GRC Summit Agenda
Explore our comprehensive schedule of workshops, keynotes, and networking sessions
12:00 PM - 1:00 PM
Registration & Networking
1:00 PM - 3:00 PM
Risk and Resilience by Design: Building the Future-Proof Enterprise
AI in GRC
3:00 PM - 3:30 PM
Break
3:30 PM - 4:30 PM
Risk and Resilience by Design: Building the Future-Proof Enterprise
What's New in MetricStream's Operational Risk and Enterprise Risk Management
4:30 PM - 5:30 PM
Risk and Resilience by Design: Building the Future-Proof Enterprise (continue)
Connected Cyber GRC for Resilience
5:30 PM - 7:30 PM
Drinks & Reception
8:00 AM - 8:45 AM
Registration & Networking Breakfast
8:45 AM - 8:50 AM
Introduction and Welcome
8:50 AM - 9:25 AM
Orchestrating the Future of GRC with AI-First Strategy
In today's rapidly evolving risk landscape—driven by cyber threats, regulatory changes, and operational complexity—organizations are looking for a simpler, smarter and faster way to manage GRC. This keynote explores the future of GRC with an AI-first strategy and how to orchestrate human and AI insights for maximum impact. Explore how generative and agentic AI streamline assessments, automate evidence collection, and deliver real-time insights—driving agility, accountability, and strategic impact. See how AI-first Connected GRC simplifies governance and amplifies outcomes across the enterprise.
9:25 AM - 9:50 AM
Amplifying Strategic Outcomes and Driving Customer Value
9:50 AM - 10:35 AM
Simplified GRC Leadership in the Age of AI and Resilience
10:35 AM - 11:20 AM
External Keynote
11:20 AM - 11:40 AM
Break
11:40 AM -12:20 PM
To Be Announced
12:20 PM - 1:05 PM
AI Governance & Risk Management
In this session, Michael Rasmussen shares guidance on implementing AI Governance & Risk Management within financial services industry we can fast-track the AI Governance & Risk Management initiatives in your organisation.
1:05 PM -2:05 PM
Networking Lunch
2:05 PM - 2:45 PM
The GRC Metrics That Matter to Boards and Regulators
Boards and regulators are demanding sharper, more actionable insights from GRC programs to drive informed decisions and ensure accountability. This panel will explore the key risk, compliance, and resilience metrics that truly resonate with leadership and regulatory bodies. Learn how to translate complex GRC data into meaningful narratives, highlight performance and risk trends, and demonstrate business value. Join industry leaders as they discuss best practices for aligning GRC metrics with strategic and regulatory expectations.
UK Corporate Governance, DORA & NIS2: Audit-Ready by Design with One Common Controls Program
Learn how to consolidate overlapping requirements from DORA operational resilience, and NIS2 into a single common controls program. We’ll cover how to harmonize controls across frameworks, define test cadence, centralize and reuse evidence, and run one remediation workflow, so audits become retrieval, not a scramble.
2:45 PM - 3:25 PM
To Be Announced
What’s Next for Enterprise & Operational Risk Management?
As the risk landscape evolves, operational risk management must adapt to new challenges including emerging technologies, increasing regulatory expectations, and rapidly changing market conditions. In this session, panelists will explore the key shifts shaping the future of operational risk, how to make ORM more strategic and business aligned, and how to drive actionable insights through AI, automation, and risk quantification. Join us to learn practical strategies to elevate ORM programs, strengthen governance and resilience, and help organisations stay competitive in a dynamic risk environment.
3:25 PM - 3:45 PM
Break
3:45 PM - 4:25 PM
AI in Risk and Internal Controls: What Works, What Doesn’t, and What Comes Next
As organisations rapidly adopt AI across risk and control functions, the reality often falls somewhere between promise and hype. This panel cuts through the noise to explore where AI is genuinely delivering value today, where it is falling short, and what leaders need to rethink as internal control and assurance models evolve. Senior practitioners will share real world lessons on trust, explainability, governance, and auditability, and discuss how risk, compliance, and internal audit functions must adapt as AI becomes embedded in the control environment.
From Cyber Risk to Enterprise Risk: How are IT and cyber risk becoming core to enterprise GRC strategy?
As cyber threats continue to reshape the business landscape, organisations are moving beyond siloed security conversations and embedding cyber risk into enterprise wide GRC strategy. This panel will explore how leading enterprises are connecting cyber risk with enterprise risk reporting, strengthening board level accountability, and building resilience across operations and third party ecosystems. Join senior risk and GRC leaders as they share practical insights on aligning technology risk with business priorities, improving governance visibility, and driving more integrated, data driven decision making through modern GRC approaches.
4:25 PM - 5:05 PM
AI, Trust and Accountability: What the Board Expects from Risk, Audit, Compliance and Security
As AI adoption accelerates, boards are demanding greater transparency, stronger governance and clearer accountability across risk, audit, compliance and security functions. This panel will explore how senior leaders are strengthening oversight, building trust in AI driven decisions, and aligning risk and assurance strategies with evolving regulatory and ethical expectations. Join senior executives as they share practical insights on enabling innovation while maintaining control, resilience and board level confidence.
To Be Announced
5:05 PM - 5:45 PM
AI-First Connected GRC: The Next Frontier in Risk and Resilience
5:45 PM - 6:25 PM
GRC Journey Awards
The GRC Journey Awards honor outstanding MetricStream customers and partners who are shaping the future of governance, risk, and compliance. These awards recognize organizations and individuals who demonstrate exceptional vision, execution, and impact in advancing risk-aware cultures, driving operational resilience, and delivering business value through innovative GRC strategies and solutions.
6:25 PM - 6:40 PM
Closing Note
6:40 PM - 8:10 PM