Day 1: Wednesday, November 6, 2024
Registration
(Hotel Lobby)
Networking Lunch
(Palace Suite Lobby)
Track 1 (Lancaster Suite)
Track 2 (York Suite)
Workshop
Enterprise GRC by Design: Blueprint for an Effective, Efficient & Agile Enterprise GRC Management Program
Enterprise GRC by Design is something an organization does and not something an organization buys. GRC, done properly, is what is achieved throughout the business and its operations. By definition, GRC is “a capability to reliably achieve objectives [governance] while addressing uncertainty [risk management] and acting with integrity [compliance].” This requires that GRC needs to be understood in the context of enterprise strategy, objectives, architecture, and processes. GRC by Design requires an enterprise/organization architecture approach to the organization and how it operates.
Michael Rasmussen
Analyst & Pundit, GRC 20/20 Research & GRC Report
Workshop
Mastering Risk and Control Self-Assessments: Why They Fail and How to Derive Value
Join this dynamic 2-hour interactive workshop led by Elena Pykhova, best-selling author and founder of The Op Risk Company, as she delves into mastering Risk and Control Self-Assessments (RCSAs). Discover actionable strategies to maximize the value of RCSAs, from industry benchmarks and methodology to expert facilitation and audience insights. Learn how to craft the ultimate 3-page report and measure success effectively. Don’t miss out on this opportunity to elevate your RCSA practice!
Elena Pykhova
Director and Founder, The Op Risk Company LtdBreak
(Palace Suite Lobby)
Workshop (continued)
Enterprise GRC by Design: Blueprint for an Effective, Efficient & Agile Enterprise GRC Management Program
Enterprise GRC by Design is something an organization does and not something an organization buys. GRC, done properly, is what is achieved throughout the business and its operations. By definition, GRC is “a capability to reliably achieve objectives [governance] while addressing uncertainty [risk management] and acting with integrity [compliance].” This requires that GRC needs to be understood in the context of enterprise strategy, objectives, architecture, and processes. GRC by Design requires an enterprise/organization architecture approach to the organization and how it operates.
Michael Rasmussen
Analyst & Pundit, GRC 20/20 Research & GRC Report
Workshop
Operational Resilience: Navigating Disruption with Confidence
In an era of increasing uncertainty, operational resilience is critical for organizations to anticipate, prepare for, respond to, and recover from disruptions. This session will explore key principles of operational resilience, including impact and tolerance assessments, scenario testing, and adaptive strategies for navigating crises. Attendees will gain insights into regulatory expectations, technological innovations, and practical tools to strengthen their organization's capacity to sustain operations in the face of both predictable and unforeseen challenges.
Shreyank S. Kamat
Senior Director, Product Management, MetricStreamWorkshop (continued)
Enterprise GRC by Design: Blueprint for an Effective, Efficient & Agile Enterprise GRC Management Program
Enterprise GRC by Design is something an organization does and not something an organization buys. GRC, done properly, is what is achieved throughout the business and its operations. By definition, GRC is “a capability to reliably achieve objectives [governance] while addressing uncertainty [risk management] and acting with integrity [compliance].” This requires that GRC needs to be understood in the context of enterprise strategy, objectives, architecture, and processes. GRC by Design requires an enterprise/organization architecture approach to the organization and how it operates.
Michael Rasmussen
Analyst & Pundit, GRC 20/20 Research & GRC Report
Workshop
Navigating DORA: Strengthening Digital Operational Resilience
The Digital Operational Resilience Act (DORA) is reshaping how financial institutions in the EU manage risks in an increasingly digital world. This session will provide an overview of DORA's regulatory requirements, focusing on key provisions around ICT risk management, incident reporting, and third-party risk. Attendees will learn how technological innovations will enhance digital operational resilience, ensure compliance, and safeguard critical systems against cyber threats and operational disruptions.
