Day 1: Monday, November 17, 2025
Registration & Networking
(Condesa Commons)
Track 1
(Condesa 5)
Track 2
(Condesa 6)
Track 1
Workshop
Risk and Resilience by Design: Building the Future-Proof Enterprise
(Condesa 5)
In today’s dynamic business environment, where disruptions are becoming more frequent and unpredictable, risk and resilience must be built by design, not by reaction. Organizations that embed resilience into their core business strategy—rather than treating it as a reactive, compliance-driven exercise—are better equipped to navigate operational, cyber, and supply chain risks. This requires a shift from traditional risk management approaches to proactive, integrated frameworks that align risk, resilience, and performance objectives. By leveraging AI, automation, and real-time data analytics, businesses can anticipate threats, monitor risks dynamically, and continuously strengthen their resilience posture. The key to future-proofing operations lies in creating a resilience roadmap that not only mitigates risks but enables businesses to thrive in the face of uncertainty.
Michael Rasmussen
Analyst & Pundit, GRC 20/20 Research & GRC Report
Track 2
Workshop
The Paradigm Shift and the Future: Managing Risk Complexity with New Strategies and Technologies?
(Condesa 6)
Risk management is undergoing a seismic shift. The landscape is changing—driven by volatility, disruption, and new forms of interconnected risk. Traditional approaches can no longer keep pace with today’s uncertainty. This workshop explores the accelerators reshaping the field: the rising unpredictability of global events, the evolution of upskilled risk professionals, greater stakeholder engagement, and the power of AI-enabled technology. Participants will discover forward-looking methods and tools to navigate complexity, strengthen resilience, and drive strategic value. Join us to envision the risk management function of the future—where intelligence, technology, and proactive strategy converge to transform how organizations identify, assess, and respond to risk in an increasingly dynamic world.
Christopher E. Mandel
Founder & President, Excellence in Risk Management, LLCBreak
(Condesa 4)
Track 1
Workshop (Continued)
Risk and Resilience by Design: Building the Future-Proof Enterprise
(Condesa 5)
In today’s dynamic business environment, where disruptions are becoming more frequent and unpredictable, risk and resilience must be built by design, not by reaction. Organizations that embed resilience into their core business strategy—rather than treating it as a reactive, compliance-driven exercise—are better equipped to navigate operational, cyber, and supply chain risks. This requires a shift from traditional risk management approaches to proactive, integrated frameworks that align risk, resilience, and performance objectives. By leveraging AI, automation, and real-time data analytics, businesses can anticipate threats, monitor risks dynamically, and continuously strengthen their resilience posture. The key to future-proofing operations lies in creating a resilience roadmap that not only mitigates risks but enables businesses to thrive in the face of uncertainty.
Michael Rasmussen
Analyst & Pundit, GRC 20/20 Research & GRC Report
Track 2
Workshop
Euphrates Release Highlights: Elevating the Risk, Compliance and Internal Audit Experience
(Condesa 6)
Discover what’s new in the MetricStream Euphrates Release, featuring powerful enhancements across our Risk, Compliance and Audit products designed to deliver a more intuitive, modern, and intelligent GRC experience. This session will take you through the latest UI/UX uplift, smarter workflows, and key functional upgrades that simplify how users manage risk, compliance, and controls. From embedded analytics and streamlined navigation to enhanced configurability and automation, see how Euphrates is transforming everyday GRC tasks into seamless, insight-driven experiences.
Shreyank S. Kamat
Senior Director, Product Management, MetricStream
Track 1
Workshop (Continued)
Risk and Resilience by Design: Building the Future-Proof Enterprise
(Condesa 5)
In today’s dynamic business environment, where disruptions are becoming more frequent and unpredictable, risk and resilience must be built by design, not by reaction. Organizations that embed resilience into their core business strategy—rather than treating it as a reactive, compliance-driven exercise—are better equipped to navigate operational, cyber, and supply chain risks. This requires a shift from traditional risk management approaches to proactive, integrated frameworks that align risk, resilience, and performance objectives. By leveraging AI, automation, and real-time data analytics, businesses can anticipate threats, monitor risks dynamically, and continuously strengthen their resilience posture. The key to future-proofing operations lies in creating a resilience roadmap that not only mitigates risks but enables businesses to thrive in the face of uncertainty.
