PriceWaterhouseCoopers: Information Security 2010 - Trial by Fire (Survey)United Interactive™
1) The economic downturn has become one of the top drivers of information security spending, nearly surpassing business continuity and disaster recovery which usually rank highest.
2) Most executives are considering strategies to reduce security spending such as canceling, deferring, or downsizing initiatives in response to budget pressures.
3) However, far fewer executives are actually cutting security budgets. And of those that are taking action, most are taking relatively minor steps like postponing projects rather than making deep cuts.
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...prosenzw69
The document discusses a presentation on enterprise risk management (ERM). It covers defining ERM, drivers for ERM adoption, ERM roles and responsibilities, and a practical approach to implementing ERM. This includes conducting an enterprise risk assessment to identify key risks and a risk management framework assessment to evaluate risk processes. The goal is to embed risk management into decision making and business activities.
Enterprise risk management (ERM) takes a comprehensive, top-down approach to identifying and managing an organization's risks. It considers strategic, operational, pure and speculative risks across the entire organization rather than managing risks in silos. A typical ERM process involves identifying benefits, acquiring board support, developing risk procedures, determining risk appetite, and fostering a risk-aware culture. Barriers to effective ERM include difficulties defining risk appetite and a lack of requests to change risk management approaches. The 2012 Super Bowl in Indianapolis demonstrated how ERM can be applied to large-scale event planning and produce positive results. Future adoption of ERM may be slow as it is considered a "soft" aspect, but its principles are becoming
Enterprise Risk Management (ERM); From theory to practiceSegun Ogunwale
This document outlines the theory and practice of enterprise risk management (ERM). It discusses how ERM works differently in private versus public sector organizations due to differences in goals and risk tolerance. The document proposes a framework for implementing ERM with five phases: risk governance, risk assessment, risk quantification, risk monitoring and reporting, and risk optimization. It also describes steps to implement ERM such as obtaining buy-in, building an ERM foundation, conducting risk assessments, ongoing monitoring, and developing reporting. Roadblocks to implementation like resistance to change are also addressed.
The document compares three major risk management frameworks: NIST, ISO, and COSO. NIST focuses on information security and risk management for US federal systems. ISO provides generic international guidelines for diverse organizations. COSO emphasizes internal controls and accurate reporting. While the frameworks differ in scope and focus, they all aim to guide organizations in managing risks through integrated strategies. Organizations should analyze features of each to determine the best combination for their unique needs and objectives.
The document outlines an agenda for a 2009 conference on internal audit solutions that will discuss the evolving roles of the Chief Risk Officer and Chief Audit Executive, strategies for an effective partnership between these roles, and how the current economic crisis has impacted enterprise risk management approaches. It also provides background on the development of these risk management roles and compares the key responsibilities of the Chief Risk Officer and Chief Audit Executive.
CFO Asia Exchange Singapore 2015 Refocusing your ERM strategy and practices -...Marc Ronez
This presentation highlights 5 directions to explore to improve your ERM Strategy and practices in your organization in order to nurture an ERM system and culture that creates Value.
PriceWaterhouseCoopers: Information Security 2010 - Trial by Fire (Survey)United Interactive™
1) The economic downturn has become one of the top drivers of information security spending, nearly surpassing business continuity and disaster recovery which usually rank highest.
2) Most executives are considering strategies to reduce security spending such as canceling, deferring, or downsizing initiatives in response to budget pressures.
3) However, far fewer executives are actually cutting security budgets. And of those that are taking action, most are taking relatively minor steps like postponing projects rather than making deep cuts.
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...prosenzw69
The document discusses a presentation on enterprise risk management (ERM). It covers defining ERM, drivers for ERM adoption, ERM roles and responsibilities, and a practical approach to implementing ERM. This includes conducting an enterprise risk assessment to identify key risks and a risk management framework assessment to evaluate risk processes. The goal is to embed risk management into decision making and business activities.
Enterprise risk management (ERM) takes a comprehensive, top-down approach to identifying and managing an organization's risks. It considers strategic, operational, pure and speculative risks across the entire organization rather than managing risks in silos. A typical ERM process involves identifying benefits, acquiring board support, developing risk procedures, determining risk appetite, and fostering a risk-aware culture. Barriers to effective ERM include difficulties defining risk appetite and a lack of requests to change risk management approaches. The 2012 Super Bowl in Indianapolis demonstrated how ERM can be applied to large-scale event planning and produce positive results. Future adoption of ERM may be slow as it is considered a "soft" aspect, but its principles are becoming
Enterprise Risk Management (ERM); From theory to practiceSegun Ogunwale
This document outlines the theory and practice of enterprise risk management (ERM). It discusses how ERM works differently in private versus public sector organizations due to differences in goals and risk tolerance. The document proposes a framework for implementing ERM with five phases: risk governance, risk assessment, risk quantification, risk monitoring and reporting, and risk optimization. It also describes steps to implement ERM such as obtaining buy-in, building an ERM foundation, conducting risk assessments, ongoing monitoring, and developing reporting. Roadblocks to implementation like resistance to change are also addressed.
The document compares three major risk management frameworks: NIST, ISO, and COSO. NIST focuses on information security and risk management for US federal systems. ISO provides generic international guidelines for diverse organizations. COSO emphasizes internal controls and accurate reporting. While the frameworks differ in scope and focus, they all aim to guide organizations in managing risks through integrated strategies. Organizations should analyze features of each to determine the best combination for their unique needs and objectives.
The document outlines an agenda for a 2009 conference on internal audit solutions that will discuss the evolving roles of the Chief Risk Officer and Chief Audit Executive, strategies for an effective partnership between these roles, and how the current economic crisis has impacted enterprise risk management approaches. It also provides background on the development of these risk management roles and compares the key responsibilities of the Chief Risk Officer and Chief Audit Executive.
CFO Asia Exchange Singapore 2015 Refocusing your ERM strategy and practices -...Marc Ronez
This presentation highlights 5 directions to explore to improve your ERM Strategy and practices in your organization in order to nurture an ERM system and culture that creates Value.
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...ypytlik
1) The document discusses compliance risk as a critical business risk for asset managers. Compliance violations can seriously damage firms through reputational harm, legal penalties, and even cause the demise of firms like Galleon Management.
2) Regulators are pushing asset managers to strengthen enterprise risk management with compliance as a key component. Firms must take a comprehensive approach to identifying all risks, including emerging compliance risks.
3) Leading practices cited include integrating compliance fully into enterprise risk management for a single view of all risks, strong governance, and effective mitigation strategies to prevent serious compliance breaches like insider trading.
Managing Risk in Perilous Times- Practical Steps to Accelerate RecoveryFindWhitePapers
The document discusses lessons that can be learned from the financial crisis regarding effective risk management. It argues that risk management needs greater authority, senior executive leadership, and sufficient risk expertise at high levels. It also stresses the importance of combining quantitative risk model outputs with human judgment, paying attention to the quality of data used in models, and using stress testing and scenario planning to prepare for potential risks and events.
This document discusses incorporating risk management into business continuity planning (BCP). It defines risk and different types of risk including hazard, financial, operational, and strategic risk. It explains that risk management aims to increase success and reduce failure, while business continuity management provides resilience and response capabilities. Key aspects of risk management and business continuity management are compared. Trends in risk management are discussed like more "emergent problems" and the need for comprehensive governance models. The implications for practitioners emphasize adopting risk management as a normal business strategy and gradually increasing testing complexity.
What are the key components of holistic risk management? This report, sponsored by SAP, investigates the organisational measures companies must take to address the totality of the risks they face. Read more>> http://bit.ly/1LsYvUx
Enterprise Risk Management as a Core Management Processregio12
The document summarizes the key findings from a study examining best practices in enterprise risk management (ERM) across multiple organizations. The study identified 10 principal findings related to optimizing ERM structures, supporting methodologies, using ERM for decision-making, and evaluating ERM performance. Best practices included establishing executive-level ERM support, using a variety of risk assessment methods, focusing on risk-informed culture and communication, evaluating ERM through performance metrics, and ensuring ERM maturity.
This document discusses enterprise risk management (ERM) frameworks at two companies - Infosys and Rolls Royce. It finds that both companies manage risks through a mixture of internal management techniques and standard risk management processes. A risk managing culture is evident in both companies' management philosophies. The ERM programs at both include components like internal environment oversight, control activities, information/communication, and monitoring roles.
New Risk Management Paradigm for Not-For-ProfitsDavid X Martin
The document discusses the new risk paradigm for not-for-profit organizations. It explains that not-for-profits now face greater risks due to increased competition, demands from consumers and funders, and contracts that pay based on outcomes rather than services provided. This requires not-for-profits to take a more strategic, integrated approach to risk management. Senior management must ensure risks are identified and measured, risk exposures are appropriate and aligned with objectives, and the organization is dynamic and can respond to changes. An effective risk culture must also be established where risk management is embedded in decision-making and oversight at all levels.
»»Business continuity is of paramount importance to every organization, regardless of industry.
»»Business interruption events are subject to regulatory compliance constraints.
»»The CCO must monitor the organization’s ongoing compliance throughout the event.
»»Beyond monitoring, the CCO can lend valuable objectivity to business resumption activities.
