Day 1: Monday, October 16, 2023

12:30 PM - 1:00 PM

Registration & Networking

(Hotel Lobby)

 

Track 1

(York Suite)

Track 2

(Lancaster Suite)

 
1:00 PM - 3:00 PM
 

Workshop

Enterprise GRC by Design: Blueprint for an Effective, Efficient & Agile Enterprise GRC Management Program

Enterprise GRC by Design is something an organization does and not something an organization buys. GRC, done properly, is what is achieved throughout the business and its operations. By definition, GRC is “a capability to reliably achieve objectives [governance] while addressing uncertainty [risk management] and acting with integrity [compliance].” This requires that GRC needs to be understood in the context of enterprise strategy, objectives, architecture, and processes. GRC by Design requires an enterprise/organization architecture approach to the organization and how it operates.

Michael Rasmussen

GRC Analyst & Pundit, GRC 20/20 Research

Workshop

"REAL" Cyber Risk Quantification: How to model and build a Cyber Risk Quantification program as a strategic and operational decision support system

The need for effective cyber risk management based on quantification has been recognized for many years as a prerequisite for success. Many of the models to date provide lots of promise but fall woefully short of delivering effective, scalable, and viable solutions to support near-real-time decision-making and prioritization. In part, this is due to the fact that the models focus almost exclusively on loss avoidance and are scenario-based. In this workshop, you'll get an up-close-and-personal overview of how Asset Value-based Risk Quantification works, how to model it in any business vertical, and how to get started on this pioneering approach to "real" risk quantification and management.

Grace Beason

Director of Governance, Risk and Compliance, Guidewire Software

Gavin Anthony Grounds

CEO & Co-Founder, Mercury Risk and Compliance, Former - Meta & Verizon
 
3:00 PM - 3:20 PM

Networking Break

(Piano Bar Kensington)

 
3:20 PM - 4:30 PM
 

Workshop

(Continued)

Enterprise GRC by Design: Blueprint for an Effective, Efficient & Agile Enterprise GRC Management Program

Enterprise GRC by Design is something an organization does and not something an organization buys. GRC, done properly, is what is achieved throughout the business and its operations. By definition, GRC is “a capability to reliably achieve objectives [governance] while addressing uncertainty [risk management] and acting with integrity [compliance].” This requires that GRC needs to be understood in the context of enterprise strategy, objectives, architecture, and processes. GRC by Design requires an enterprise/organization architecture approach to the organization and how it operates.

Michael Rasmussen

GRC Analyst & Pundit, GRC 20/20 Research

Product Session

Accelerate Your GRC with Flexible No Code/Low Code Customization

The foundation of a strong GRC and risk management program is a flexible, integrated software platform – one that is cognitive and powered by artificial intelligence for smart decisions; continuous and always available through automation and mobile; and cloud-based for fast access and easy, low-code updating. Explore the basis of the next generation of GRC – the MetricStream platform. Uncover new opportunities and discover the power of low-code/no-code.

Joy Bhowmick

Senior Vice President, Product Development, MetricStream

Sunay Zelewat

Associate Director, Product Management, MetricStream
 
4:30 PM - 5:30 PM

Networking & Cocktails

(Piano Bar Kensington)

 
 

Day 2: Tuesday, October 17, 2023

8:00 AM - 9:00 AM

Registration

(Hotel Lobby)

Networking Breakfast

(Palace Suite Lobby)

 
9:00 AM - 9:10 AM

Welcome Note

Introduction and Welcome

(Palace Suite)

Jonathan Quayle

Regional Vice President, Europe, MetricStream
 
9:10 AM - 9:50 AM

Opening Keynote

Experience the Power of Connection

Today's volatile and dynamic world, characterized by interconnected risks, increasing regulations, and rapidly emerging operational, cyber, geopolitical, enterprise, and technology challenges, demands new ways of working. Join us to learn how ConnectedGRC is powering agility and resilience through connected, cognitive, and cloud-based risk management. 

Gaurav Kapoor

CEO and Co-Founder, MetricStream

David Storey

Vice President Health, Safety & Environment, dnata

Sarah Harman

Leader - Operational Risk Framework and Systems, Nationwide Building Society
 
9:50 AM - 10:25 AM

Panel

Navigating Complexity: Strategies for Mitigating Interconnected Risks and Compliance Challenges in a Dynamic Business Environment

Cyber. Operational Resilience. Enterprise. Supply Chain. Geopolitical. Cloud. As risks interconnect and regulations like DORA require immediate attention, how can risk and GRC leaders stay ahead? Join C-level experts as they discuss creating a connected framework to manage and mitigate interconnected risks, strategies to keep up with fast-moving regulatory change, and the importance of AI and automation in managing risk.