Michael Rasmussen
Analyst & Pundit, GRC 20/20 Research & GRC Report
Track 2
Workshop
AI in Action: Transforming GRC with Intelligence and Insight
(Condesa 6)
Experience how MetricStream’s AI strategy is shaping the future of governance, risk, and compliance. In this session, we’ll showcase how AI is being infused across our product portfolio to make GRC smarter, faster, and more predictive. From intelligent recommendations in Regulatory Change, Internal Audit and Policy Management, to AI-driven risk insights, control collaboration, and the new Policy & Document Chatbot, see how we’re turning data into action and empowering users to make informed decisions with confidence.
Sunay Zelawat
Associate Director, Product Management, MetricStream
Networking Reception
(Condesa 4)
Day 2: Tuesday, November 18, 2025
Registration & Networking Breakfast
(Condesa 4)
Welcome Note
Introduction and Welcome
(Condesa 3)
Opening Keynote
Orchestrating the Future of GRC with AI-First Strategy
(Condesa 3)
In today's rapidly evolving risk landscape—driven by cyber threats, regulatory changes, and operational complexity—organizations are looking for a simpler, smarter and faster way to manage GRC. This keynote explores the future of GRC with an AI-first strategy and how to orchestrate human and AI insights for maximum impact. Explore how generative and agentic AI streamline assessments, automate evidence collection, and deliver real-time insights—driving agility, accountability, and strategic impact. See how AI-first Connected GRC simplifies governance and amplifies outcomes across the enterprise.
Gaurav Kapoor
Co-founder & Vice Chairman, MetricStreamKeynote
Amplifying Strategic Outcomes and Driving Customer Value
(Condesa 3)
Join Marc Levine, CEO of MetricStream, as he shares his visionary perspective on the future of MetricStream and GRC. In this keynote, Marc will showcase how MetricStream is reimagining GRC with a focus on customer experience, simplicity, and value.
Marc Levine
Chief Executive Officer, MetricStreamCXO panel
The Evolving Role of a Chief Compliance & Audit Officer
(Condesa 3)
As regulatory landscapes shift and businesses embrace digital transformation, the role of Chief Risk, Audit & Compliance Officers is rapidly evolving. Beyond traditional oversight, they now play a strategic role in embedding resilience, managing emerging risks, and leveraging technology for proactive compliance. This session explores how risk and compliance professionals can adapt to rising expectations, leverage AI and automation, and foster accountability to keep organizations agile.
Michael Koenig
Global Chief Ethics and Compliance Officer, JBS
Marco Aspesi
Head of Internal Assurance/Audit, Siemens Energy AG
James Downing
Chief Compliance Officer, JLL Capital MarketsBreak
(Condesa 4)
External Keynote
Choose Your Own Risk Adventure
(Condesa 3)
Michael Rasmussen
Analyst & Pundit, GRC 20/20 Research & GRC ReportProduct Keynote
AI-First Connected GRC: The Next Frontier in Risk and Resilience
(Condesa 3)
As GRC continues to evolve in an increasingly complex risk environment, the next frontier is being shaped by the transformative power of artificial intelligence. AI is the catalyst accelerating every element of Connected GRC. From predictive analytics to intelligent automation and real-time decision support, learn how MetricStream AI-first Connected GRC is redefining how organizations anticipate risk, ensure compliance, and drive strategic agility. Whether you're a risk, audit or compliance executive this session will equip you with actionable strategies to future-proof your GRC programs and unlock measurable value—at scale.