»»Failure to adhere to the 3 Cs can lead to costly and burdensome regulatory outcomes.
This document summarizes an IBM presentation on managing reputational risk through effective IT risk management practices. It discusses how security breaches can damage a company's reputation and shares findings from an IBM study that identified data breaches as the top IT risk threatening reputation. The presentation recommends that companies integrate IT and reputational risk management, adopt strong security practices, and be proactive in addressing threats to protect their reputation and value.
Robin Singh points out that the role of general counsel has become increasingly complex due to challenges like cyber security. He analyzes issues general counsel may face, such as an expanding regulatory environment and compliance responsibilities. Additionally, general counsel must cope with concerns over data privacy and security in a rapidly changing global environment. Singh helps current and future general counsel understand the complex tasks they may need to tackle.
This document provides an overview of operational risk and risk management. It defines operational risk as "the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events." It outlines the scope of operational risks, including both internal risks from failures and external strategic risks. It also describes the causes, events, and consequences of operational risks, as well as the role and processes of operational risk management programs, including risk identification, assessment, measurement, monitoring, and mitigation.
The document discusses the development of strategic governance, risk, and compliance (GRC) initiatives in organizations. It provides a three-part strategic GRC framework. First, it establishes an enterprise risk policy set by the board. Second, it defines the unique role of each risk and control function under a common governance. Third, it identifies how the functions can better integrate common processes and leverage knowledge to more efficiently and effectively manage risks. The framework aims to clarify roles, enhance coordination, and help organizations holistically address strategic risks.
The document discusses enterprise risk management (ERM) and its importance for organizations. ERM involves identifying, assessing, and managing risks across an entire organization in a holistic manner. It helps organizations align strategy and risk appetite, enhance decision making, reduce surprises, seize opportunities, and improve capital allocation to create long-term shareholder value. The document outlines key concepts of ERM including its components, implementation steps, and how it benefits organizations.
One of our primary goals has been to improve risk management in the financial services sector through enterprise risk management (ERM) education and training. In order to advance this important goal, Global Risk Institute is launching a comprehensive ERM Roadmap program initiative to contribute to this important ERM practice area.
This global study, conducted by the Economist Intelligence Unit (EIU) and sponsored by Palo Alto Networks, sheds light on the ways business leaders are dealing with the increasing volume of threats they face from insecurities that arise because of disruption beyond their corporate borders.
For in-depth interviews from industry leaders on how companies are combating security threats, go to https://goo.gl/fXcnLN
Common Risk Management failures include lack of organizational integration, outdated risk measurement capabilities, and failure to view risk management as an enabler of long-term competitive advantage rather than just a preventative measure. Major challenges in establishing effective ERM include organizational silos, growing and changing risks, and cost pressures. As risk management becomes more strategic, companies are expected to increase spending to improve risk capabilities across the organization.
CROs must be part of the cybersecurity solution by david x martinDavid X Martin
Chief risk officers must play a more integral role in companies' cybersecurity strategies. They should adopt a defense-in-depth approach using multiple security techniques to slow attackers. They also need to take an intelligence-driven approach, continuously adapting based on intelligence and incidents. Chief risk officers should treat cybersecurity as an enterprise risk management issue with three lines of defense - prevention, oversight, and response. Innovation is also needed in access management, distributed systems, and artificial intelligence for threat identification and recovery.
A structured approach to Enterprise Risk Management (ERM) and the requirement...Hassan Zaitoun
This document provides a structured approach to implementing enterprise risk management (ERM) based on ISO 31000. It discusses key risk management principles, including defining risk, establishing a risk management process, and creating a risk-aware culture. The document advocates developing a risk architecture, strategy, and protocols to provide proper context for risk activities. It also summarizes ISO 31000's risk management process of risk identification, evaluation, response, resourcing, reaction planning, and reporting.
Overview of Enterprise Risk Management (ERM)Segun Ogunwale
This document provides an introduction to enterprise risk management (ERM) concepts. It discusses ERM concepts such as risk, risk management, and the evolution of ERM from focusing only on financial risks to a more holistic approach. It also covers ERM definitions, frameworks, roles and responsibilities, and benefits. Examples of risks for the public sector are also presented, along with conclusions on implementing ERM as a strategy and corporate culture.
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...ypytlik
1) The document discusses compliance risk as a critical business risk for asset managers. Compliance violations can seriously damage firms through reputational harm, legal penalties, and even cause the demise of firms like Galleon Management.
2) Regulators are pushing asset managers to strengthen enterprise risk management with compliance as a key component. Firms must take a comprehensive approach to identifying all risks, including emerging compliance risks.
3) Leading practices cited include integrating compliance fully into enterprise risk management for a single view of all risks, strong governance, and effective mitigation strategies to prevent serious compliance breaches like insider trading.
Managing Risk in Perilous Times- Practical Steps to Accelerate RecoveryFindWhitePapers
The document discusses lessons that can be learned from the financial crisis regarding effective risk management. It argues that risk management needs greater authority, senior executive leadership, and sufficient risk expertise at high levels. It also stresses the importance of combining quantitative risk model outputs with human judgment, paying attention to the quality of data used in models, and using stress testing and scenario planning to prepare for potential risks and events.
This document discusses incorporating risk management into business continuity planning (BCP). It defines risk and different types of risk including hazard, financial, operational, and strategic risk. It explains that risk management aims to increase success and reduce failure, while business continuity management provides resilience and response capabilities. Key aspects of risk management and business continuity management are compared. Trends in risk management are discussed like more "emergent problems" and the need for comprehensive governance models. The implications for practitioners emphasize adopting risk management as a normal business strategy and gradually increasing testing complexity.
What are the key components of holistic risk management? This report, sponsored by SAP, investigates the organisational measures companies must take to address the totality of the risks they face. Read more>> http://bit.ly/1LsYvUx
Enterprise Risk Management as a Core Management Processregio12
The document summarizes the key findings from a study examining best practices in enterprise risk management (ERM) across multiple organizations. The study identified 10 principal findings related to optimizing ERM structures, supporting methodologies, using ERM for decision-making, and evaluating ERM performance. Best practices included establishing executive-level ERM support, using a variety of risk assessment methods, focusing on risk-informed culture and communication, evaluating ERM through performance metrics, and ensuring ERM maturity.
This document discusses enterprise risk management (ERM) frameworks at two companies - Infosys and Rolls Royce. It finds that both companies manage risks through a mixture of internal management techniques and standard risk management processes. A risk managing culture is evident in both companies' management philosophies. The ERM programs at both include components like internal environment oversight, control activities, information/communication, and monitoring roles.
New Risk Management Paradigm for Not-For-ProfitsDavid X Martin
The document discusses the new risk paradigm for not-for-profit organizations. It explains that not-for-profits now face greater risks due to increased competition, demands from consumers and funders, and contracts that pay based on outcomes rather than services provided. This requires not-for-profits to take a more strategic, integrated approach to risk management. Senior management must ensure risks are identified and measured, risk exposures are appropriate and aligned with objectives, and the organization is dynamic and can respond to changes. An effective risk culture must also be established where risk management is embedded in decision-making and oversight at all levels.
»»Business continuity is of paramount importance to every organization, regardless of industry.
»»Business interruption events are subject to regulatory compliance constraints.
»»The CCO must monitor the organization’s ongoing compliance throughout the event.
»»Beyond monitoring, the CCO can lend valuable objectivity to business resumption activities.
»»Failure to adhere to the 3 Cs can lead to costly and burdensome regulatory outcomes.
This document summarizes an IBM presentation on managing reputational risk through effective IT risk management practices. It discusses how security breaches can damage a company's reputation and shares findings from an IBM study that identified data breaches as the top IT risk threatening reputation. The presentation recommends that companies integrate IT and reputational risk management, adopt strong security practices, and be proactive in addressing threats to protect their reputation and value.
Robin Singh points out that the role of general counsel has become increasingly complex due to challenges like cyber security. He analyzes issues general counsel may face, such as an expanding regulatory environment and compliance responsibilities. Additionally, general counsel must cope with concerns over data privacy and security in a rapidly changing global environment. Singh helps current and future general counsel understand the complex tasks they may need to tackle.
This document provides an overview of operational risk and risk management. It defines operational risk as "the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events." It outlines the scope of operational risks, including both internal risks from failures and external strategic risks. It also describes the causes, events, and consequences of operational risks, as well as the role and processes of operational risk management programs, including risk identification, assessment, measurement, monitoring, and mitigation.
The document discusses the development of strategic governance, risk, and compliance (GRC) initiatives in organizations. It provides a three-part strategic GRC framework. First, it establishes an enterprise risk policy set by the board. Second, it defines the unique role of each risk and control function under a common governance. Third, it identifies how the functions can better integrate common processes and leverage knowledge to more efficiently and effectively manage risks. The framework aims to clarify roles, enhance coordination, and help organizations holistically address strategic risks.
The document discusses enterprise risk management (ERM) and its importance for organizations. ERM involves identifying, assessing, and managing risks across an entire organization in a holistic manner. It helps organizations align strategy and risk appetite, enhance decision making, reduce surprises, seize opportunities, and improve capital allocation to create long-term shareholder value. The document outlines key concepts of ERM including its components, implementation steps, and how it benefits organizations.