Sunay Zelawat
Associate Director, Product Management, MetricStreamDrinks & Reception
(Piano Kensington)
Day 2: Thursday, November 7, 2024
Registration
(Hotel Lobby)
Networking Breakfast
(Palace Suite Lobby)
Welcome Note
Introduction and Welcome
(Palace Suite)
Asia Anwar Jones
VP UK & Europe - Sales, MetricStreamOpening Keynote
Shaping the Future of GRC with AI and Resilience
As interconnected risks escalate and transformative forces continue to accelerate, how can you and your risk teams stay proactive and current? Discover the power of connection in Governance, Risk, and Compliance (GRC) as we explore the future of risk, from people to processes to next-generation technologies like Gen AI. We will discuss key trends and how to apply them to take your GRC programs, career, and insights to the next level. Join us as we delve into the dynamic realms of GRC and AI to navigate complex risk and regulatory landscapes with agility and resilience.
Gaurav Kapoor
CEO and Co-Founder, MetricStreamKeynote & Fireside Chat
Axel P. Lehmann
Former Group Executive Board Member, UBS and Ex-Chairman of Credit SuisseGunjan Sinha
Executive Chairman, MetricStreamCXO Panel
Designing Integrated GRC and Resilience Programs for Sustainable Business Growth
In today's dynamic and complex business environment, organizations must adopt a resilient approach to their GRC practices to thrive on risk. Join this session to explore the synergies between GRC and resilience, understanding how these disciplines can be seamlessly combined to create a cohesive framework that not only ensures compliance and mitigates risks but also enhances organizational resilience.
Robert Taylor
Head of Enterprise and Non-Financial Risk, London Stock Exchange GroupLibby Denchfield
Global Head, Operations, Systems, Reporting & Analytics - Operation, Technology & Cyber, Standard Chartered BankBenjamin Rowsell
Head of Enterprise and Operational Risk, Nationwide Building SocietyBreak
(Palace Suite Lobby)
Product Keynote
What’s Driving Key GRC Technology Innovations: The Three Cs and the Power of Connection
Today's volatile and dynamic world, characterized by interconnected risks, increasing regulations, and rapidly emerging operational, cyber, geopolitical, enterprise, and technology challenges, demands new ways of working. Join us to learn how Connected GRC is powering agility and resilience through connected, cognitive, and cloud-based risk management.
Raghuram Srinivas
Head of Product, MetricStreamCXO Panel
Expanding the AI horizon in GRC while Ensuring Strong AI Governance
This session delves into the expanding role of AI in Governance, Risk, and Compliance (GRC), focusing on the importance of robust AI governance. We will explore use cases in GRC, managing risk compliance policies, and internal audit related to AI models. Additionally, we'll address the challenges of auditing AI, skill gaps, and policy limitations. The session emphasizes collaboration across the three lines of defense and highlights the growing role of internal audit in ensuring transparency and accountability in AI governance within GRC frameworks.
Sakari Lehtinen
Chief Audit Executive, OP Financial GroupWilna Meiring
Managing Executive: Corporate Risk and Security, Vodacom Group (Pty) LtdPeyman Mestchian
Professor and Director of Research, Institute of Finance & Technology, University College LondonManish Kumar
Chief Risk Officer, SCB DataXExpert Talk
Agile and Cognitive GRC – Reaping the Benefits and Managing the Risk of AI
The convergence of agile methodologies and cognitive technologies is revolutionizing the GRC landscape. Join this session to gain insights into the benefits of agile GRC, including increased efficiency, adaptability, and stakeholder engagement. Learn how to identify and manage risks related to AI and how to adopt the best approaches to reap the benefits of AI while proactively managing its risks.
