Integrated Risk Management (IRM) is a holistic approach to address risks across a variety of levels in the organization, including strategy and tactics, and covering both opportunity and threat. IRM includes enabling technology to improve decision-making and performance throughout the risk lifecycle. IRM should be approached from several perspectives, which includes creating a strategy that builds a framework for performance improvement, governance, and ownership of risk. IRM should also detail methods for assessing, evaluating and prioritizing risks, as well as the organization’s planned response to risks that occur. IRM includes a plan for communicating and reporting risks and response to key stakeholders in the organization and monitoring risk on an ongoing basis, and the technology to help with these strategies and plans.
Read an interview with Rsam's CEO, Vivek Shivananda, where he answers the question, "Is Integrated Risk Management the New GRC?"