One of our primary goals has been to improve risk management in the financial services sector through enterprise risk management (ERM) education and training. In order to advance this important goal, Global Risk Institute is launching a comprehensive ERM Roadmap program initiative to contribute to this important ERM practice area.
This global study, conducted by the Economist Intelligence Unit (EIU) and sponsored by Palo Alto Networks, sheds light on the ways business leaders are dealing with the increasing volume of threats they face from insecurities that arise because of disruption beyond their corporate borders.
For in-depth interviews from industry leaders on how companies are combating security threats, go to https://goo.gl/fXcnLN
Common Risk Management failures include lack of organizational integration, outdated risk measurement capabilities, and failure to view risk management as an enabler of long-term competitive advantage rather than just a preventative measure. Major challenges in establishing effective ERM include organizational silos, growing and changing risks, and cost pressures. As risk management becomes more strategic, companies are expected to increase spending to improve risk capabilities across the organization.
CROs must be part of the cybersecurity solution by david x martinDavid X Martin
Chief risk officers must play a more integral role in companies' cybersecurity strategies. They should adopt a defense-in-depth approach using multiple security techniques to slow attackers. They also need to take an intelligence-driven approach, continuously adapting based on intelligence and incidents. Chief risk officers should treat cybersecurity as an enterprise risk management issue with three lines of defense - prevention, oversight, and response. Innovation is also needed in access management, distributed systems, and artificial intelligence for threat identification and recovery.
A structured approach to Enterprise Risk Management (ERM) and the requirement...Hassan Zaitoun
This document provides a structured approach to implementing enterprise risk management (ERM) based on ISO 31000. It discusses key risk management principles, including defining risk, establishing a risk management process, and creating a risk-aware culture. The document advocates developing a risk architecture, strategy, and protocols to provide proper context for risk activities. It also summarizes ISO 31000's risk management process of risk identification, evaluation, response, resourcing, reaction planning, and reporting.
Overview of Enterprise Risk Management (ERM)Segun Ogunwale
This document provides an introduction to enterprise risk management (ERM) concepts. It discusses ERM concepts such as risk, risk management, and the evolution of ERM from focusing only on financial risks to a more holistic approach. It also covers ERM definitions, frameworks, roles and responsibilities, and benefits. Examples of risks for the public sector are also presented, along with conclusions on implementing ERM as a strategy and corporate culture.
The document discusses implementing an enterprise risk management (ERM) methodology and tools. It proposes assessing business risks, developing risk response strategies, and monitoring risk management processes. Key activities include identifying risks, measuring impact and likelihood, developing risk action plans, and monitoring risk responses. The goal is to gain consensus on an ERM approach that aligns enterprise and IT risks with the organization's strategy and risk appetite.
A corporation must have social acceptance to survive and grow.
The society’s expectations change through:
1.- Changing population mix.
2.- Changing values and orientations.
Business performance changes through
1.-Economic, competitive, and structural conditions.
2.- Regulatory constraints.
3.- Futuristic, Long Term orientation.
4.- Leadership style
13 Top GRC Tools for an Integrated Governance, Risk and Compliance StrategyQuekelsBaro
Integrate business governance, risk, and compliance control using these top 13 GRC tools. Lower business costs, collaborate and meet compliance mandates.
FERMA European Risk Management Benchmarking Survey 2012 – BrochureFERMA
This document summarizes the key findings of the 6th edition of the FERMA Risk Management Benchmarking Survey from 2012. Some of the main findings include:
1. Business compliance and legal requirements remain the main external factors triggering risk management, but shareholder requirements are now the second most important.
2. The impacts of the EU 8th Company Law Directive are still poorly understood and integrated by many companies.
3. There is a correlation found between higher levels of risk management maturity and better company performance in terms of profitability and growth.
4. Market competition and business/regulatory risks remain the top risk priorities according to the survey.
Today's supply chains are going global, business' still work in silo's that disconnect the sourcing from the selling process, this creates compliance risk and potential liability. An Integrated Trade Compliance Strategy address' those concerns from Boardroom to Operational Execution.
Integrating Enterprise Risk Management (ERM) with Organizational Strategyhenrytk2
An ERM program must be integrated with an organization's overall strategy to provide a complete approach to risk management. The key is to align ERM with strategic objectives in each of the four perspectives of the balanced scorecard - financial, customer, internal processes, and learning and growth. This ensures ERM considers risks that could impact any part of the organization and guides efforts to achieve goals. By including ERM-related objectives in the strategy map, individuals understand how risk management relates to their roles in executing strategy. Properly integrating ERM allows an organization to manage risks and seize opportunities to improve performance, customer satisfaction, and shareholder value.
CHAPTER 34Turning Crisis into OpportunityBuilding an ERM.docxketurahhazelhurst
CHAPTER 34
Turning Crisis into Opportunity
Building an ERM Program at General Motors
MARC S. ROBINSON
Assistant Director, Enterprise Risk Management, GM
LISA M. SMITH
Assistant Director, Enterprise Risk Management, GM
BRIAN D. THELEN
General Auditor, GM
This case study chronicles the ground-up implementation of enterprise riskmanagement (ERM) at General Motors Company (GM), starting in 2010through the first four years of implementation. Discussion topics include
lessons learned during implementation and some of the unique approaches, tools,
and techniques that GM has employed. Examples of senior management reporting
are also included.
I think risk management is an element of all good executive management teams
and boards. It will ensure viability in downturns and high-risk periods. I think if
that is done not only within the automotive industry, but on a global and specif-
ically on a national scale, economies will be in better shape because it is additive.
If everybody is doing their job in assessing and understanding risk, the ultimate
outcome will be much more positive for our national economy and society, and it
is incumbent that corporate leadership understands that responsibility.
—Daniel F. Akerson, Chairman and Chief Executive Officer,
General Motors, October 2012
BACKGROUND AND IMPLEMENTATION
The enterprise risk management (ERM) program at General Motors was founded
in late 2010 at the direction of GM’s then newly appointed chief executive officer
(CEO), Daniel F. Akerson, who sought to leverage the program as another means to
achieve a competitive advantage in the industry. Having gone through bankruptcy
in 2009 as a new board member, Akerson felt that a more robust risk management
program would help guide the organization around the drivers of killer risks1
going forward. His goal was to help the company ensure that it was prepared,
607
www.it-ebooks.info
608 Implementing Enterprise Risk Management
agile, and fast to respond in an ever-changing world. Perhaps most importantly,
Akerson wanted an ERM program that would focus not only on risks but on oppor-
tunities as well.
A chief risk officer (CRO) was selected and appointed from within, and the
Finance and Risk Policy Committee of the board of directors was chartered to over-
see risk management as well as financial strategies and policies. In support of the
program, a senior manager and director joined the team. Risk officers were also
identified and aligned to all direct reports of the CEO; this helped to ensure that
all aspects of the business were covered. The CEO is the ultimate chief risk officer,
and his direct reports are the ultimate risk owners. Members of the risk officer team
were carefully selected by senior leadership based on their strong business expe-
rience, financial acumen, and most of all their ability to lead in the identification
and discussion of risk in an objective and transparent manner. These representa-
tives were expected to actively p ...
MetisGRC is a governance and risk management consultancy that helps clients improve their performance through better governance and risk management practices. They provide assessments, surveys, advisory services, project management, coaching and education. Their clients include investors, shareholders, supervisors and other stakeholders. MetisGRC believes that good governance and risk management can reduce costs, improve efficiency and create value by strengthening stakeholder relationships. They help organizations implement transparent governance structures and risk management strategies and policies to enhance performance and meet stakeholder expectations.
The new guidance is based on IRM’s professional standards and is aimed at organisations of all types seeking to recruit a Chief Risk Officer (CRO), perhaps their first, or to make other senior risk appointments.
The document discusses challenges that many firms face with their operational risk management tools and frameworks. It outlines 4 main challenges: 1) tools designed for risk teams, not businesses 2) difficulties changing systems as business environments change 3) focus on data capture over analysis 4) tools not supporting a risk-aware culture. The CEO discusses how their company's tool, StratexPoint, aims to embed risk management into business strategy and decision-making to better support business objectives and a risk-aware culture.
ADP incorporates leading enterprise risk management (ERM) practices to manage business risk. They established an ERM program led by a vice president, director, and manager reporting to the Chief Audit Executive. The ERM team works closely with executives and the Board to develop a risk profile and categorize risks into strategic, operational, and external lenses. ADP also measures and monitors risks through data analytics, and embedded risk management into daily operations by creating a common risk framework and language. Key to their success is adapting ERM to fit ADP's culture, viewing it as a business enabler rather than hindrance.
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...ypytlik
April 2010 - Journal of Securities Law, Regulation & Compliance Volume 3 Number 2
Compliance risk: A critical business risk
for asset managers
ABSTRACT
2010 presents a historical moment to define the
path forward to the ‘future of enterprise risk
management and mitigation strategies’ of
increasing compliance risk for asset managers.1–4
The recent financial crises and cases of material
compliance violations, Ponzi schemes, fraudulent
activities, misappropriation of investors’ assets
and collapse of major financial firms have had
significant, harmful impact on investors and
shareholders. Serious compliance violations, such
as insider trading, have proven to be self-destructive
to asset managers. No one is immune to
these trends. ‘Enterprise Risk Management —
2010 and Beyond Forward Looking Approach
by Asset Managers’ is a series of papers dedicated
to regulatory developments and industry best practices in the enterprise risk management
with a focus on ‘compliance risk: a critical business
risk for asset managers’.