Michael Rasmussen
Analyst & Pundit, GRC 20/20 Research & GRC ReportNetworking Lunch
(Palace Suite Lobby)
Track 1
(Palace Suite)
Track 2
(Albert Suite)
Track 3
(Victoria Suite)
Panel
Modernizing RCSAS With Dynamic and Data-Driven Approaches
Traditional risk and control self-assessments (RCSAs) often fall short of capturing the dynamic nature of today's business environment. Learn how to leverage data and technology to identify emerging risks, assess control effectiveness more accurately, and prioritize remediation efforts. Join this session to understand advanced techniques for designing and implementing dynamic RCSAs, including continuous monitoring, predictive analytics, and scenario planning
Margaret Norden
Global Head OTCR Framework and Stress Testing, Standard Chartered BankBen Jeary
Head of Operational Risk, SantanderBenjamin Rowsell
Head of Enterprise and Operational Risk, Nationwide Building SocietyExpert Talk
New Science of Operational Risk Quantification
Join Sidhartha Dash, Research Director at Chartis Research, as he delves into the cutting-edge science of quantifying risks in digital infrastructure. This expert talk will explore key areas such as operational resilience, IT risk, cyber risk, and data privacy. Discover how emerging methodologies are transforming the way organizations assess and manage the vulnerabilities in their digital ecosystems, ensuring stronger defenses and smarter risk mitigation strategies in today’s rapidly evolving technological landscape.
Sidhartha Dash
Chief Researcher, Chartis ResearchProduct Session
Elevating User Experience: Discover the New UI/UX in MetricStream Risk Management
This session introduces the latest UI/UX enhancements in MetricStream products, designed to boost productivity, improve user engagement, and streamline workflows. Attendees will explore key design updates that simplify navigation, provide intuitive dashboards, and offer personalized user experiences. The session will highlight how these enhancements improve usability across various modules, ultimately leading to more efficient governance, risk, and compliance (GRC) management.
Shreyank S. Kamat
Senior Director, Product Management, MetricStreamExpert Talk
Revolutionizing Model Validation and Controls with AI and Machine Learning
In this session, Rita will explore how emerging technologies like machine learning and artificial intelligence are revolutionizing model validation processes and enhancing second-level controls. Attendees will gain insights into the practical applications of these innovations, their impact on risk management frameworks, and how they can drive efficiency and accuracy in regulatory compliance efforts.
Rita Gnutti
Executive Director, Intesa SanpaoloPanel
Key Strategies to Build Cyber Resilience for Effective Cyber Risk Management
In today’s digital landscape, building cyber resilience is crucial for managing cyber risks effectively. This session will explore key strategies to enhance your organization’s cyber resilience, focusing on proactive risk management, threat detection, and response. Learn from industry experts on how to safeguard critical assets, mitigate vulnerabilities, and ensure business continuity. Gain practical insights into developing a robust cyber risk management framework that aligns with evolving threats and regulatory requirements.
Peter Debasse
Group Information Risk Officer, KBC GroupThomas Barkias
Team Lead - Cyber Resilience, ICT, Crypto & Operational Risk, European Central BankAna Chavez Alanis
Global Head of Resilience Risk, Standard Chartered BankKishan Majithia
Executive Director, JP Morgan ChasePanel
Evolving Role of Compliance Leaders: Managing Regulatory Changes, Ensuring Compliance and Enabling Business
As the role of compliance leaders evolves, they are increasingly viewed not only as enforcers of rules but also as key business enablers amidst constant regulatory change. This session explores how compliance leaders can transition from traditional oversight roles to driving strategic initiatives that enhance organizational value. Discover how modern compliance practices can align with business goals, adapt to regulatory shifts, foster innovation, and support sustainable growth. Gain insights into leveraging compliance as a strategic asset to navigate complexities and ensure business success.
Argyro Ouraniou
Head of Compliance Risk Management - Group Compliance, Eurobank SALauren de Thibault
Head of Policy, Compliance Monitoring and Governance, VodafoneNeil Currie
Head of Channel and Strategic Integration Initiatives - EMEA, CUBE Content Governance Global LimitedPanel
Enhance Operational Resilience by Bringing Synergy Across the Three Lines Of Defence
Managing operational resilience has become a critical priority for organizations striving to maintain stability amidst disruptions. The Three Lines of Defence model—comprising critical business services, risk management, compliance, and internal audit functions—provides a robust framework for managing risks and ensuring effective governance. However, to truly enhance operational resilience, these three lines must work in synergy, rather than in isolation.