Raghuram Srinivas
Head of Product, MetricStream
Lunch
(Condesa 4)
Track 1
(Condesa 3)
Track 2
(Condesa 5 )
Track 1
Panel
Winning Together with Continuous, Cognitive, and Connected GRC
(Condesa 3)
Success in GRC requires everyone across the organization to be aligned, informed, and engaged. This panel awill explore how continuous, cognitive, and connected GRC transforms governance by breaking silos, simplifying processes, and creating a common language for risk and compliance. Discover how advanced technologies, data intelligence, and collaboration amplify outcomes, drive smarter decisions, and foster enterprise-wide buy-in. Join industry leaders to learn how to simplify GRC and build a unified approach to winning together
Emily Wall
VP, Global Ethics & Compliance, Live Nation Entertainment
Patricia Catharino
US Head of Risk Management, Banco Itau International
Carlos Pereira
Head of Governance & Policy, Meta
Joe Hegge
Sr Audit Program Manager, Lockheed Martin Corporation
Track 2
Case Study
Customer Case Study: California State University
(Condesa 5)
Dr Monique Sendze
Vice President and Chief Information Officer, California State University, Chico
Chris Witthans
Information Security Officer, California State University, Chico State
Obi Ogbonna
Information Security Risk Analyst, California State University, ChicoTrack 1
Panel
The GRC Metrics That Matter to Boards and Regulators
(Condesa3)
Boards and regulators are demanding sharper, more actionable insights from GRC programs to drive informed decisions and ensure accountability. This panel will explore the key risk, compliance, and resilience metrics that truly resonate with leadership and regulatory bodies. Learn how to translate complex GRC data into meaningful narratives, highlight performance and risk trends, and demonstrate business value. Join industry leaders as they discuss best practices for aligning GRC metrics with strategic and regulatory expectations.
Ben Meader
Technology Security Director, EMC Insurance
Chase Grounds
Director Operational Risk, Bank OZK
Michael Cover
Director, Blue Cross Blue Shield of Michigan
Bhaskar Dasari
CEO, Vivid Edge Corp
Track 2
Expert Talk
The Future of GRC is Multilingual: AI agents for translation now live in Metricstream
(Condesa 5)
In today’s global marketplace, managing risk and ensuring compliance must span diverse regions, markets, and languages. Relying solely on English-based assets and systems is no longer sufficient. To fully support non-English-speaking stakeholders, we must embrace translation and AI. Now, through a new integration with Intento, AI-powered translation agents are live in MetricStream—enabling real-time access to the entire MetricStream ecosystem and all content, in up to 650 languages.
Vann Maxson
Head of Solutions, IntentoTrack 1
Panel
What’s Next for Enterprise & Operational Risk Management?
(Condesa 3)
As the risk landscape evolves, operational risk management must adapt to new challenges, including emerging technologies, regulatory pressures, and dynamic market conditions. In this session, the panelists will explore what are the key changes expected in operational risk management, how to make operational risk more strategic and how to drive actional insights through emerging technologies like AI, automation and quantification. Join us to understand the practical strategies to elevate your ORM programs and build resilience while maintaining a competitive edge in a dynamic risk environment.
James Joost
Director, Operational Risk Management, Golub Capital
Corine Barley
Director – Operational Risk Management, Canada Life
Ladd Muzzy
Global Head Reputation and Strategic Risk, Aon
Brett Rube
Enterprise Sales Director, CUBE
Track 2
Panel
From Automation to Intelligence: How AI is Revolutionizing Risk & Compliance Programs
(Condesa 5)
Risk and compliance are moving beyond automation into an AI-powered era of intelligence. At the GRC Summit, experts will share how AI is transforming programs with predictive analytics, machine learning, and natural language processing—helping organizations detect risks earlier, strengthen compliance, and improve decision-making. Join this session to explore real-world use cases, key challenges, and strategies for embedding AI into GRC while balancing innovation with governance and trust.
Sadhana Deot
Sr Global Quality Director, Trimble Inc
Brian DiCiurcio
Director, RSM US LLP
Michael Rinard
Chief Legal Officer/Chief Compliance Officer, Mosaic Health SystemBreak
(Condesa 4)
Track 1
Case Study
BCBS Michigan
(Condesa 3)
Nicholas Cannon
Manager, Blue Cross Blue Shield of Michigan
Track 2
Expert Talk
Operational Risk in the Era of AI: Turning Risk into a Catalyst for Growth
(Condesa 5)
Ladd Muzzy
Global Head Reputation and Strategic Risk, AonRudy's Story
(Condesa 3)
Rudy Ruettiger
Emmy Award – Winning Motivational SpeakerClosing Keynote
(Condesa 3)
Marc Levine
Chief Executive Officer, MetricStreamReception
(Condesa 4)