, data flows, and controls is executed through software delivery pipelines.

DORA metrics were created to measure delivery performance, but when viewed through an integrated risk lens, they function as early-warning indicators of change risk, operational resilience, and assurance quality. Boards that treat these metrics as engineering detail miss one of the clearest signals of whether risk controls are embedded or cosmetic.

Read More
Audit at the Edge: Governing AI Before It Governs You
Internal Audit, Board of Directors, Artificial Intelligence John A. Wheeler Internal Audit, Board of Directors, Artificial Intelligence John A. Wheeler

Audit at the Edge: Governing AI Before It Governs You

Artificial intelligence is no longer a side project buried in IT. It’s now embedded in decision-making processes across finance, operations, marketing, and customer service. From algorithmic underwriting to autonomous workforce tools, AI is transforming how businesses operate—and how they fail. Yet for many organizations, Internal Audit remains stuck in the past: buried in compliance checklists, siloed in function, and reliant on legacy Governance, Risk, and Compliance (GRC) systems incapable of keeping pace.

Read More
The Myth of Internal Audit Independence: Why It’s Time to Evolve Beyond GRC Thinking
Internal Audit, GRC, Government John A. Wheeler Internal Audit, GRC, Government John A. Wheeler

The Myth of Internal Audit Independence: Why It’s Time to Evolve Beyond GRC Thinking

The debate over the true independence of internal audit (IA) has resurfaced with new urgency following the recent high-profile firings of multiple inspectors general (IGs). Government IGs in the United States operate in similar ways to IA in private-sector organizations. Given their similarity, these IG dismissals have sparked controversy within the IA community, with critics arguing they threaten government oversight and accountability. The situation underscores a long-standing issue: IA and IGs are not truly independent, and continuing to believe otherwise does more harm than good.

Read More