An Industry Overview: Enterprise Risk Services and Productss0P5a41b
The document provides an overview of the enterprise risk management industry. It discusses how recent events like the global recession and BP oil spill have brought risk management to the forefront for companies. It describes the four categories of enterprise risk: hazard, operational, financial, and strategic. It explains that enterprise risk management aims to identify, analyze, and monitor risks in order to implement internal controls. Overall, the document outlines the enterprise risk management field and discusses the roles of risk personnel, software providers, and how companies approach risk management.
Business Continuity Management-The Case for Return on Investment-white paperGreg Cybulski, CBCP, ARM
The document discusses how business continuity management (BCM) programs can provide both short-term and long-term return on investment (ROI) for organizations. It outlines the key components of a BCM program, including business impact analysis, risk assessment, emergency response planning, and governance processes. Examples are provided of how BCM planning helped organizations reduce risks and increase resilience during events like natural disasters. While some benefits are tangible and easy to quantify, others are intangible, but no less important to the overall ROI of a BCM program. Developing and implementing a full BCM program allows an organization to identify impacts, improve preparedness, and gain competitive advantages through operational resilience.
This document discusses how enterprise risk management (ERM) can help security leaders transform their roles. It provides an overview of ERM, outlining the key phases and processes involved. The security leader's background and experience make them well-positioned to play an important role in ERM. One security leader used ERM to ensure his department remained aligned with the company's strategic goals and supported a new initiative to expand into emerging markets. ERM provides a framework to manage risks across an organization in a coordinated way and help security leaders demonstrate their value through a strategic, enterprise-wide approach.
The Chief Risk Officer (CRO) role has evolved from initially focusing on risk control to taking a broader enterprise risk management approach. To be effective, the CRO must balance the roles of police officer, teacher, counselor, and business leader. There is no single model for how the CRO should be structured in an organization, but typically they report either to the CEO or CFO. Appointing an effective CRO is important for companies to make better risk and investment decisions.
1) Japan passed the Financial Instruments and Exchange Law in 2006 which empowered the FSA to create requirements for financial and internal control reports, similar to Sarbanes-Oxley but with some key differences.
2) All Japanese public companies must comply with the new J-SOX standards or state otherwise in filings after April 1, 2008.
3) MFA recommends a 4-phase approach to compliance: thorough planning and scoping (Phase 1), assessment of corporate governance environment (Phase 2), documentation and assessment of internal controls (Phase 3), and testing of internal controls (Phase 4). Proper planning and leveraging of existing SOX processes can help achieve compliance in an efficient and cost-effective
Strengthening governance, risk and compliance in the insurance industryJordi Planas Manzano
The document discusses governance, risk, and compliance (GRC) initiatives in the insurance industry. It notes that while insurers have generally focused on cost control and risk avoidance, some are now seeing GRC as a strategic advantage. Integrating GRC can provide transparency, help identify risks, and enable timely responses. However, most insurers still struggle with complex, inconsistent processes across business units. Surveyed insurers reported benefits of automation like reduced errors, lower costs, and better decisions. Still, few have achieved full GRC capabilities due to barriers like cost and complexity. Successful GRC requires an enterprise-wide view of risk to support strategic decision making.
Enterprise risk management has become a vital component to cyber security, logistics management, asset management and supply chain management. As organizations continue to rely on data to drive workforce automation, Industrial IoT and process automation, it is becoming necessary to analyze data to discover risk before it occurs and implement effective remediation practices and processes. Seminar participants will collaborate and explore the emerging new use cases for enterprise risk management that addresses the need to better understand how to leverage critical data to predict and understand how data analytics can support risk management and mitigation in an increasingly data-dependent workforce environment.
During this seminar, participants will:
a. Explore new innovations in enterprise risk management that will provide new career opportunities for STEM professionals
b. Examine the skills and experiences necessary to take advantage of risk management career opportunities
c. Discern the applicable areas for enterprise risk management
d. Determine the importance of addressing enterprise risk management in all digital transformation initiatives
e. Identify the market growth and consulting opportunities in enterprise risk management
=>Concept of Governance
=>Risk and Control (GRC) as applicable to IT operational risk
=>Importance of documentation
=>DATA FLOW DIAGRAM for every application
=>Review of changes in the Data flow, reporting, etc.
=>Parameters for review
=>Importance of review on SLA compliance
=>Reporting to IT Strategy committee, Board etc.
I need a response to the discussion in APA format.docxbkbk37
Enterprise risk management (ERM) is a process used by companies to reduce risks that affect earnings and capital. It involves planning, organizing, and managing risks related to strategy, operations, finance, and accidents. Key elements of ERM include assessing significant risks and implementing appropriate risk responses like risk acceptance, avoidance, transfer, or mitigation. The University of California used ERM to decrease overall risk by advancing their program and regularly updating risk plans. Risk governance and culture are also important components that drive effective ERM programs.
I need a response to the discussion in APA format.docx4934bk
Enterprise risk management (ERM) is a process used by companies to plan for, manage, and mitigate risks that could impact earnings and capital. ERM addresses strategic, operational, financial, and accidental risks. Key elements of ERM include assessing significant risks and implementing appropriate risk responses such as risk acceptance, avoidance, transfer, or mitigation. The University of California adopted ERM to reduce overall risk and its Office of Risk Management regularly updates risk plans. Risk governance and culture are critical components of an effective ERM program.
Similar to The 2010 Governance Risk & Compliance Summit (20)
AI Transformation Playbook: Thinking AI-First for Your BusinessArijit Dutta
I dive into how businesses can stay competitive by integrating AI into their core processes. From identifying the right approach to building collaborative teams and recognizing common pitfalls, this guide has got you covered. AI transformation is a journey, and this playbook is here to help you navigate it successfully.
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN CHART KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART INDIA MATKA KALYAN SATTA MATKA 420 INDIAN MATKA SATTA KING MATKA FIX JODI FIX FIX FIX SATTA NAMBAR MATKA INDIA SATTA BATTA
KALYAN CHART SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART
NewBase 20 June 2024 Energy News issue - 1731 by Khaled Al Awadi_compressed.pdfKhaled Al Awadi
Greetings,
Hawk Energy is pleased to present you with the latest energy news
NewBase 20 June 2024 Energy News issue - 1731 by Khaled Al Awadi
Regards.
Founder & S.Editor - NewBase Energy
Khaled M Al Awadi, Energy Consultant
MS & BS Mechanical Engineering (HON), USAGreetings,
Hawk Energy is pleased to present you with the latest energy news
NewBase 20 June 2024 Energy News issue - 1731 by Khaled Al Awadi
Regards.
Founder & S.Editor - NewBase Energy
Khaled M Al Awadi, Energy Consultant
MS & BS Mechanical Engineering (HON), USAGreetings,
Hawk Energy is pleased to present you with the latest energy news
NewBase 20 June 2024 Energy News issue - 1731 by Khaled Al Awadi
Regards.
Founder & S.Editor - NewBase Energy
Khaled M Al Awadi, Energy Consultant
MS & BS Mechanical Engineering (HON), USAGreetings,
Hawk Energy is pleased to present you with the latest energy news
NewBase 20 June 2024 Energy News issue - 1731 by Khaled Al Awadi
Regards.
Founder & S.Editor - NewBase Energy
Khaled M Al Awadi, Energy Consultant
MS & BS Mechanical Engineering (HON), USAGreetings,
Hawk Energy is pleased to present you with the latest energy news
NewBase 20 June 2024 Energy News issue - 1731 by Khaled Al Awadi
Regards.
Founder & S.Editor - NewBase Energy
Khaled M Al Awadi, Energy Consultant
MS & BS Mechanical Engineering (HON), USAGreetings,
Hawk Energy is pleased to present you with the latest energy news
NewBase 20 June 2024 Energy News issue - 1731 by Khaled Al Awadi
Regards.
Founder & S.Editor - NewBase Energy
Khaled M Al Awadi, Energy Consultant
MS & BS Mechanical Engineering (HON), USA
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN CHART KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART
Easy Earnings Through Refer and Earn Apps Without KYC.pptxFx Lotus
Learn how to make extra money with refer and earn apps that don’t require KYC. Find out the advantages, top apps, and strategies to boost your earnings quickly and easily.
"𝑩𝑬𝑮𝑼𝑵 𝑾𝑰𝑻𝑯 𝑻𝑱 𝑰𝑺 𝑯𝑨𝑳𝑭 𝑫𝑶𝑵𝑬"
𝐓𝐉 𝐂𝐨𝐦𝐬 (𝐓𝐉 𝐂𝐨𝐦𝐦𝐮𝐧𝐢𝐜𝐚𝐭𝐢𝐨𝐧𝐬) is a professional event agency that includes experts in the event-organizing market in Vietnam, Korea, and ASEAN countries. We provide unlimited types of events from Music concerts, Fan meetings, and Culture festivals to Corporate events, Internal company events, Golf tournaments, MICE events, and Exhibitions. 𝐓𝐉 𝐂𝐨𝐦𝐬 provides unlimited package services including such as Event organizing, Event planning, Event production, Manpower, PR marketing, Design 2D/3D, VIP protocols, Interpreter agency, etc.
