The Institute of Risk Management (IRM)

2nd floor Sackville House 143 - 149 Fenchurch Street London, EC3M 6BN
+44 (0)20 7709 9808
  • About IRM

    The Institute of Risk Management (IRM) is the world’s leading enterprise-wide risk education Institute. We are independent, well-respected advocates of the risk profession, owned by practising risk professionals. IRM passionately believes in the importance of risk management and that investment in education and continuing professional development leads to more effective risk management.  

    We provide qualifications, short courses and events at a range of levels from introductory to expert. IRM supports risk professionals by providing the skills and tools needed to put theory into practice in order to deal with the demands of a constantly changing, sophisticated and challenging business environment. We operate internationally, with members and students in over 90 countries, drawn from a variety of risk-related disciplines and a wide range of industries. 

    As a not-for-profit organisation, IRM reinvests any surplus from its activities in the development of international qualifications, membership, short courses and events. 

Is the GDPR an opportunity to improve risk management processes?


Most risk managers at the IRM’s Big Debate event in London this July had started their GDPR projects. But from a show of hands, few considered the General Data Protection Regulation an opportunity to improve risk management processes.

Julia Graham, deputy CEO and technical director at Airmic, told delegates that they should be doing just that.

For example, under GDPR companies must document what personal data they hold. They must know where it came from and with whom it’s shared. If companies share inaccurate data, they need to correct it with their data partners.

Organisations must demonstrate their accountability. That means having a firm grip on their data and its underlying processes.

Sound like a drag? It will be. But understanding what data the business owns and how it is used and shared could be a huge benefit. With such knowledge, exploiting data through advanced analytics techniques is possible. And with only about 1% of organisations in that position today, complying with GDPR could bring competitive advantage.