According to the 2014 Gartner CEO and Senior Executive Survey, research found that when executive management ‘perceive(s) that risk is lower…they are prepared to invest in longer-term growth.” In other words, for organizations to take advantage of opportunities and drive growth, CEOs must be confident in the organization’s ability to address emerging and known risks to achieve positive outcomes. While the appetite is currently much more inclined to focus energy on taking good risks for their business, organizations still can struggle in building that required assurance to exploit opportunities.
In today’s competitive marketplace, organizations are constantly:
- Evaluating risks to business operations that can emerge at any given time;
- Tackling the ever present threat of hackers and digital threats against IT infrastructure;
- Preparing for disasters – natural or manmade;
- Reporting to regulators who are constantly inspecting the business;
- And dependent on third parties to produce products or services and inheriting risks from these external entities.
All of these activities can take away focus from the end game – looking for the right occasion to exploit a market opportunity to introduce or improve a new product or service. However, if risk management is done right – efficiently and effectively –it can be a competitive advantage for your business fueling opportunities with confidence and predictability.
The stakes are high in the risk management game. A conservative approach may keep the business from investing in a new product innovation that the competition may likely take to market more quickly. Risk is a hot topic with Boards and stakeholders expecting risk to be managed effectively and operational and IT risk gaining visibility at all levels within the organization. Gone are the days when risk management was a loosely defined concept just expected to happen or simply the responsibility of a dedicated team. Today, risk management is expected to be executed with discipline and attention – from the frontline employees to the executives.With this in mind, Gartner announced in 2014 that they were planning to shake up the Magic Quadrants for Governance, Risk and Compliance (GRC) and focus on specific risk use cases. In November, we announced that RSA was one of only three vendors to be positioned in the Leader’s Quadrant in the Gartner Magic Quadrant for IT Vendor Risk Management. In addition, RSA Archer was positioned as a Leader in the Gartner Magic Quadrant for Operational Risk Management that was released in December.
And this week, Gartner has released their last risk-related report, the Magic Quadrant for IT Risk Management. Once again, EMC-RSA has been positioned as a Leader.
Across all three of these risk-related Gartner reports, EMC-RSA was positioned highest in “Ability to Execute.”
We believe the increased focus from Gartner underscores the importance of risk management in surviving today’s competitive market. Nearly every business unit within an organization is getting involved to identify and manage risks actively as they arise. After all, they are the most in-tune with risks within the business line and they are also best equipped to accept, treat and mitigate the risk in accordance with their tolerance, policies and procedures. As a result, business units are now engaging fully in the risk management framework. A coordinated, integrated level of risk intelligence helps enable CEOs and management teams to fuel their businesses more actively with new opportunities that are within their risk tolerance.
This risk intelligence shift has been accelerating over the last 2 years. Organizations like international financial services provider Rabobank have taken advantage of risk management technology to unify their view of risk-related activities by implementing a single tool, RSA Archer GRC. As a result, they have helped to ensure that personnel have access to the data they need for effective ongoing risk management, while united the workforce with performance efficiencies. Check out this video that describes their program. The discussion at the executive level has changed. CEOs expect risk management to be proactively addressed resulting in discussions that bring transparency to the process and confidence to the management team.
Interested in seeing more details about the Gartner Magic Quadrant reports? All three reports are now publicly available: the Gartner Magic Quadrant for IT Vendor Risk Management, the Gartner Magic Quadrant for Operational Risk Management and the Gartner Magic Quadrant for IT Risk Management.
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from EMC. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.