Day 1: Monday, October 16, 2023
Registration & Networking
Track 1
Track 2
Workshop
Enterprise GRC by Design: Blueprint for an Effective, Efficient & Agile Enterprise GRC Management Program
Enterprise GRC by Design is something an organization does and not something an organization buys. GRC, done properly, is what is achieved throughout the business and its operations. By definition, GRC is “a capability to reliably achieve objectives [governance] while addressing uncertainty [risk management] and acting with integrity [compliance].” This requires that GRC needs to be understood in the context of enterprise strategy, objectives, architecture, and processes. GRC by Design requires an enterprise/organization architecture approach to the organization and how it operates.
Workshop
(Continued)
Enterprise GRC by Design: Blueprint for an Effective, Efficient & Agile Enterprise GRC Management Program
Product Session
Power What's Next in Enterprise & Operational Risk Management
In today’s connected world, managing enterprise and operational risks requires a complete, collaborative approach – across the organization and the extended enterprise, including your third parties. In this session, we will explore the importance of holistic enterprise and operational risk management strategies to identify and manage risk. Learn how MetricStream enables you to manage risk and ultimately, thrive on risk with a structured approach, best practice risk assessment methodologies and standards, and an accurate understanding of risk exposure across your organization.
Workshop
(Continued)
Enterprise GRC by Design: Blueprint for an Effective, Efficient & Agile Enterprise GRC Management Program
Product Session
Power What's Next in IT & Cyber Risk, Compliance Management
Cyber risks and attacks are escalating sharply, with data breaches at an all-time high cost of $4.4M – putting your organization at business, financial, and reputational risk. In addition, new cyber regulations are being introduced, creating the need for fast disclosure time and robust compliance and risk management. Multiple standards and frameworks demand harmonization and automated control testing. How can your organization meet these evolving risk management and compliance needs – across IT, security, and the business? Join this session for practical advice and tips on how MetricStream can help.
Networking Break
Track 1
Track 2
Track 3
Workshop
(Continued)
Enterprise GRC by Design: Blueprint for an Effective, Efficient & Agile Enterprise GRC Management Program
Workshop
(Continued)
Power What's Next in IT & Cyber Risk, Compliance Management
Workshop
"REAL" Cyber Risk Quantification: How to model and build a Cyber Risk Quantification program as a strategic and operational decision support system
The need for effective cyber risk management based on quantification has been recognized for many years as a prerequisite for success. Many of the models to date provide lots of promise but fall woefully short of delivering effective, scalable, and viable solutions to support near-real-time decision-making and prioritization. In part, this is due to the fact that the models focus almost exclusively on loss avoidance and are scenario-based. In this workshop, you'll get an up-close-and-personal overview of how Asset Value-based Risk Quantification works, how to model it in any business vertical, and how to get started on this pioneering approach to "real" risk quantification and management.

Grace Beason
Director Of Governance, Risk and Compliance, Guidewire Software
Gavin Anthony Grounds
CEO & Co-founder, Mercury Risk and Compliance, Former - Meta & VerizonWorkshop
(Continued)
Enterprise GRC by Design: Blueprint for an Effective, Efficient & Agile Enterprise GRC Management Program
Workshop
Low Code No Code
The foundation of a strong GRC and risk management program is a flexible, integrated software platform – one that is cognitive and powered by artificial intelligence for smart decisions; continuous and always available through automation and mobile; and cloud-based for fast access and easy, low-code updating. Explore the basis of the next generation of GRC – the MetricStream platform. Uncover new opportunities and discover the power of low-code/no-code.

Joy Bhowmick
Head of Research and Development , MetricStreamWorkshop
(Continued)
"REAL" Cyber Risk Quantification: How to model and build a Cyber Risk Quantification program as a strategic and operational decision support system
Networking & Cocktails
Day 2: Tuesday, October 17, 2023
Networking Breakfast
Welcome Note
Introduction and Welcome

Jonathan Quayle
Regional Vice President, Europe, MetricStreamOpening Keynote
Experience the Power of Connection
Today's volatile and dynamic world, characterized by interconnected risks, increasing regulations, and rapidly emerging operational, cyber, geopolitical, enterprise, and technology challenges, demands new ways of working. Join us to learn how ConnectedGRC is powering agility and resilience through connected, cognitive, and cloud-based risk management.