Azizi Bin Md Ali

Chief Compliance Officer, Petroliam Nasional Berhad (PETRONAS)

Toby Billington

Managing Director - ICG Business Risk and Controls leadership team, Citi
 
10:25 AM - 11:00 AM

Product Keynote

Future of ConnectedGRC

The future of Governance, Risk, and Compliance (GRC) lies in the integration of cognitive technologies, continuous monitoring, and cloud solutions. This paradigm shift, enabled through automated workflows, AI-driven insights, and cloud adoption, holds the promise to improve risk identification, mitigation, and compliance. Real-time monitoring enables proactive risk management, while cloud adoption fosters scalability and accessibility. In this session, experts will explore how these advancements streamline decision-making, heighten operational efficiency, and ensure adaptive compliance in an ever-evolving business landscape.

Prasad Sabbineni

Co-CEO, MetricStream

Raghuram Srinivas

SVP, Product Management, MetricStream

Joy Bhowmick

Senior Vice President, Product Development, MetricStream
 
11:00 AM - 11:20 AM

Networking Break

(Palace Suite Lobby)

 
11:20 AM - 11:50 AM

Customer Case Study

Nordea

Jacob Holmehave

Head of Group Risk Office, Nordea

Brian F. Sørensen

Chief Execution Leader - Group Risk Change Management, Nordea
 
11:50 AM - 12:25 PM

Panel

Driving Operational Resilience through Governance, Risk, Compliance, Cyber and Audit

Risks can occur in any part of your business--and preparing for them can't occur in siloes. Becoming operationally resilient requires a proactive, connected approach across governance, risk, compliance, audit, and cyber functions. In this C-level session, discover how to build a true resilience strategy across all lines of business and functions and the role of automation and AI to streamline GRC and audit processes.

Chandrra Sekhaar

Chief Audit Executive (EMEA) - SMF 5, Mizuho

Jacqui McDonald

CIO Group Finance, RFT Technology, Barclays

Nor Harliza Baharom

General Counsel, Compliance Strategy & Planning, Petroliam Nasional Berhad (PETRONAS)
 
12:25 PM - 1:00 PM

Expert Talk

Agile and Cognitive GRC – Managing the Benefits and Risk of AI

New technologies like Generative AI hold the promise of transforming the GRC function by making it fully agile and resilient – yet AI too poses its own risks and challenges. Join Michael Rasmussen, the “father of GRC” from GRC 20/20 Research, as he explores the possibilities and pitfalls of AI for GRC and how you can adapt in this fast-changing technological landscape.

Michael Rasmussen

GRC Analyst & Pundit, GRC 20/20 Research
 
1:00 PM - 1:45 PM

Networking Lunch

(Piano Bar Kensington)

 

Track 1

(Palace Suite)

Track 2

(York Suite)

 
1:45 PM - 2:15 PM
 

Customer Case Study

dnata

David Storey

Vice President Health, Safety & Environment, dnata

Customer Case Study

Mediolanum

Denise Murray

Head of Risk & Compliance, Mediolanum International Funds
 
2:15 PM - 2:50 PM
 

Panel

The Changing Role of Internal Audit

Discover the evolving landscape of internal audit in the UK, Europe, and globally in this dynamic panel discussion. Uncover the latest trends, challenges, and opportunities that are reshaping the profession. Learn from industry experts as they provide valuable insights on adapting and excelling in this changing audit environment.

Brandon Wright

Head of Books & Records Audit, Bilfinger SE

Ivan Martinez

Chief Audit Executive, Banco Santander London Branch

Despina Andreadou

Chief Audit Executive, Eurobank S.A.

Neil Currie

Product – Integration and RegData, CUBE

Product Session

Accelerate Your GRC with Flexible No Code/Low Code Customization

The foundation of a strong GRC and risk management program is a flexible, integrated software platform – one that is cognitive and powered by artificial intelligence for smart decisions; continuous and always available through automation and mobile; and cloud-based for fast access and easy, low-code updating. Explore the basis of the next generation of GRC – the MetricStream platform. Uncover new opportunities and discover the power of low-code/no-code.

Joy Bhowmick

Senior Vice President, Product Development, MetricStream

Sunay Zelewat

Associate Director, Product Management, MetricStream
 
2:50 PM - 3:25 PM
 

Customer Case Study

Nationwide Building Society

Sarah Harman

Leader - Operational Risk Framework and Systems, Nationwide Building Society

Phil Crook

Head of Compliance, Nationwide Building Society

Product Session

Power What's Next in Enterprise & Operational Risk Management

In today’s connected world, managing enterprise and operational risks requires a complete, collaborative approach – across the organization and the extended enterprise, including your third parties. In this session, we will explore the importance of holistic enterprise and operational risk management strategies to identify and manage risk. Learn how MetricStream enables you to manage risk and ultimately, thrive on risk with a structured approach, best practice risk assessment methodologies and standards, and an accurate understanding of risk exposure across your organization.

