Analysts Answer: What’s the Best Way to Plan for Risk?

Gartner analysts share why risk management activities and tying risk management to the organizations strategy are key in 2017.

Security leaders in 2017 are tasked with the challenging prospect of securing technology in a rapidly changing digital world.


Ahead of Gartner Security & Risk Management Summit 2017, Smarter With Gartner reached out to analysts presenting at the event to learn the best way to manage and plan for risk.

What’s the best way to manage and plan for risk in 2017?


In 2017, companies continue to struggle to manage IT, operational and strategic risks in an integrated way. As a result, today only 25% of companies view risk management as an important strategic tool. Gartner’s new approach, called integrated risk management (IRM), is keenly focused on bridging the gaps between specific risk management domains such as vendor risk management and business continuity. At the same time, IRM provides a way for companies to link risk and performance management to propel their businesses forward in a safe and secure manner.”  



The best way to manage risk in 2017 is to drive better decision making through your risk management activities. Address risk-engaged culture with your non-IT executives and get them involved. Stop any risk management activity that is essentially a time-wasting, paper-pushing process that delivers no value.


MatthewStamperShort answer…ensure your risk management program is tied to the organization’s strategy and mission. Develop a strong working knowledge of the risk tolerances and how they impact the enterprise. Remember, without risk, there’s no reward.  

Rethink the Security & Risk Strategy

Why leaders must embrace modern cybersecurity practices

Download Free eBook



JeffreyWheatmanLearn your business. Without a comprehensive understanding of your enterprise’s strategy, goals and objectives, it is inevitable that you will be caught flat-footed and blindsided.

Be a better and more effective communicator — the old approaches of purely quantitative risk communication don’t work. Leverage risk perception and sentiment.

Remember that risk management is another business discipline. If we act like what we do is magic, we won’t be invited to the important meetings.



Gartner Clients can learn more in John Wheeler's full research Top 10 Factors for Integrated Risk Management Success, by

John A. Wheeler, et al.

Get Smarter

Gartner Security & Risk Management Summits

The latest insights on IT trends, evolving security tech and the ever-changing threat landscape.

Explore Gartner Conferences

2019-2021 Emerging Technology Roadmap for Large Enterprises

We gathered expertise from IT professionals across 198 organizations to benchmark adoption stages and risk and value factors for 108 infrastructure and operations technologies for this year. The emerging technologies profiled are spread across six technology buckets: compute and storage, compute and storage (cloud), digital workplace, IT automation, network and security.

Read Free Gartner Research


Get actionable advice in 60 minutes from the world's most respected experts. Keep pace with the latest issues that impact business.

Start Watching