Gaurav Kapoor
Co-CEO, Co-Founder, MetricStreamPanel
Navigating Complexity: Strategies for Mitigating Interconnected Risks and Compliance Challenges in a Dynamic Business Environment
Cyber. Operational Resilience. Enterprise. Supply Chain. Geopolitical. Cloud. As risks interconnect and regulations like DORA require immediate attention, how can risk and GRC leaders stay ahead? Join C-level experts as they discuss creating a connected framework to manage and mitigate interconnected risks, strategies to keep up with fast-moving regulatory change, and the importance of AI and automation in managing risk.

Azizi Bin Md Ali
Chief Compliance Officer, Petroliam Nasional Berhad (PETRONAS)Product Keynote
Cognitive, Continuous, and Cloud: The Future of GRC
The future of Governance, Risk, and Compliance (GRC) lies in the integration of cognitive technologies, continuous monitoring, and cloud solutions. This paradigm shift, enabled through automated workflows, AI-driven insights, and cloud adoption, holds the promise to improve risk identification, mitigation, and compliance. Real-time monitoring enables proactive risk management, while cloud adoption fosters scalability and accessibility. In this session, experts will explore how these advancements streamline decision-making, heighten operational efficiency, and ensure adaptive compliance in an ever-evolving business landscape.

Prasad Sabbineni
Co-CEO, MetricStream
Raghuram Srinivas
SVP, Product Management, MS Innovations, MetricStream
Joy Bhowmick
Head of Research and Development , MetricStreamNetworking Break
Customer Case Study
GRC Challenges in Operations: Bridging Cultural and Regulatory Differences

Jacob Holmehave
Head of Group Risk Office, Nordea
Brian F. Sørensen
Chief Execution Leader - Group Risk Change Management, NordeaCustomer Case Study
Panel
Driving Operational Resilience through Governance, Risk, Compliance, Cyber and Audit
Risks can occur in any part of your business--and preparing for them can't occur in siloes. Becoming operationally resilient requires a proactive, connected approach across governance, risk, compliance, audit, and cyber functions. In this C-level session, discover how to build a true resilience strategy across all lines of business and functions and the role of automation and AI to streamline GRC and audit processes.

Chandrra Sekhaar
Chief Audit Executive (EMEA) - SMF 5, Mizuho
Jacqui McDonald
CIO Group Finance, RFT Technology, Barclays
Nor Harliza Baharom
General Counsel, Compliance Strategy & Planning, Petroliam Nasional Berhad (PETRONAS)No Company is an Island: How a Connected World Creates New Risk Management Challenges

Michael Rasmussen
GRC Analyst & Pundit, GRC 20/20 ResearchNetworking Lunch
Track 1
Track 2
Panel
AiSPIRE
GRC professionals, from risk leaders to compliance officers, auditors, and security managers, need a more dynamic and "just in time" approach to keep up with the fast-evolving risk and regulatory landscape. There is an urgent need to move beyond automation and embrace cognitive technologies that not only perform mundane, repeatable tasks but also provide intelligent recommendations to address any issues. In this session, we will deep dive into MetricStream’s latest AI-based innovations that will enable you to enhance your GRC program and strategy by improving efficiency, optimizing recurring cost, and freeing up team’s bandwidth for new and more critical activities.

Raghuram Srinivas
SVP, Product Management, MS Innovations, MetricStream
Panel
The Changing Role of Internal Audit
Discover the evolving landscape of internal audit in the UK, Europe, and globally in this dynamic panel discussion. Uncover the latest trends, challenges, and opportunities that are reshaping the profession. Learn from industry experts as they provide valuable insights on adapting and excelling in this changing audit environment.