Sahil Bhardwaj
Group Head of Internal Audit & Risk, British Standards Institution (BSI)Dorothea Liebl
Head of Internal Control, Siemens EnergyPhilipp Herrmann
Co-Head Operational Risk Management, Abu Dhabi Investment AuthorityProduct Session
Navigating Third-Party Risks: Building Resilience in the Digital Age
In today’s interconnected world, third-party relationships introduce significant risks, from cybersecurity threats to regulatory non-compliance. This session will explore how organizations can effectively navigate these risks and build resilience by implementing MetricStream TPRM product
Sunay Zelawat
Associate Director, Product Management, MetricStreamPanel
Building a Culture of High Performance and Integrity: The Crucial Role of Integrated Risk, Compliance, and Audit by Design
Building a culture of high performance and integrity is fundamental to achieving long-term organisational success. This session examines how the strategic integration of risk management, compliance, and audit functions by design can create a robust framework that fosters accountability, drives operational excellence, and mitigates risks. Learn how these integrated approaches not only enhance organizational resilience but also reinforce ethical practices and support sustainable growth in an increasingly complex business environment.
Claudia Iacobucci
Head of Assurance, Risk and Controls, ABBSomkant Mishra
Senior GRC Manager, CRHBilal Javed Mahmood
Senior Director Risk Management, Hitachi RailBhaskar Dasari
CEO, Vivid Edge CorpBreak
(Palace Suite Lobby)
Panel
What’s Next for Operational Resilience?
In an era of increasing disruptions and regulatory pressures, what lies ahead for operational resilience? This panel will explore the future of resilience strategies, focusing on emerging risks, technological advancements, and evolving regulatory frameworks. Industry leaders will discuss how to bolster digital resilience, improve incident response, and ensure business continuity amidst growing challenges. Gain insights into the next steps for building a more resilient organization in today's rapidly changing environment.
Dave Pickering
Head of Risk & Compliance - Operational Risk, Canada LifeSuman Sourav
Head of GRC, Lazada (Alibaba Group)Omer Maroof
Head of Operational Risk, Euroclear UK & InternationalExpert Talk
Vision for the Future of Operational and Non-Financial Risk
Over the last few years, most industries have undergone a transformation that has brought together, at speed, new digital technologies, business models, service offerings and partnerships. What are the consequences of this transformation and how does Operational and Non-Financial risk (ONFR) need to respond to remain relevant? Based on interviews with 50+ senior risk managers we look at the characteristics of successful risk management, provide a path forward for ONFR and highlight essential new capabilities and insights.
Roland Kennett
Membership Director, ORXProduct Session
Harnessing GRC copilot to Transform Risk and Compliance Programs
Discover the cutting-edge capabilities of GRC copilot in revolutionizing risk and compliance management. This session will delve into how these advanced tools streamline processes, enhance accuracy, and ensure robust compliance. Learn practical strategies to implement GRC copilot, transforming your organization's approach to risk assessment and compliance programs for unparalleled efficiency and effectiveness.
Sunay Zelawat
Associate Director, Product Management, MetricStreamShreyank S. Kamat
Senior Director, Product Management, MetricStreamCustomer Case Study
Shell's GRC Journey with MetricStream
(Palace Suite)
Gurjeev Sanghera
Product Manager Enterprise GRCA, ShellGRC Journey Awards
Recognizing GRC Excellence: The GRC Journey Awards What does GRC excellence look like in action?
MetricStream will recognize key achievements of customers and partners in the field of governance, risk, and compliance management.
Simrin Jhangiani
Director Marketing, MetricStreamAnesh Tailor
VP, Head of Customer Success UK and Europe, MetricStreamClosing Keynote
Gaurav Kapoor
CEO and Co-Founder, MetricStreamDrinks & Reception
(Piano Kensington)