⭐ 𝐅𝐞𝐚𝐭𝐮𝐫𝐞𝐝 𝐩𝐫𝐨𝐣𝐞𝐜𝐭𝐬:
➢2024 GROUNDBREAKING CEREMONY OF SK LEAVEO PLANT
➢2024 BAEKHYUN [Lonsdaleite] IN HO CHI MINH
➢2024 CHILDREN ART EXHIBITION 2024: BEYOND BARRIERS
➢SUPER JUNIOR-L.S.S. THE SHOW : Th3ee Guys in HO CHI MINH
➢WOW K-Music Festival 2023
➢ Winner [CROSS] Tour in HCM
➢ Super Show 9 in HCM with Super Junior
➢ HCMC - Gyeongsangbuk-do Culture and Tourism Festival
➢ Korean Vietnam Partnership - Fair with LG
➢ Korean President visits Samsung Electronics R&D Center
➢ Vietnam Food Expo with Lotte Wellfood
➢ Daewon Pharm Year End Party
➢ Giant Lantern Festival in Ha Noi with Gamuda Land
➢ Light Festival 2019 in HCMC with Phu My Hung Corp
(etc)
"𝐄𝐯𝐞𝐫𝐲 𝐞𝐯𝐞𝐧𝐭 𝐢𝐬 𝐚 𝐬𝐭𝐨𝐫𝐲, 𝐚 𝐬𝐩𝐞𝐜𝐢𝐚𝐥 𝐣𝐨𝐮𝐫𝐧𝐞𝐲. 𝐖𝐞 𝐚𝐥𝐰𝐚𝐲𝐬 𝐛𝐞𝐥𝐢𝐞𝐯𝐞 𝐭𝐡𝐚𝐭 𝐬𝐡𝐨𝐫𝐭𝐥𝐲 𝐲𝐨𝐮 𝐰𝐢𝐥𝐥 𝐛𝐞 𝐚 𝐩𝐚𝐫𝐭 𝐨𝐟 𝐨𝐮𝐫 𝐬𝐭𝐨𝐫𝐢𝐞𝐬."
High-Quality IPTV Monthly Subscription for $15advik4387
Experience high-quality entertainment with our IPTV monthly subscription for just $15. Access a vast array of live TV channels, movies, and on-demand shows with crystal-clear streaming. Our reliable service ensures smooth, uninterrupted viewing at an unbeatable price. Perfect for those seeking premium content without breaking the bank. Start streaming today!
https://rb.gy/f409dk
Revolutionizing Surface Protection Xlcoatings Nano Based SolutionsExcel coatings
Excelcoating Transforming surface protection with their cutting-edge, eco-friendly nano-based coatings. This presentation delves into their innovative product lineup, including Excel CoolCoat for roof cooling, Excel NanoSeal for cement surfaces, Excel StayCool for UV-filtering glass, Excel StayClean for solar panels, Excel CoolTile for heat-reflective tiles, and Excel InsulX for film insulation.
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN CHART KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART
L'indice de performance des ports à conteneurs de l'année 2023SPATPortToamasina
Une évaluation comparable de la performance basée sur le temps d'escale des navires
L'objectif de l'ICPP est d'identifier les domaines d'amélioration qui peuvent en fin de compte bénéficier à toutes les parties concernées, des compagnies maritimes aux gouvernements nationaux en passant par les consommateurs. Il est conçu pour servir de point de référence aux principaux acteurs de l'économie mondiale, notamment les autorités et les opérateurs portuaires, les gouvernements nationaux, les organisations supranationales, les agences de développement, les divers intérêts maritimes et d'autres acteurs publics et privés du commerce, de la logistique et des services de la chaîne d'approvisionnement.
Le développement de l'ICPP repose sur le temps total passé par les porte-conteneurs dans les ports, de la manière expliquée dans les sections suivantes du rapport, et comme dans les itérations précédentes de l'ICPP. Cette quatrième itération utilise des données pour l'année civile complète 2023. Elle poursuit le changement introduit l'année dernière en n'incluant que les ports qui ont eu un minimum de 24 escales valides au cours de la période de 12 mois de l'étude. Le nombre de ports inclus dans l'ICPP 2023 est de 405.
Comme dans les éditions précédentes de l'ICPP, la production du classement fait appel à deux approches méthodologiques différentes : une approche administrative, ou technique, une méthodologie pragmatique reflétant les connaissances et le jugement des experts ; et une approche statistique, utilisant l'analyse factorielle (AF), ou plus précisément la factorisation matricielle. L'utilisation de ces deux approches vise à garantir que le classement des performances des ports à conteneurs reflète le plus fidèlement possible les performances réelles des ports, tout en étant statistiquement robuste.
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN CHART KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN CHART KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART
The Enigmatic Gemini: Unveiling the Dual Personalitiesmy Pandit
Explore the fascinating world of the Gemini Zodiac Sign, where duality reigns supreme. Discover the personality traits, important dates, and horoscope insights that define the ever-curious and communicative Gemini.
japanese language course in delhi near meheyfairies7
Next is the Nihon Language Academy in East Delhi, renowned for its comprehensive curriculum and interactive teaching methods. They boast a faculty of experienced educators with a blend of both Indian and Japanese nationals. The academy provides extensive support for JLPT exam preparation along with personalized tutoring sessions if needed. Nihon Language Academy also arranges exchange programs with partner institutes in Japan, which provides students an opportunity to experience Japanese culture and language first-hand.
1. Governance,
Re gu
The 2009
gi st
Au
Sa
st 14
er t
risk manaGemenT
ve
by h
$4
compliance summiT
00
and
Develop an Integrated Approach to Risk Management,
Compliance and Corporate Governance
sepTember 29, 30 & ocTober 1, 2009
John hancock hoTel & conference cenTer
bosTon, ma
This comprehensive Governance, risk and
compliance (Grc) evenT will demonsTraTe
how To:
• Identify a methodology to link process and
technology, effectively bridging together
internal audit, risk management, information
security, operations and compliance
functions.
• Utilize GRC to effectively execute corporate
strategy in tough economic times
• Grow GRC capabilities and transform
a reactive and technologically focused
approach, into a proactive and risk based
approach
Presented by: Sponsors:
2. Enable Your Organization to Anticipate and Manage Business
Risk while More Effectively Delivering Value
Dear GRC Executive,
Today’s organization is a complex multiplicity of global processes and business relationships. Organizations
are struggling to identify, manage, and control Governance, Risk Management, and Corporate Compliance
(GRC) across business relationships. At the 2009 Governance, Risk Management, and Compliance
Conference you will learn to effectively enable your organization to anticipate and manage business risk
while more effectively delivering value for the organization.
PREPARING FOR AN UNCERTAIN FUTURE ADOPT AN INTEGRATED APPROACH
Ignoring or misunderstanding financial risks played a GRC is often positioned as a single business activity, when it
substantial role in creating the world financial crisis in 2008. actually includes multiple overlapping and related activities
The financial crisis has essentially undone the last decade of within an organization including internal audit, compliance
deregulation, and corporate leaders and legal teams will bear programs like SOX, enterprise risk management (ERM),
the responsibility of rebuilding whole industries from the operational risk, and incident management among others.
ground up. Business leaders everywhere should be asking Within the GRC realm, if the first element –Governance--is
themselves what could have been done differently and what not in place, the second two elements -Risk Management and
can be done in the future to avoid crisis of this proportion. Compliance- become irrelevant and cannot be meaningfully
A large portion of the answer lies in the area of governance achieved. Likewise, if second element --Risk Management--
itself. Businesses need sound, ethical and well-planned is not in place then achieving Compliance becomes irrelevant
building blocks on which to found their governance and generally cannot be meaningfully achieved.
principles, regardless of future regulations. Implementing It is necessary to improve each of the elements of your
internal controls, breaking down communication barriers organization’s GRC initiative as well as increase overall
between departments and centralizing information are vital performance by breaking down communication barriers
to proper corporate governance. between finance, IT (Information Technology) and Legal
According to a study by The Economist Intelligence Unit, departments. Organizations must evaluate their financial
“Companies are beginning to realize that the full value activities to ensure the correct operation of all financial
of [governance] depends in large part on the policies and processes, as well as compliance with any finance-related
procedures that govern and control its use, access, analysis, mandates. Learn how to strike an appropriate balance
retention and protection.” In a poll conducted by the EIU: between business reward and risk. Ensure that the IT
organization supports the current and future needs of the
“… 77% of respondents expect … governance to be … business, and complies with all IT-related mandates. Finally,
very important to their company’s success over the next three tie all three components together through your organization's
years. As a result, many firms have begun building the legal department and Chief Compliance Officer.
foundation for … governance policies. A majority (65%)
have defined policies around how information is to be stored Join GSMI on September 29th, 30th and October 1st in John
and shared among employees and stakeholders. Furthermore, Hancock Hotel & Conference Center - Boston for the 2009
some organizations are forming formal governance bodies GRC Conference to learn strategies to join the movement
to create strategies, policies and procedures surrounding the from managing risk as a transaction or compliance activity
distribution of information inside and outside the firm. This to adding business value by improving operational decision
is a good start, but considering that 68% of respondents also making and strategic planning. Register today by calling
expect that the complexity of their company’s information 888.409.4418 or visit us at www.gsmiweb.com. I hope to
governance issues will grow over the next three years, there is see you this September!
little time to waste.”