Brandon Wright
Head of Books & Records Audit, Bilfinger SE
Ivan Martinez
Chief Audit Executive, Banco Santander London Branch
Despina Andreadou
Chief Audit Executive, Eurobank S.A.Customer Case Study
The multi-module implementation , with the challenges during the journey, and the benefits and successful achievements

Sarah Harman
Leader - Operational Risk Framework and Systems, Nationwide Building Society
Phil Crook
Head of Compliance, Nationwide Building Society
Panel
The Three Cs of Modern Compliance: Connection, Collaboration, and Culture
Modern compliance is far from just a checkbox exercise: It's a business enabler that drives collaboration and value across and even outside the enterprise. From building a culture of compliance to connecting compliance data to uncover risks to collaborating across compliance areas like ESG, third-party risk, audit, HR, and more.
Join our panel of experts to see how strategic compliance can build value for your business.

Peter Funck
Head of GRC, Swedish Road Administration
Sophie Dupre-Echeverria
Chief Risk & Compliance Officer, GIB Asset Management
Phil Crook
Head of Compliance, Nationwide Building Society
Nael Kamil Nor Hisham
Senior Manager, Compliance System & Solutions, PETRONASCustomer Case Study
Aligning Risk Management with Business Objectives and Decision-Making

Michael Gropp
IT Program Manager GRC, Siemens Energy
Customer Case Study
Ensuring Collaboration Across the Lines of Defense to Strengthen Internal Controls

Fazal Mohammed
Head of ORM - Asset Management, Phoenix Group
Benjamin Rowsell
Head of Enterprise and Operational Risk, Nationwide Building Society
Jane Claydon
Director, UK Compliance Advisory, American Express
Dorothea Liebl
Head of Internal Control Governance, Siemens EnergyNetworking Break
Panel
Innovation and Risk: Encouraging a Risk-Taking Mindset for Business Growth
In today's fast-paced and competitive landscape, fostering a culture of innovation and embracing calculated risks has become imperative for organizations seeking sustainable growth and success. The discussion delves into the challenges and opportunities that arise when encouraging a risk-taking mindset within the context of driving innovation and achieving business growth.

Philipp Herrmann
Head Risk Management, Operations Department, Abu Dhabi Investment Authority
Sahil Bhardwaj
Group Head of Internal Audit & Risk, British Standards Institution
Petr Brezina
Manager Operational Risk, KBC Asset Management
Product Session
Digital Transformation and Operational Resilience: Adapting to New Technologies and Workflows
In an increasingly digital world, the dependency on technology exposes organizations to various digital risks, including cyber threats and regulatory challenges. This discussion will explore the critical importance of digital operational resilience. Join us to learn about best practices, industry insights, and practical approaches to ensure your business's continuity and thrive in a rapidly evolving digital landscape.
Product Session
Digital Operational Resilience: Building Robust Strategies to Safeguard Business Continuity in the Face of Disruptions
In an increasingly digital world, the dependency on technology exposes organizations to various digital risks, including cyber threats and regulatory challenges. This discussion will explore the critical importance of digital operational resilience. Join us to learn about best practices, industry insights, and practical approaches to ensure your business's continuity and thrive in a rapidly evolving digital landscape.
Expert Talk
Real-World Case Studies: Delivering Business Value and Operational Excellence Through Enterprise, Cyber Risk, and Compliance Management
The scope of organizational risks today is not just limited to enterprise and third-party risks but also environmental, social, and governance risks. Managing them requires an integrated approach that includes several ESG aspects. Join this panel discussion to understand why an integrated approach is an absolute must and how it can help organizations enhance their sustainability, resilience, and long-term success.

Grace Beason
Director Of Governance, Risk and Compliance, Guidewire Software
Gavin Anthony Grounds
CEO & Co-founder, Mercury Risk and Compliance, Former - Meta & VerizonGRC Journey Awards
Recognizing GRC Excellence: The GRC Journey Awards
What does GRC excellence look like in action? MetricStream will recognize key achievements of customers and partners in the field of governance, risk and compliance management.
Reception at Piano Bar