• Home
• Schedule
  • Agenda At-A-Glance
  • Pre-Workshops
  • Day One Agenda
  • Day Two Agenda
• Speakers
• Event Information
  • Venue and Travel
  • Tuition
• Sponsors
  • Event Sponsors
  • Sponsorship Info
• News and Resources
• Media and Press
• Get Connected
  • Linked-In
  • Twitter
  • GSMI Community
  • Facebook

Day One Overview

8:00
Registration & Continental Breakfast 8:45
Opening Remarks From the Chair
9:00
GRC Outlook, Trends & Drivers Behind an Integrated, GRC Policy: Industry Experts Share an Umbrella of Insights
Our expert panel will provide helpful insights into the trajectory of the GRC outlook in the short-term, mid-term and long-term. They will address new developments that we are seeing in the regulatory regime, compliance requirements as well as the totality of security infrastructure. Also, they will speak to how this evolving market is impacting on their corporate IT decisions and how those decisions can remain valid in the years ahead while we are impacted by tighter regulations and requirements. What changes can we anticipate? Are their predictions foregone conclusions or simply “best guesses?” What are they acting upon to support their GRC initiatives and how are they hedging the risks of any of their decisions against possible future developments? 10:00
Deconstructing & Demystifying GRC vs. ERM
There is undoubtedly an evolution towards integrating GRC and ERM in a not quite merger of equals. There is also clearly some confusion surrounding exactly which is what. Is GRC umbrella philosophy, with ERM one methodology within it? Clearly the overriding goal with either GRC or ERM is to assure that all risks are identified, analyzed and quantified to determine where best to invest a company’s resources. With that said some clarity about what the differences are and how they work separately and together is in order. This session will shed some light on this increasing boundary blur between these two functions.

10:30
Morning Refreshments & Networking Opportunity

10:45

Exclusive Keynote Address by Ali Samad-Khan, President of Stamford Risk Analytics:
Evolving from Risk Control to Risk Management

• What is risk management in the context or ORM/ERM?
• Changing the Culture: Evolving from loss prevention/risk control to true risk management?
• Using hard data, soft data and expert opinion to make informed risk based decisions supporting effective enterprise/operational risk management
  

11:30
Optimal Continuous Controls Monitoring for Transactions
This session provides insights on how to implement a continuous control monitoring system for optimal results. Issues to be addressed include ensuring long term sustainability within the technical infrastructure, tackling common obstacles and detecting weakness within the system. Special attention will be paid to data privacy considerations. You will learn why many organizations fall short in achieving a seamless process and what you can do to ensure success. Also addressed:

• Implications of multiple sets of reporting standards
• Impact of International regulations
• Which SAP functionality can support a continuous control monitoring program

12:15
Luncheon for Speakers, Sponsors & Delegates
CONFERENCE HIGHLIGHT
1:15 GO GREEN: 10 FOR 7 DEMONSTRATION SERIES
This demonstration session provides exposure to specific solutions to compliance challenges. 10 for
7 is an innovative showcase where 10 hand-picked sellers present, for 7 minutes each, their latest innovations to interested buyers who are eager to learn about the latest solutions in the market. 10 for 7 provides a distinctly unique opportunity to quickly determine which solutions you may want to explore in greater depth.
Afternoon Concurrent Sessions:
Choose Track “A” or “B”
Track A: GRC-IT Focus
Track B: Legal/Regulatory Focus
2:30
Track A

Solidifying a Strategy for Broad and Successful Implementation of a GRC IT Program: What Do You Need? What Do You Have?
And Where Do You Put it?
There are so many suppliers and providers available for GRC, what are important approaches companies should consider when evaluating a solution that will work for them? Key questions that will be addressed in this session include:

• How many vendors does it take to handle all facets of a GRC program?
• Defining your GRC solutions needs and what you need to achieve them
• Do the G and the R and the C need to be handled by separate vendors?

Track B

Confronting the Demands of Increased Corporation Oversight & Looming Regulatory Mandates

• Eliminate silos to enable more informed decisions within and across the entire enterprise
• Manage risk by creating a common risk management framework within the organization
• Create consistent methods, processes, and metrics for risk identification, risk assessment, and risk mitigation.
• Simplify and automate key portions of your risk management process to make better decisions with respect to strategic risk and compliance initiatives.
• Reduce costs by identifying and consolidating redundant controls and testing
• Improve control monitoring for reporting and monitoring of policy and compliance-related violations across your organization.
• Streamline compliance processes by providing a mapping of all your policies, controls and regulatory requirements.
  

3:15
Afternoon Refreshment & Speed Networking Opportunity

3:45

Track A

3rd Party Providers: How do you Engage them, Outsource to them, Build a Working Relationship with Them

• A discussion of the legal relationship between your company and the 3rd party provider
• What type of initial due diligence of the 3rd party provider should occur
• Ongoing oversight obligations: a look at Rules 38a-1 and 206(4)-
• How to maintain a constructive and healthy working relationship

Track B

Mitigating Compliance Anxiety in an Increasingly Regulated World

• Identify available cost savings by addressing the full spectrum of compliance challenges
• Streamline auditing and reporting through automation
• Ensure accuracy through continuous monitoring of source data and key business controls

4:30

Track A

Developing Metrics & Measures for Information Security Risk
When most organizations today think about information protection, compliance is at the top of that list. This new level of consciousness has become both a tremendous benefit to information security professionals as well as their greatest fear. This session will address the best ways to develop metrics and measures surrounding your security risk function. Included will be:

• Identifying specific metrics for compliance and ethics structures
• Various structures that can be measured, including effectiveness and performance
• Assessment of design and operational effectiveness

Track B

Staying On Top Of Corporate Governance Requirements as the Global Financial Markets Continue to Ride on a Roller Coaster
We can be absolutely sure that the consequences of the financial crisis will reach far and wide, in the form of a fresh round of regulation and oversight that is likely to spill over into many jurisdictions, with important implications for governance and corporate legal departments. While legal’s role in governance is but one facet in a corporation, it is an essential one. It is likely that the continuing aftershocks of the Wall Street meltdown will have lasting effects with new rules coming around governance and transparency. This session will Identify ways in which you and your company’s legal department can be prepared for the future changes.

5:15
Day One Sessions Conclude

Platinium Sponsor:

Featured Sponsors:

Sponsors:

Media Partners:

Presented by