Regards,
Luke Vinci
President, GSMI
2 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
3. Adopt an
Integrated Approach
to Governance, Risk
and Compliance
WHO SHOULd ATTEnd?
Managers and executives involved in Governance, Risk Management and Compliance:
• Governance, risk, compliance • Manager, Enterprise Risk Management
(gRC) staff • Risk analysts
• CFO
• Chief Risk Officers
• ARM
• ARM-P
venue:
• Chief Legal Counsel • IT governance directors/managers the 2009 GRC Conference will be held at John
• Chief Compliance Officer •I T risk directors/managers hancock hotel & Conference Center, Boston,
• VPs of Risk Management Ma
• IT compliance directors/managers
• VP of Finance • IT Audit directors/managers accommodations:
• Treasurers • Information security directors/ a limited number of rooms have been reserved
• Controllers managers at the John hancock hotel (located at the John
hancock Conference Center) at a discount
• Director, Internal audit • IT directors/ consultants
rate of $189 per night (contact the hotel by
• Director, Operational Risk september 10, 2009 to receive the discounted
rate). also, please make sure to ask for the GsMi
involved in the followinG aReas: conference rate when you call for reservations.
to make reservations, call, 617 933 7700.
• Audit • Legal
• Compliance • Governmental affairs
• Governance • IT
• Risk management • Accounting
• Sarbanes Oxley (SOX) • Finance
• Ethics • Reliability
• Regulatory • Quality assurance
Mitigate Risks and
Prevent Future
Compliance Issues
3 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
4. Agenda at a Glance
day One - September 29, 2009
8:30 Continental Breakfast and Workshop Registration 12:00 Luncheon
Breakout sessions Breakout sessions
9:00 workshop a: workshop B: 1:15 workshop C: workshop d:
Leveraging Your Compliance Aligning ERM to Strategy Practical Application of Lead- ERM Process Improvement
Program Toward Corporate through the Balanced ing Practices in Regulatory
governance Scorecard (BSC) Compliance
4:15 Adjourn
day Two - September 30, 2009
8:00 Continental Breakfast and Registration Breakout sessions
8:45 Keynote: Stakeholder Reputation Risk: The Real Driver Behind it GRC: eRM:
Coordinated GRC Policies 2:15
developing Metrics and Case Study: Putting the “R”
9:40 Integrated GRC: Assurance Integration with Real ROI Measures for information in gRC, an enterprise Risk
governance Management (ERM) Perspective
10:35 Break and Refreshments
10:50 Best Practices to Achieve Results with Governance Risk and 3:15 Break and Refreshments
Compliance
Breakout sessions
11:35 Choosing the Right GRC Software it GRC: eRM:
3:30
12:15 Networking Luncheon GAIT for Business and IT Risk Learn How Your ERM Strategy
Can Enhance Your Company’s
Value and Credit Rating
Breakout sessions
4:30 it GRC: eRM:
1:15 it GRC: eRM:
Security By Compliance - A iso 31000 and eRM
governance, Risk, Compliance Utilizing ERM to Rebuild our
discussion of information Risk
- and Mobility Economy
Management’s Greatest Challenge
5:30 Adjourn
day Three - October 1, 2009
8:00 Continental Breakfast 12:00 Networking Luncheon
8:30 A Measure of Success:Tools to Evaluate GRC Program Design 1:15 Protect and Grow Shareholder Value with Best Practices and
and operation effective tool
Breakout sessions 1:45 Panel Discussion - Establishing GRC Goals and Performance
9:15 Metrics
financial GRC legal GRC:
Case Study: Beyond Bridging the Gap between 2:15 Break and Refreshments
Compliance: A SOX Perspective Legal and GRC 2:30 Building an Effective Whistle-blower Program - “Best mechanism to
10:15 Break and Refreshments surface fraud and wrongdoing”
Breakout sessions 3: 30 Bringing it all Together: Evaluating the Results of Your GRC Program
10:30 financial GRC: legal GRC: 4:30 Conference Adjourn
Mastering Financial Governance How the financial crisis will
– Bridging the Gap Between affect governance for corporate
SOX, Internal Audit, and Risk legal departments
Management Processes
4 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
5. 5 5 Reasons to Attend
2009 GRC Conference
1. integrate
Learn from leaders in risk management, governance and compliance how to
achieve compliance and insure ethical conduct while meeting general business
objectives. Take lessons learned back home to your organization’s GRC silo
leaders and facilitate integration among your entire company.
2. Connect
Network with your peers from organizations throughout the country and
around the world. Learn how others are implementing and improving GRC
initiatives and programs for today’s economy. There will be ample opportunity
for networking during our receptions, meals, breaks and informative sessions.
3. focus
Four interactive break out tracks. Identify case studies and lessons learned to
manage, measure, improve and integrate your GRC functions across all silos – IT,
Financial and Legal.
4. evolve
Information security is quickly evolving into information risk management.
The enterprise of today can no longer rely on technology alone to protect
information and information infrastructure, and requires a business approach
to information risk management, governance, and compliance to be successful.
Gain insight and guidance on key issues faced by enterprises today, as they
mature their capabilities and transform a reactive and technologically focused
approach to information security, into a proactive and risk based one.
5. save
Simplify GRC and reduce costs by managing multiple regulatory requirements
with one enterprise GRC platform..
5 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
6. feaTured speakers
Michael Rasmussen, patricia Florissi, Chris Boswell,
President, Risk & Distinguished Engineer, Director Risk and
Compliance Advisor, Strategic Initiative Leader, Compliance Services,
CORpORATE Governance, Risk and CA, InC
InTEGRITy, LLC Compliance,
EMC, InC
Mark Smith, Geoffrey Buswick, Johannes Swanepoel,
CEO & EVP Research, Managing Director, Director Enterprise
VEnTAnA Boston Head Office, Risk Management,
RESEARCH STAndARd & pOORS CURA SOFTWARE
CORpORATE And
GOVERnMEnT
RATInGS
nick Bako, CMA, Ranga Bodla,
Chief Risk Officer, Director, Solution Marketing,
OnTARIO LOTTERy EpM And GRC.
And GAMInG SAp, InC.
oTher speakers include:
• Jason Mefford, • Irving Kagan, • Steven Saporito,
VP of Business Process Assurance, Kagan Consultants Managing Director, Enterprise
Ventura Foods and Risk Finance Practice,
• Brad Vorhies, • Tony Tarantino, Phd, Author willis re
Manager of Financial Controls Compliance, and Adjunct Professor of Finance at
energy Future Holdings santa Clara uniVersity • Dr. Prodyot Samanta,
Managing Director,
• Carole L. Basri, tHrideye risKinsigHts
• Dave Ingram, Senior VP,
University of Penn Law School,
willis re
Corporate lawyering
group llC
6 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
7. Best Practices and Strategies
from Leaders in GRC!
aGenda and speakinG faculTy
daY one: Pre-Conference workshops: september 29, 2009
8:30 Continental Breakfast 12:00 Luncheon
and Registration
9:00 workshop a: 9:00 workshop B: 1:15 workshop C: 1:15 workshop d:
leveraging Your Compliance aligning eRM to strategy through Practical application of leading eRM Process improvement
Program toward Corporate the Balanced scorecard (BsC) Practices in Learn to benchmark your
Governance The COSO Framework describes Regulatory Compliance organizations enterprise risk
gain an understanding of various eRM as a process that guides the Today companies face the challenge management (eRM) structure,
paradigms around corporate achievement of strategic objectives. of establishing a consistent set of process, and practices with COSOs
governance, risk management, and Because of the integral role ERM processes, practices and systems that ERM Integrated Framework. This
compliance (gRC). discuss the plays in strategy execution, it support external compliance and workshop will identify opportunities
many challenges involved in aligning must be understood throughout internal self-assessment. Join us for this for improving your organizations
GRC within an organization. the entire organization. the workshop to identify leading practices ERM process by sharing and
Join us for this practical workshop Balanced Scorecard (BSC) is a that are being used by companies to comparing practices with other
and identify: performance measurement system create proactive programs that are eRM practitioners. attendees in
that communicates organizational sustainable and adaptable in the face of this workshop will:
• How one company is working
progress in executing strategy countless regulatory expectations and • Participate in a series of
through challenges of aligning
across four perspectives (financial, requirements across the physical and discussions on eRM challenges
gRC;
customer, internal processes, financial markets. and strategies for sustaining the
• Resources available to help learning and growth). At the core Workshop attendees will gain an eRM process.
your company work through of the BSC is a strategy map that
compliance challenges; and understanding of the key components • Validate the ERM approach and
shows the strategic linkage between of a compliance program as well as identify any blind spots.
• Various approaches for organizational objectives.Through gain valuable insight regarding the
leveraging your existing integrating objectives related to regulatory compliance capability
compliance and risk addressing specific risks into the maturity of their own organizations.
management programs to strategy map, organizations can Some specific leading practices
improve corporate governance create initiatives that make eRM an discussed include:
integral part of strategy execution.