Sunay Zelewat

Associate Director, Product Management, MetricStream

Ritesh Kini

Director, Customer Success Europe, MetricStream
 
3:25 PM - 4:00 PM
 

Panel

Modern Compliance: Connection, Collaboration, and Culture

Modern compliance is far from just a checkbox exercise: It's a business enabler that drives collaboration and value across and even outside the enterprise. From building a culture of compliance to connecting compliance data to uncover risks to collaborating across compliance areas like ESG, third-party risk, audit, HR, and more, join our panel of experts to see how strategic compliance can build value for your business.

Sophie Dupre-Echeverria

Chief Risk & Compliance Officer, GIB Asset Management

Phil Crook

Head of Compliance, Nationwide Building Society

Peter Funck

Head of Governance, Risk and Compliance, Trafikverket

Nael Kamil Nor Hisham

Senior Manager, Compliance System & Solutions, PETRONAS

Panel

Ensuring Collaboration Across the Lines of Defense to Strengthen Internal Controls

The effectiveness of an organization's internal controls is crucial in safeguarding assets, ensuring compliance, and mitigating risks. Achieving a robust control environment, however, hinges on seamless collaboration and communication across the lines of defense within the organization. This session explores strategies and best practices to break down silos and foster cooperation between the "Three Lines of Defense."

Fazal Mohammed

Head of ORM - Asset Management, Phoenix Group

Benjamin Rowsell

Head of Enterprise and Operational Risk, Nationwide Building Society

Jane Claydon

UK Compliance Director, American Express

Dorothea Liebl

Head of Internal Control Governance, Siemens Energy
 
4:00 PM - 4:15 PM

Networking Break

(Palace Suite Lobby) & (Piano Bar Kensington)

 
4:15 PM - 4:45 PM
 

Panel

Innovation and Risk: Encouraging a Risk-Taking Mindset for Business Growth

In today's fast-paced and competitive landscape, fostering a culture of innovation and embracing calculated risks has become imperative for organizations seeking sustainable growth and success. The discussion delves into the challenges and opportunities that arise when encouraging a risk-taking mindset within the context of driving innovation and achieving business growth.

Philipp Herrmann

Head Risk Management, Operations Department, Abu Dhabi Investment Authority

Sahil Bhardwaj

Group Head of Internal Audit & Risk, British Standards Institution (BSI)

Petr Brezina

Manager Operational Risk, KBC Asset Management

Dr. Jenny J Birdi

Head of Operational Risk and Risk Strategy UK, HSBC

Product Session

Power What's Next in IT & Cyber Risk, Compliance Management

Cyber risks and attacks are escalating sharply, with data breaches at an all-time high cost of $4.4M – putting your organization at business, financial, and reputational risk. In addition, new cyber regulations are being introduced, creating the need for fast disclosure time and robust compliance and risk management. Multiple standards and frameworks demand harmonization and automated control testing. How can your organization meet these evolving risk management and compliance needs – across IT, security, and the business? Join this session for practical advice and tips on how MetricStream can help.

Jose Biscaya

Director, Platform Product Manager - IT & Cyber Security, MetricStream
 
4:45 PM - 5:15 PM
 

Customer Case Study

Siemens Energy

Michael Gropp

IT Program Manager GRC, Siemens Energy

Expert Talk

Real-World Case Studies: Delivering Business Value and Operational Excellence Through Enterprise, Cyber Risk, and Compliance Management

As digital and cyber risks explode, a holistic approach to managing them is essential. The principles that apply to governance, risk, and compliance also apply to IT risk and compliance, especially as risks become more and more interconnected and attack surfaces expand. In this session, a practitioner will describe building a connected IT GRC/risk/compliance program from the ground up and the results generated.

Grace Beason

Director of Governance, Risk and Compliance, Guidewire Software

Gavin Anthony Grounds

CEO & Co-Founder, Mercury Risk and Compliance, Former - Meta & Verizon
 
5:15 PM - 5:30 PM

Closing Keynote

(Palace Suite)

Gunjan Sinha

Executive Chairman, MetricStream
 
5:30 PM - 6:00 PM

GRC Journey Awards

Recognizing GRC Excellence: The GRC Journey Awards

What does GRC excellence look like in action? MetricStream will recognize key achievements of customers and partners in the field of governance, risk and compliance management.

 
6:00 PM - 7:00 PM

Reception

(Piano Bar Kensington)