ServiceNow Named a Leader in the 2021 Gartner® Magic Quadrant™ for IT Risk Management for the Second Year in a Row
According to Gartner, “By 2023, 80% of organizations with formal risk management programs will use an IT risk management (ITRM) product to manage their cyber and IT risks, which is a significant increase from fewer than 45% today.”1
IT departments have been tasked with planning for and mitigating risks that have become increasingly urgent due to the shifts spurred by COVID-19 – including cybersecurity threats, productivity and health safety concerns, and new regulations. Through its unified platform, continuous monitoring and automation,
“Organizations are facing more cross-departmental risk resulting from everyday disruptions and new ways of working, which makes it more vital than ever to take an enterprise-wide approach to risk management. Teams need to work together – connecting IT and business data with risks, compliance policies, processes, and decisions,” said
Key components of the
- Risk management - Enable fine-grained business impact analysis to holistically prioritize risk across IT, security, and the business, and respond to critical changes in risk posture.
- Operational Risk Management - Assess operational risks, report risk events, and enable enterprise level risk reporting to protect stakeholders and maintain shareholder value.
- Policy and compliance management -Automate best practice lifecycles, unify compliance processes, and help provide assurances around an organization’s risk mitigation effectiveness.
- Audit management - Scope and prioritize audit engagements using risk data and profile information to reduce recurring audit findings, enhance audit assurance, and optimize resources around internal audits.
- Vendor risk management - Institute a standardized and transparent process to manage the lifecycle for risks assessments, due diligence, and risk response with business partners and vendors.
- Business Continuity Management - Plan, exercise, and recover from disasters effectively and efficiently as a key part of a robust integrated risk management program.
- Regulatory Change Management - Create a single taxonomy and integrate with regulatory intelligence providers and public RSS feeds to assess the impact of changes and track implementation efforts for a seamless, end-to-end program.
- Operational Resilience Management - Gain visibility and build resilience into business processes across technology, people, facilities, and suppliers.
- Privacy Management - Identify personal data, assess the impact new or changing business processes or vendors might have on privacy, and continuously monitor processes to proactively manage privacy risk and assist with compliance obligations pursuant to evolving, global regulations.
- Continuous Authorization and Monitoring - Automate the processes that support risk management frameworks (RMF) such as NIST RMF (used to achieve certification such as the Cybersecurity Maturity Model Certification), bring systems on-line faster, and enable continuous authorization.
The 2021 Gartner Magic Quadrant for IT Risk Management is available here: https://www.servicenow.com/lpayr/gartner-it-risk-management.html
For more information on
1 Gartner, Magic Quadrant for IT Risk Management,
Gartner does not endorse any vendor, product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Gartner and Magic Quadrant are registered trademarks of Gartner, Inc. and/or its affiliates in the