• Risk Assessment Processes
In this comprehensive workshop,
• Organizational Structure
you will experience a hands-on
approach to incorporating eRM • Underlying Policies and
into organizational strategy through Procedures
using the BSC and the strategy map • Control and Monitoring
that supports it. Mechanisms
• IT Systems and Information
Management
Effectively Manage and Track GRC
Activities Across an Enterprise
7 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
8. aGenda and speakinG faculTy (conTinued)
daY two: september 30, 2009
8:00 Continental Breakfast 9:40 integrated GRC: assurance ries to assess your current vendors
integration with Real Roi and technologies and examine new
8:45 Keynote: stakeholder Reputation
Integrated GRC in the Virtual, Hyper- ones. Unfortunately the majority of
Risk: the Real driver Behind Coor-
Extended Business: Integration of organizations lack the technology
dinated GRC Policies
GRC silos for Real ROI. Find out know-how for making improvements
A key component in the emerging from monitoring to automation and
why integration is the key to success
regime of coordinated governance, risk, control to the specific analytics and
and why it is often the major cause
and compliance (gRC) management is metrics required to successful with
of corporate governance failures
ensuring that the company’s business GRC. This session will provide clarity
as organizations transition to new
is conducted in a manner that serves on the scope of GRC and the software
business models in the virtual world.
its various stakeholders in an effective, that can best meet an organization
Discover new approaches for
compliant, and untainted fashion. a needs while leveraging existing invest-
leveraging performance management
true indicator of the success or failure ments and provide the tools for every
and infrastructure monitoring systems
of this internal company effort is participant to make the best decision
to harvest empirical evidence for gRC.
the company’s imputed goodwill or for their organization.
Learn how to reduce the cost and
reputation, arguably the most valuable,
complexity of your company’s silo’d
yet fragile, attribute a company
gRC initiatives and gain insight into
possesses. 12:15 Networking Luncheon
new strategies, tactics and approaches
This keynote presentation will explore to optimize your infrastructure to
how the imposition of recent — and create real return on investment. BReaKout sessions
the strengthening of longstanding
— compliance obligations have 10:35 Break and Refreshments Choose: it GRC or eRM
compounded the responsibilities of 10:50 Best Practices to achieve Results it GRC:
professionals charged with enforcing with Governance Risk and
governance, risk, compliance, audit and Compliance 1:15 developing Metrics and Measures
ethics roles. It will examine compliance for information Governance
This session will cover the evolution of
measures and their practical impact on Information Governance has become
governance, risk and compliance (gRC)
companies, due to: a critical issue within organizations, and
management and discuss how it is being
• The expansive reach of the shaped by key stakeholders including a key success factor for businesses.
requirements consultants, regulators and end-users. In order to effectively maintain the
• The lack of precedents Identify various approaches to GRC and stewardship, integrity and security
highlight the strengths and weaknesses of of an organization’s information
• The emphasis on self-disclosure
each approach to cut through the hype infrastructure effective metrics
• The uncertainty over due process and measures must be developed,
rights in enforcement and identify areas where true value can
be derived today. Attendees will also learn implemented, and monitored. this
It will further examine how these session will cover the concept of
tips and tricks to help streamline risk,
elements expose the company’s enterprise metrics and measures in the
compliance and audit processes.
reputation to immediate risk, and how context of Information Governance
to structure a GRC culture within 11:35 Choosing the Right GRC software maturity as well as the issues that
the organization to address these Assess Your Needs and Establish Evalu- must be considered when developing,
exposures in a manner ensuring that ation Criteria for Finance, Operations implementing and monitoring them.
compliance issues are disseminated and it Attendees will participate in an
effectively through the organization interactive session to:
the challenges for organizations in
and implemented enterprise-wide.
addressing the spectrum of governance, • Identify current and target States on
Further, identify a coherent integrated
risk and compliance (gRC) is having an Information Governance Maturity
GRC effort developed by senior
clarity in the requirements for ad- Model
management in collaboration with the
dressing the specific process needs • Discuss challenges and strategies in
governance, risk, compliance, audit, legal
across business and IT. GRC has specific implementing roadmaps, metrics and
and ethics team to drive the entire
needs for finance, operations and IT reporting
organization to foster and protect a
areas where the specific competencies
company’s stakeholder reputation. • Learn about technologies that
across people, processes, information
accelerate movement up information
and technology need to be reviewed
Management maturity curves
for determining the right steps for
improvement.To do this successfully is to
understand the evaluation catego-
8 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
9. aGenda and speakinG faculTy (conTinued)
daY two: september 30, 2009 (Continued)
BReaKout sessions - Choose: it GRC or eRM
eRM: eRM: it GRC:
1:15 utilizing eRM to Rebuild our 2:15 Case study: Putting the “R” in GRC, 4:30 security By Compliance - a discus-
economy an enterprise Risk Management sion of information Risk Manage-
What role, if any, did ERM play in (eRM) Perspective ment's Greatest Challenge
the collapse of the financial markets? As compliance issues have become When most organizations today
enterprise Risk Management can increasingly important and the magnitude think about information protection,
be the tool to rebuild our economy. of their consequences has escalated, compliance is at the top of that list.
This session will evaluate how ERM the interface between governance This new level of consciousness has
is shaping business and how to use risk and compliance has moved up in become both a tremendous benefit
it your advantage. You’ll hear the prominence not just among regulators, to information security professionals
perspectives from rating agencies, but among stakeholders, shareholders, as well as their greatest fear. The
updates on the latest S&P initiatives, and management. This session will leadership of many companies are
tools you can use to implement describe how these GRC elements are now falling into the trap of feeling
ERM going forward, how financial integrated with a focus on the role of secure merely because they are
institutions’ failures reflect on their enterprise risk management in strategic compliant; however simply meeting
eRM practices, and other current issues and operational planning. legal and regulatory compliance
of relevance. requirements, does not necessarily
3:15 Break and Refreshments
mean that companies have fulfilled
it GRC: it GRC: their requirements for information
2:15 developing Metrics and Measures risk management and protection.
3:30 Gait for Business and it Risk
for information Governance Learn how to take advantage of the
Discover why leading-edge chief audit benefits created by new compliance
Information Governance has become executives and audit practitioners say requirements, while also overcoming
a critical issue within organizations, and there is no such thing as information the challenge of this new operating
a key success factor for businesses. technology (IT) risk. Discuss the procedure.
In order to effectively maintain the relationship between business risk and
stewardship, integrity and security IT risk. Review the methodology in eRM:
of an organization’s information the guide to the assessment of it Risk 4:30 iso 31000 and eRM
infrastructure effective metrics (GAIT) publication GAIT for Business
and measures must be developed, the international risk management
and IT Risk and how it is used to
implemented, and monitored. this framework is scheduled to be
ensure efficient auditing of IT. Develop
session will cover the concept of published in 2009. Most risk
a solid understanding of the gait for
enterprise metrics and measures in the professionals recognize the importance
Business and IT Risk methodology as
context of Information Governance of a formalized framework to ensure
well as the ability to apply it.
maturity as well as the issues that the successful implementation of
must be considered when developing, eRM: enterprise risk management (eRM).
implementing and monitoring them. Starting with the ISO 31000 risk
3:30 learn how Your eRM strategy Can
management process schedule,
Attendees will participate in an enhance Your Company's value and
learn how to tailor ERM to the
interactive session to: Credit Rating
individual needs of any organization,
• Identify current and target States on Reviewing the quality of enterprise align risk management objectives to
an Information Governance Maturity risk management (eRM) programs is organizational strategic goals and
Model no easy task. Learn directly about the missions and graft eRM culture onto
• Discuss challenges and strategies in review process, major findings and existing corporate culture.
implementing roadmaps, metrics and lessons-learned, and how to integrate
reporting the review into ratings determination.
Discover how others have improved 5:30 Adjourn
• Learn about technologies that
the quality of their decision making by
accelerate movement up information
incorporating risk information directly
Management maturity curves
into business and strategic planning, and
link your ERM programs to driving value
and improving business resiliency.
