The RTJ Bridge - The Research Platform Created by the Publishers of The RiskTech Journal

The RTJ Bridge is an independent research platform delivering institutional-grade IRM market intelligence, vendor competitive assessments, and strategic risk technology analysis. Built by the analyst who created the Integrated Risk Management category at Gartner, The RTJ Bridge gives risk leaders, technology executives, and solution providers the same caliber of competitive intelligence that major analyst firms charge $25,000 to $50,000+ per year to access.

Subscribers to The RTJ Bridge receive full access to:

IRM50 OnWatch Vendor Assessments — Competitive analysis of leading IRM vendors as market events unfold, covering platform strategy shifts, M&A impact, earnings signals, and positioning changes.
Autonomous IRM and AI Governance Research — Original research on how agentic AI is reshaping risk management operating models, from production deployment patterns to the structural implications for vendor platforms and enterprise programs.
Analyst Firm and Market Critiques — Independent assessments of research from Gartner, Forrester, and other major analyst firms, viewed through the IRM Navigator Model to identify gaps, validate signals, and challenge conventional positioning.
Board Governance and Audit Committee Intelligence — Research on oversight effectiveness, emerging risk response gaps, audit committee workload challenges, and the disconnect between risk reporting and executive action.
M&A and Strategic Alliance Analysis — Same-week analysis of acquisitions, partnerships, and PE investment moves reshaping the IRM competitive landscape, with implications for buyers, vendors, and investors.
Regulatory, ESG, and Sustainability Risk — Research on how evolving regulatory frameworks (SEC cyber disclosure, EU CSRD/CSDDD, AI regulation) affect enterprise risk programs and technology requirements.
IRM Navigator™ Market Intelligence — Strategic previews and deep dives from the IRM Navigator Model, the only independent model built specifically to evaluate integrated risk management maturity and vendor alignment.
Cyber Risk, Insurance, and Third-Party Risk — Analysis of cyber risk quantification, insurance market dynamics, and the convergence of third-party risk management into enterprise IRM programs.

Subscribe to get access now

The RTJ Bridge Subscription

$79.99

Every month

The RTJ Bridge is an independent IRM research platform published by Wheelhouse Advisors. Subscribers receive ongoing access to vendor competitive assessments, AI disruption analysis, M&A and partnership impact research, and IRM Navigator™ market intelligence. This is the only research platform built and led by the analyst who created the Integrated Risk Management category, a market now valued at over $61 billion and projected to reach $133 billion by 2031.

✓ IRM50 Vendor Intelligence

✓ Autonomous IRM and AI Governance Insights

✓ Analyst Firm Critiques

✓ M&A, PE, and Alliance Intelligence

✓ IRM Category Creator Perspective

A ship's bridge with a person standing inside, seen through large glass windows, on a white vessel with round portholes and safety railing.

Samantha "Sam" Jones 1/15/26 Samantha "Sam" Jones 1/15/26

IRM50 OnWatch - Diligent Acquires 3rdRisk, Signaling a Faster IRM Convergence of GRC and AI-Native Third-Party Risk

On January 14, 2026, Diligent announced its acquisition of 3rdRisk, a Netherlands-based, AI-native third-party risk management (TPRM) platform. Diligent positioned the deal as an expansion of its Diligent One Platform toward “AI-native third-party risk management at scale,” emphasizing automated vendor profiling, assessment workflows, and AI-driven document analysis to compress audit readiness timelines.

This transaction is not simply module expansion. It is a strategic signal that TPRM has moved from being a compliance-adjacent workflow into a board-visible risk domain that must operate continuously, particularly as regulatory expectations for supply chain and digital dependency oversight intensify.

Samantha "Sam" Jones 9/25/25 Samantha "Sam" Jones 9/25/25

IRM50 OnWatch: Signals Include Embedded AI Controls with ServiceNow, IBM and Hyperproof

AI moves from pilots to embedded controls. ServiceNow, IBM, and Hyperproof advanced AI features that directly support evidence collection, model governance, and remediation, signaling a shift from productivity to verifiable compliance outcomes.
Third-party risk converges into unified stacks. SecurityScorecard’s acquisition of HyperComply combines questionnaire automation with ratings, showing buyers should expect integrated TPRM platforms over the next two to three quarters.
Resilience, ESG, and privacy institutionalize further. Everbridge, Workiva, EcoOnline, and OneTrust reinforced ESG disclosure, personal safety integration, and AI governance, aligning risk practices with board-level assurance expectations.
Identity threats remain systemic. Microsoft, Cloudflare, and law enforcement dismantled a phishing-as-a-service network targeting Microsoft 365, underscoring identity proofing and MFA as structural controls in IRM workflows.

John A. Wheeler 6/24/25 John A. Wheeler 6/24/25

When One Link Breaks the Chain

UNFI, Whole Foods, and the Broader Crisis of Single-Point Fragility in the Age of Integrated Risk

A silent node in the North American supply chain collapsed on June 7, 2025. Its name: United Natural Foods Inc. (UNFI), the primary distributor for Whole Foods and a dominant force in food logistics. A cyberattack forced UNFI to take its systems offline. Overnight, deliveries halted. Shelves emptied. Shares fell. And just like that, a backend dependency became a front-page disruption.

But this isn't a grocery story. It's a structural parable. When a single upstream dependency goes dark, every industry—from manufacturing to finance, healthcare to logistics—learns the same hard lesson: concentration breeds collapse.

The era of just-in-time is colliding with the era of just one point of failure. And unless risk leaders elevate Integrated Risk Management (IRM) from a compliance afterthought to a strategic command center, the next outage won't just break continuity—it will break companies.

Ori Wellington 6/5/25 Ori Wellington 6/5/25

When the AI Black Box Blows Up

Builder.ai’s Collapse and the Unspoken Risk of Third-Party AI Dependencies

In May 2025, Builder.ai—a self-styled “AI software factory” based in London—collapsed into insolvency. Its promise had captivated global investors: a revolutionary platform that used artificial intelligence to build bespoke software with the ease of ordering a pizza. The startup raised over $500 million from Microsoft, the Qatar Investment Authority, SoftBank, and Insight Partners. In 2023, it was valued at over $1.3 billion.

But beneath its glossy demos and bold claims, Builder.ai was held together by human coders, creative accounting, and possibly fabricated revenue. As reported by the Financial Times, Microsoft and other top-tier investors are now grappling with the realization that they may have backed a business that not only overstated its AI capabilities—but systematically inflated its financials.

Builder.ai is not merely a failed startup. It is a warning shot to any organization that depends on third-party AI providers without meaningful oversight or technical verification. The question that now must be asked across boardrooms and IT departments alike:

If Microsoft—with all its engineering prowess—could be misled, what chance does a mid-sized business have?