The Risk Wheelhouse
The Risk Wheelhouse is designed to explore how RiskTech is transforming the way companies approach risk management today and into the future. The podcast aims to provide listeners with valuable insights into integrated risk management (IRM) practices and emerging technologies. Each episode will feature a "Deep Dive" into specific topics or research reports developed by Wheelhouse Advisors, helping listeners navigate the complexities of the modern risk landscape.
Episodes
63 episodes
S7E2: The Autonomous Enterprise And The AI Control Tower
You can feel the shift happening when you stop picturing “AI tools” and start picturing “AI workers.” From the floor of ServiceNow Knowledge 26 in Las Vegas, we zoom out from the shiny security headlines and explain what John A. Wheeler argues ...
S7E1: The Delve Collapse And The New Rules Of Enterprise Trust
A compliance certificate is supposed to be like a bridge inspection: real materials, real tests, real signatures, and real accountability. Then AI arrived, and the market started rewarding something else entirely, speed. The result is what we c...
S6E9: Why Legacy Risk Platforms Break Under AI Pressure
A slick AI demo can make any risk platform look like the future, but architecture is destiny. We unpack the dangerous boardroom illusion where leaders treat radically different “AI GRC” products as interchangeable, then we map what is actually ...
S6E8: 2026 VC Sonar™ for Performance and Resilience
Risk teams don’t lose sleep over unknowns anymore. They lose sleep over lag. We dig into why time-to-action has eclipsed visibility as the true differentiator for performance and resilience, and how autonomous IRM turns risk signals into verifi...
S6E7: AI Upends GRC - From Clipboards To Control Planes
What happens when the firm that helped define integrated risk management turns a critical lens on the category's foundations?In this episode, analysts Ori Wellington and Sam Jones preview two major Wheelhouse Advisors research publicatio...
S6E6: Board Priorities 2026 - The Integration Trap
Growth used to win every boardroom vote. Now the data says something different: directors are prioritizing technology adoption and integration as the top 2026 investment, even as they admit their weakest expertise sits in AI, cybersecurity, and...
S6E5: 2026 Convergence - Risk Management Must Be Integrated
The ground rules of risk have changed, and waiting for the next headline won’t save the balance sheet. We take you inside “The 2026 Convergence: Integrated Risk Management in a New Era” and map how cyber, AI, third parties, geopolitics, and rep...
S6E4: Avoiding The RiskTech Buyer Trap
Shiny demos are everywhere, but what if that “next-gen SaaS” risk platform is still a construction zone under the hood? We unpack the Risk Tech Buyer Trap and show how modern UIs and AI buzz can disguise where vendors really are on the path to ...
S6E3: The IRM Navigator™ - Turning Risk Into A Strategic Operating Model
Risk work that lives in reports but not in decisions is a hidden tax on performance. We tackle that problem head-on by unpacking the IRM Navigator, an operating model that connects standards and roles to the real systems and moments where choic...
S6E2: Rethinking Integrated Risk, From ROI To Dividends
Integrated Risk Management (IRM) is repeatedly underfunded for a structural reason: leaders keep forcing IRM into an ROI construct that demands a single, auditable chain of causality, while IRM is designed to distribute value across multiple do...
S6E1: NVIDIA CES 2026 - The Blueprint for Autonomous IRM
Season 6 opens with a clear message for Technology Risk Management leaders: autonomy is no longer constrained by model capability, it is constrained by infrastructure discipline and auditable management controls.In S6E1, Ori Wellington a...
S5E9: ServiceNow Buys Armis, Telemetry Meets Workflow for IRM
ServiceNow’s planned $7.75B all-cash acquisition of Armis (targeted to close in H2 2026) is easy to misfile as “just another cybersecurity deal.” In this episode, Wheelhouse Advisors’ Ori Wellington and Sam Jones explain wh...
S5E8: 2025 ERM Vendor Compass - The New Enterprise Decision Layer
Most ERM programs are still built to prove activity, not to produce decisions. In 2025, that gap is becoming visible at the board level, and it is getting punished. The new performance standard is measurable: time to decision
S5E7: Stop Buying Better Silos: How the IRM Navigator™ Curve Exposes RiskTech Hype
Feeling lost in a sea of “next‑gen” risk tools that all promise unified visibility and maturity? We break the cycle of flashy demos and stalled implementations with a practical, research‑backed way to evaluate vendors and build a roadmap that a...
S5E6: Build An Emerging Risk Reflex Before The Next Shock Hits
A hard truth drives this conversation: leaders are seeing the risks but not making the moves. We unpack the 76–42–22 drop-off, visibility to engagement to action, and show why the real bottleneck isn’t data, it’s decision architecture. If your ...
S5E5: Why GRC Stabilized And IRM Took The Lead
The latest episode of The Risk Wheelhouse tackles one of the strangest sights in this year’s risk technology landscape. The 2025 Gartner Magic Quadrant for Governance, Risk, and Compliance arrives with an empty Visionaries quadrant. No challeng...
S5E4: Unified IRM - AI Governance, Acquisitions and Alliances
The ground under GRC is shifting, and it’s not subtle. We break down how unified integrated risk management is replacing checklist compliance with an operating model that ties performance, resilience, assurance, and compliance together. From AI...
S5E3: 2025 ORM Vendor Compass - The Enterprise Resilience Engine
Resilience isn’t a binder anymore. It’s a live system that has to perform under pressure. We pull apart the 2025 IRM Navigator™ Vendor Compass for Operational Risk Ma...
S5E2: Redrawing Data Lines - DOJ’s DSP and the New National Security Mandate
Your “encrypted” data may still be regulated and today the rules start to bite. We unpack how the Department of Justice’s Data Security Program moves from guidance to strict enforcement and why it reframes data governance as a national security...
S5E1: When AI manages risk, who manages the AI?
Autonomous IRM is moving from the lab into the core of enterprise risk, compliance, and security and the stakes couldn’t be higher. When a self-learning agent flags threats, scores claims, or polices policy violations, who is accountable, how d...
S4E11: Behind Boardroom Doors - The New Era of UK Corporate Transparency
Corporate governance is undergoing a revolution in the UK, and Provision 29 of the 2024 Corporate Governance Code stands at the epicenter of this transformation. Far beyond traditional financial oversight, this groundbreaking rule mandates unpr...
S4E10: From Boardroom to Code Base - How the EU AI Act Reshapes Business Strategy
Artificial intelligence stands at a crossroads of breathtaking innovation and urgent need for responsible guardrails. Every breakthrough brings questions about safety, fairness, and accountability that can no longer be afterthoughts. The Europe...
S4E9: The SaaS Domino Effect - How Compromised OAuth Tokens Created a Cybersecurity Nightmare
Behind every digital business lies an invisible web of trust: the OAuth tokens silently connecting your applications. What happens when these trusted connections become your greatest vulnerability?A sophisticated attack campaign recentl...
S4E8: Beyond Binders: GRC's Radical Shift to Integrated Risk Management and Enterprise Trust
Governance, Risk, and Compliance (GRC) has undergone a remarkable transformation. What was once the "department of no" – characterized by manual checklists, endless audits, and rooms full of binders – has evolved into a strategic verification b...
S4E7: The Academic Reckoning of Risk Management
Risk management evolution isn't just about new acronyms—it's about organizational survival in an increasingly complex world. When we examine the journey from checkbox compliance to genuine integration, we uncover profound lessons about how busi...