9 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
10. aGenda and speakinG faculTy (conTinued)
daY thRee: october 1, 2009
8:00 Continental Breakfast
8:30 a Measure of success: tools to evaluate GRC Program design and operation
• Learn how to evaluate the design and operating effectiveness of governance, risk management, and compliance (GRC) systems
• Hear about the new procedures and criteria for GRC program design evaluation and certification
• Expand your understanding of metrics that can be used to help GRC systems contribute to business objectives
MoRninG BReaKout sessions - Choose: financial GRC or legal GRC
financial GRC: companies weather the coming The convergence of financial
regulatory storm. Identify how to governance disciplines provides the
9:15 Case study: Beyond Compliance: a
utilize general counsel to help lead the opportunity to streamline processes,
sox Perspective
way as far as implementing processes improve risk management, and create
Learn how to embed reliable control and ensuring compliance. Key points of greater transparency and visibility to
self-assessment into your organization focus of this session include: financial processes, risks and controls.
in order to provide ongoing assurance
• How legal will overlap but not • Discuss the basics and best practices
that goes far beyond Sarbanes-Oxley
duplicate work being done by of financial governance
Section 404 (SOx) compliance
records information management • Provide examples of how to
in order to achieve operational
(RIM) and information technology improve and converge the efforts of
objectives and quality control over
(it) and corporate compliance internal audit, risk management and
internal control. You will learn how
officers compliance
to leverage your existing investment
to achieve an embedded process that • How corporate legal departments • Offer a pragmatic approach to
will greatly reduce costly direct testing can influence legislative decision better implement risk management
and the non-value-add burden of SOX makers to minimize the negative discipline across your finance
compliance. Moreover, this process impacts on my company and business processes
can be used to provide ongoing industry
legal GRC:
assurance regarding the achievement • How to build support across the
of all company control objectives. organization for an expanded general 10:30 how the financial Crisis has and will
counsel role continue to affect Governance for
legal GRC: Corporate legal departments
10:15 Break and Refreshments
9:15 Bridging the Gap between legal and We can be absolutely sure that the
GRC consequences of the financial crisis
too often, corporate legal departments will reach far and wide, in the form
financial GRC:
have neglected to take an active role of a fresh round of regulation and
in governance decisions and oversight, 10:30 Mastering financial Governance – oversight that is likely to spill over into
resulting in avoidable consequences. Bridging the Gap Between sox, many jurisdictions, with important
Mitigating risks and preventing future internal audit, and Risk Management implications for governance and
compliance issues are both dependent Processes corporate legal departments. While
on setting up defensible governance With ever increasing regulations, legal’s role in governance is but one
policies now, before regulations force the maturity of SOX processes, and facet in a corporation, it is an essential
the issue. Legal departments must the growing need for enhanced risk one. It is likely that the aftershocks of
ensure accountability, defensibility and management disciplines, enabling a the Wall Street meltdown will have
transparency in a company’s processes, sound financial governance strategy lasting effects with new rules coming
systems, protocols, structures, has become very complex. Most around governance and transparency.
operations and controls. the legal finance departments currently Identify ways in which you and your
scope is growing to fulfill new roles in manage these processes in disparate company’s legal department can be
the realm of corporate governance. silos and systems that fail to provide prepared for the future changes.
General counsel is ideally positioned an integrated view of audit, risk
within corporations to lead important management and financial control
decision-making processes and help compliance.
Network, Learn and Transform Your Organization!
10 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
11. aGenda and speakinG faculTy (conTinued)
daY thRee: october 1, 2009
12:00 Networking Luncheon 2:15 Break and Refreshments
2:30 Building an effective whistle-blower
1:15 Protect and Grow shareholder value Program - “Best mechanism to
with Best Practices and effective
Adopt A
surface fraud and wrongdoing”
tools
A whistle-blower function provides
In many organizations, risk an important element in a more
management and strategy robust enterprise risk management
management are often treated framework:
as unrelated processes. . this
disconnected approach often fails
to take into account the impacts
• Helps set “tone at the top” of the
organization Unified
that risk might have on strategic • Effective “detective” control
initiatives. Strategy management
is ultimately about creating new
and sustainable value. Without an
• Supplements normal information &
communications systems
• Mechanism for risk monitoring
Strategy To
understanding of the inherent risks
The objectives of these programs are to:
Improve
associated with value creation, it
is difficult to get a clear picture of • encourage ethical and legal violations
the strategy, or worse, no effective to be brought forward for prompt
path to execute the strategy. Using resolution
best practices and pursuing an • minimize the organization’s exposure
integrated approach to strategy
and risk management, executives
ensure that they are focusing on the
to damage
• let employees know the organization
is serious about adherence to codes
Governance,
right initiatives to drive execution of of conduct
strategy and manage risk.
Avoid Letting New Strategies and
3:30 Bringing it all together: evaluating
the Results of Your GRC Program
Assess Risk
Initiatives Fail Your company has implemented a
Learn why so many new
strategies and initiatives often
fail. Management often lacks the
robust GRC program, but how do you
really know if it’s designed adequately
and operating effectively? Traditional
And Ensure
ability to track strategy execution, audit techniques may not provide you
and the associated risks are not
comprehensively monitored and
managed.
with the full answer to that question.
In this presentation, participants will
gain an understanding of the following:
Compliance
• Determining the scope of a
Risk-intelligent strategic planning
comprehensive gRC audit
provides for the ability to
understand and manage business • Designing a maturity-based audit
performance. SAP offers a solution approach
that integrates risk management and • Gathering information on the soft
strategy management processes to aspects of a gRC program
effectively and proactively execute • Reporting the results to get action
with a complete understanding of
underlying risks.
4:30 Conference adjourns
11 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
12. sponsors and media parTners:
sponsors:
Cura enables over 200 business, government eMC works with organizations around the aP is the world’s leading provider of business
and other entities worldwide to achieve world, in every industry, in the public and software(*), offering applications and
the bottom line benefits of enterprise- private sectors, and of every size, from services that enable companies of all sizes
wide governance, risk management startups to the fortune Global 500. our and in more than 25 industries to become
and compliance (GRC) and enhanced customers include banks and other financial best-run businesses. with more than
performance management, through fast services firms, manufacturers, healthcare and 86,000 customers in over 120 countries,
implementation, easier configurability life sciences organizations, internet service the company is listed on several exchanges,
and true enterprise architecture. Cura and telecommunications providers, airlines including the frankfurt stock exchange and
has offices in new York, london, sydney, and transportation companies, educational nYse, under the symbol “saP.”
Melbourne and Johannesburg, and partners institutions, and public-sector agencies. eMC
in 10 countries also provides technology, products, and services
to consumers in more than 100 countries.
media parTners:
associaTion sponsor:
interested in sponsorship Or exhibiting opportunities?
Contact: Byron Mignanelli
byron@gsmiweb.com
or 888.409.4418
12 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
13. RegistRation: the 2009 Governance, Risk Management and Compliance summit
september 29, 30 and october 1, 2009
John Hancock Hotel & Conference Center • Boston, MA
ReGistRation fee: by 7/10 by 8/14 after 8/15 Please fill in the following information and fax back to: (619) 923-3542
Commercial
summit only q $1595 q $1795 q $1995
name
silver Pass: summit + 1 workshop q $2090 q $2290 q $2490
Gold Pass: summit + 2 workshops q $ 2390 q $2590 q $2790 title
Government non Profit
department
forum only q $1295 q $1495 q $1695
silver Pass: summit + 1 workshop q $1790 q $1990 q $2190
Company
Gold Pass: summit + 2 workshops q $2090 q $ 2290 q $2490
Mailing address
GRouP disCounts of 5 oR MoRe:
For information about group discounts of 6 or more people and Team City state
Learning opportunities for 2009 GRC Conference, please contact Luke
Vinci at 888.409.4418 or email him at luke.vinci@gsmiweb.com
Zip code Country (if applicable)
adMinistRative note: A 10% cancellation fee on registration will be
charged for cancellations received less than three weeks from the date of telephone fax
the conference. As speakers are confirmed six months before the event,
some speaker changes or topic changes may occur in the program. GSMI is
not responsible for speaker changes, but will work to ensure a comparable email
speaker is located to participate in the program.
CanCellation & QualitY assuRanCe: Payment Method:
The Global Strategic Management Institute strives to provide you with Credit Card: q amex q visa q MasterCard q Check
the most productive and effective educational experience possible. If after
completing the course you feel there is some way we can improve, please Credit Card number
provide us in writing with your comments on the evaluation for provided
up on arrival. Should you feel dissatisfied with your learning experience
name on Card
and wish to request a credit or refund, please submit it in writing no later
than 10 business days after the end of the training to: VP of Educational
Services, GSMI, 1804 Garnet Ave #492, San Diego, CA 92109. We will expiration date
evaluate individual complaints in a context of collective comments from
the event. do you have any dietary restrictions (e.g. kosher, vegetarian)? q Yes q no
A $300 service fee will be charged on cancellations received less than four
weeks from the date of the event. A credit memo will be sent reflective of if so, please specify:
your tuition rate minus the $300 cancellation service fee. The remaining tu-
ition funds will only be valid for a future conference and must be used within
one year of the credit memo. If you do not cancel your registration before
the day of the event, you will be charged for the full conference amount. As
speakers are confirmed months before the event, some speaker changes do you require any accommodations that require special attention?
or topic changes may occur in the program. Global Strategic Management q Yes q no
Institute is not responsible for speaker changes, but will work to ensure a
if so, please specify:
comparable speaker is located to participate in the program.
(e.g. wheel-chair access)
venue: aCCoMModations: exhiBitinG and sPonsoRshiP
The 2009 Governance, Risk Management and A limited number of rooms have been reserved infoRMation:
Compliance Summit Conference will be held at: at the John Hancock Hotel (located at the John To learn more about exhibiting at 2009 GRC
John Hancock Hotel & Conference Center Hancock Conference Center) at a discount rate of Conference, please contact Luke Vinci at
40 Trinity Pl, Boston, MA 02116 $189 per night (contact the hotel by September
888.409.4418 or email him at
10, 2009 to receive the discounted rate). also,
luke.vinci@gsmiweb.com
(617) 933-7700 please make sure to ask for the gsMi conference
rate when you call for reservations.
www.jhcenter.com
to make reservations, call, (617) 933 7700