The Risk Wheelhouse Podcast
The Risk Wheelhouse is the podcast dedicated to exploring how RiskTech is reshaping the future of risk management. Hosted by our experts, Ori Wellington and Sam Jones, each episode delves deep into Integrated Risk Management (IRM), offering insights into the latest trends, technologies, and strategies. Join us to stay ahead in the ever-evolving risk landscape and empower your organization with actionable knowledge.
S5E5: Why GRC Stabilized And IRM Took The Lead
The latest episode of The Risk Wheelhouse tackles one of the strangest sights in this year’s risk technology landscape. The “2025 Gartner Magic Quadrant for Governance, Risk, and Compliance” arrives with an empty Visionaries quadrant. No challengers, no upstarts, just silence where innovation used to live. Rather than treating this as a warning sign, Ori Wellington and Sam Jones explain why the quiet is a signal that GRC has finally stabilized into what it was always best suited to be: the institutional assurance backbone that proves what happened, preserves the evidence, and keeps auditors, regulators, and boards on solid ground.
S5E4: Unified IRM - AI Governance, Acquisitions and Alliances
We dive into why AI governance is now table stakes for any serious IRM platform, what an effective AI registry and dynamic risk assessment look like, and how automated compliance mapping to the NIST AI RMF, ISO 42001, and the EU AI Act changes daily work. Along the way, we unpack recent moves like AuditBoard’s AI-focused acquisition and its expanded alliance with a major consultancy, illustrating why services plus software has become the adoption formula. On the ESG front, partnerships that link board reporting with carbon accounting signal a deeper integration of climate and sustainability data into operational risk and financial performance.
S4E8: Beyond Binders - GRC's Radical Shift to Integrated Risk Management and Enterprise Trust
Governance, Risk, and Compliance (GRC) has undergone a remarkable transformation. What was once the "department of no" – characterized by manual checklists, endless audits, and rooms full of binders – has evolved into a strategic verification backbone powering trust across organizations.
This radical shift positions GRC at the center of Integrated Risk Management (IRM), where policies, controls, and compliance data flow dynamically through organizations to provide real-time assurance. The market reflects this evolution, with GRC projected to grow from $12.1 billion in 2025 to $25.1 billion by 2032 – not as an unavoidable cost, but as a strategic investment that builds market-enhancing trust and enables bolder innovation.
S4E7: The Academic Reckoning of Risk Management
Risk management evolution isn't just about new acronyms. It's about organizational survival in an increasingly complex world. When we examine the journey from checkbox compliance to genuine integration, we uncover profound lessons about how businesses navigate danger and why some approaches fundamentally fail when pressure hits.
This deep dive traces the fascinating progression from Governance, Risk and Compliance (GRC) through Enterprise Risk Management (ERM) to today's Integrated Risk Management (IRM) framework. Drawing from John Wheeler's powerful "Risk Ignored" series, we explore how GRC emerged after Sarbanes-Oxley as an elegant solution on paper that quickly collapsed under its own weight. As Norman Marks memorably quipped, GRC often stood for "Governance, Risk Management, and Confusion."
S4E4: How Workiva's 32% Stock Surge Reveals a Deeper Industry Transformation
Workiva's spectacular 32% stock surge after their Q2 2025 earnings reveals something much deeper than just a strong quarter. Their $215 million revenue (up 21% year-over-year) and impressive 114% net retention rate signal the market's growing confidence in their strategic transformation—a shift that parallels the entire risk management industry's evolution.
What makes this story fascinating is the context. Before this surge, Workiva had struggled, with their stock down 24% over two years due to overreliance on specific regulatory drivers like the EU's Corporate Sustainability Reporting Directive. When regulations faced delays, revenue recognition suffered, spooking investors. This vulnerability exposed a fundamental weakness in their business model.
S3E6: The Strategic Risk Revolution—Why Traditional GRC Is Falling Short
In Episode S3E6 of The Risk Wheelhouse Podcast, hosts Ori Wellington and Sam Jones unpack a revealing analysis by McKinsey & Company, highlighting critical weaknesses in traditional Governance, Risk, and Compliance (GRC) frameworks. Despite significant investment, many organizations report disappointing results from legacy GRC approaches. Wellington and Jones discuss five systemic shortcomings identified by McKinsey that underscore why traditional GRC struggles in today’s complex, rapidly evolving business environment.
S3E5: The Workiva Sell-Off Reveals What's Really Driving Today's IRM Market
A minor tremor—or a market wake-up call?
In the latest episode of The Risk Wheelhouse, hosts Ori Wellington and Sam Jones break down a seemingly routine market fluctuation that revealed far more than expected. Season 3, Episode 5—The Workiva Sell-Off Reveals What’s Really Driving Today’s IRM Market—examines how the sudden drop in Workiva’s stock price, despite favorable earnings, exposed a deeper truth about the state of Integrated Risk Management (IRM) in 2025.
At first glance, the culprit seemed small: whispers of delays to the EU’s Corporate Sustainability Reporting Directive (CSRD) and postponed sustainability regulations triggered investor unease. But beneath that reaction lies a profound shift in IRM market dynamics. No longer driven solely by product innovation, today’s IRM landscape is shaped equally by the volatility of regulatory timelines, geopolitical risk, and enterprise strategy.
S2E6: Integrated Risk Management – Evolution Beyond ERM and GRC
Traditional risk management frameworks like Enterprise Risk Management (ERM) and Governance, Risk, and Compliance (GRC) were designed for a different era—one where risks were more predictable and siloed. But in today’s fast-moving landscape, these approaches are no longer enough. Integrated Risk Management (IRM) is emerging as the future of risk strategy, offering a holistic, proactive approach that aligns risk with business objectives.