IRM OnWatch: Signals Include Embedded AI Controls with ServiceNow, IBM and Hyperproof

IRM50 On WatchArtificial IntelligenceThird-party RiskSustainability Reporting
Written By Samantha "Sam" Jones

  • AI moves from pilots to embedded controls. ServiceNow, IBM, and Hyperproof advanced AI features that directly support evidence collection, model governance, and remediation, signaling a shift from productivity to verifiable compliance outcomes.

  • Third-party risk converges into unified stacks. SecurityScorecard’s acquisition of HyperComply combines questionnaire automation with ratings, showing buyers should expect integrated TPRM platforms over the next two to three quarters.

  • Resilience, ESG, and privacy institutionalize further. Everbridge, Workiva, EcoOnline, and OneTrust reinforced ESG disclosure, personal safety integration, and AI governance, aligning risk practices with board-level assurance expectations.

  • Identity threats remain systemic. Microsoft, Cloudflare, and law enforcement dismantled a phishing-as-a-service network targeting Microsoft 365, underscoring identity proofing and MFA as structural controls in IRM workflows.

Samantha "Sam" Jones

Samantha “Sam” Jones is the lead research analyst for the IRM Navigator™ series and a core contributor to The RiskTech Journal and The RTJ Bridge. As a digital editorial analyst, she specializes in interpreting vendor strategy, market evolution, and the convergence of technology with enterprise risk practices.

As part of Wheelhouse’s AI-enhanced advisory team, Sam applies advanced analytical tooling and editorial synthesis to help decode the structural changes shaping the risk management landscape.

Sign up to read this post
Join Now
Previous

IRM OnWatch: Signals Include Governance Pressure, AI Adoption Proof Points, and Human-in-the-loop Design
Next

Provision 29 and the Trust Deficit: How UK Boards Can Convert a High-Stakes Declaration into Credible Assurance