Where Governance and Risk Management Align for Impact
2016GRCan I IA and ISACA co l l abora t ion
Aug. 22– 24, 2016 | Fort Lauderdale, Florida, USA
Be among the global leaders at this world-class event.
Reserve Your Place Today!#GRCConf
© 2
015
ISA
CA
. All
right
s re
serv
ed.
Join Us in Ft. Lauderdale, Fla., USA2016 Governance, Risk, and Control ConferenceMany of the best and brightest minds in business, IT, and information systems governance, risk, and control gather at GRC each year. Advance your knowledge and join these leaders at the 2016 conference. This innovative event is presented by two of the most respected and globally recognized associations in our field—The IIA and ISACA®.
Embrace Challenges, Forge Solutions, and Define the Future of GRC Collaboration is key to growth and success. At GRC 2016 you’ll learn the latest tips and tools in aligning governance and risk management to add value to your enterprise. This conference, which sold out the previous two years, takes place Aug. 22–24, 2016, at the Diplomat Resort & Spa in Ft. Lauderdale, Florida, USA. By attending GRC 2016, you can:
• Be inspired by world-class speakers.
• Learn solutions to business issues regarding enterprise governance, risk, and control.
• Gain and share innovative ideas to move your enterprise and your career forward.
• Meet new colleagues and build your network of peers.
• Earn up to 18 CPE hours—plus 7.5 more if you participate in a pre-conference workshop.
Select the Sessions and Workshops That Fit Your Needs Customize your experience. GRC 2016 offers more than 50 sessions and workshops led by globally recognized experts. Select the learning that is best for you from four dynamic tracks:
• Cyber: Risks, Controls, and Probabilities
• IT Audit Core Principles
• Internal Audit: Personal Brand Enhancement Strategies
• Internal Audit Core Skills Refinement
Stay at the Heart of the Conference Action!Diplomat Resort & Spa3555 S. Ocean DriveHollywood, FL 33019Hotel reservations: +1-954-602-6000
Take in spectacular views of the Atlantic Ocean and the Intracoastal Waterway from the Diplomat Resort & Spa Hollywood, by Hilton. Ideally situated on golden sand beaches, this resort blends full business amenities in a distinctly memorable location.
Your 2016 GRC conference registration INCLUDES: • Complimentary continental breakfast daily.
• Complimentary lunches on Monday and Tuesday.
• Welcome networking reception on Monday night.
• Conference app with presentations uploaded (when available from speaker).
Bring Your Colleagues! Organizations that send 4 or more employees to GRC 2016 can receive a group discount. For details, contact: +1-407-937-1111 or [email protected].
Special Discounted Room Rates for IIA/ISACA Attendees! Special hotel rates of US$209 per night plus tax are available three days prior to and following the conference, and are subject to availability. To obtain the preferred rate, mention that you are attending the 2016 GRC Conference.
Reservation requests received after July 21, 2016 will be honored on a space-available basis only. All reservations must be guaranteed with a deposit of one night’s room rate. Individuals are responsible for securing their own deposit at the time reservations are made. One-night room deposit (excluding taxes) is required at time of reservation. If a reservation is cancelled within three days of arrival, the full deposit will be forfeited (non-refundable). If a reservation is reduced in length of the stay within the cancellation period, a penalty fee applies. All reservations require a valid credit card and picture identification at check-in. Visit our website for details on discounted transportation to the event.
Conference Members and Registration Fees Non-members CPE
Early Bird – register by June 20 US$1,295 18
Regular – through August 12 US$1,495 18
Late – after August 12 US$1,595 18
Pre-conference Workshops (each) US$550 7.5
Save US$200 if you register by June 20, 2016!
The IIA and ISACA are registered with the National Association of State Boards of Accountancy (NABSA) as sponsors of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.learningmarket.org. IIA and ISACA certification holders are required to earn a minimum number of CPE credit hours in order to maintain their designations.
Attendees can earn up to 18 CPE hours by attending this conference and an additional 7.5 credits for attending optional Pre-conference Workshops. This IIA/ISACA conference is Group Live and does not require advanced preparation.
GRC Sold Out the Last Two Years.Space is limited, please reserve your seat soon.
Register today! www.theiia.org/GRCWhe
re G
over
nanc
e an
d R
isk
Man
agem
ent
Alig
n fo
r Im
pact
2016GR
Ca
n I
IA a
nd
IS
AC
A c
oll
ab
ora
tio
n
Aug.
22–
24, 2
016
|
Ft. L
aude
rdal
e, F
la.,
USA
Regi
ster
by
June
20,
201
6 an
d sa
ve U
S$20
0!
www.th
eiia.org/GRC
3701
Alg
onqu
in R
oad,
Sui
te 1
010
Rol
ling
Mea
dow
s, IL
600
08, U
SA
370
EDUCATIONAL SESSIONS
Monday, Aug. 22EDUCATIONAL SESSIONS
Tuesday, Aug. 23PRE-CONFERENCE WORKSHOPS
Sunday, Aug. 21EDUCATIONAL SESSIONS
Wednesday, Aug. 24
Track 1: Cyber: Risks, Controls, and Probabilities
Cyber (In)Security
Mandatory Convergence of IT Audits and Operational Audits
Information Security From a Criminal Perspective
Five Practical Steps Toward Managing Cyber Risks
Cybersecurity First Aid Kit: Steps to Recover From a Data Breach
Biting Off More Than the Enterprise Can Chew— Is Cyber Security Assurance Achievable: Smart City as Context
Track 2: IT Audit Core Principles
Information Security, not just an afterthought
The Intersection of IT and Audit by Leveraging COBIT 5
Using the COBIT 5 Assessment Program to Improve the Work Process Capability
COTS Acquisition: Buyers Are From Mars, Suppliers Are From Venus
Continuous Control Monitoring at SAP
What Is Blockchain and What Are the GRC Implications?
Track 3: Internal Audit: Personal Brand Enhancement Strategies
Transforming Internal Audit: The Digital Journey
Getting the Truth
Measuring Success: How to Show You Are Winning at Security (or Need More Money)
Rebranding Your Internal Audit Department
The Five Tiers of Auditor Competency: How Do You Measure Up?
Managing Your Personal Brand
Track 4: Internal Audit Core Skills Refinement
What’s Trending Now? A Look at the Top Challenges Facing the Profession
Models, Computing Tools, and Data: An Internal Audit Approach
Third-party Oversight
How to Implement a GRC Solution
The Rise of the Machines: Impact of AI on Audit and Assurance
Highly Effective Compliance Shops: Yes, They Really Can Support Internal Audit Strategy and Success
Track 1: Cyber: Risks, Controls, and Probabilities
NIST Cybersecurity Framework Assessment
Security Awareness: What Compliance Should Look Like
De-identification, Re-identification, and Anonymization of Personal Data
Digitization: What Is It? Why Is It Important to Internal Audit?
What Did We Learn From the Sony Hack Last Year? Improve Your Cybersecurity Paradigm Without Sacrificing Operational Expediency
Social Engineering: Is the Threat Real to Your Organization?
Track 2: IT Audit Core Principles
A Three Dimensional View of the GRC Universe: Aligning GRC With the Business
Using Analytics to Drive Better Ownership of Risks, Controls, and Issue Management
Are You Effectively Performing Segregation of Duties (SoD) and Sensitive Access Assessments Over Your ERPs?
Cloud Security and Privacy Audits: A 360 Degree Crash Course
Protecting Databases From Unauthorized Access
Achieving Operational Integrity in the Automated Advisory and Trading Environment, Responding to Global Regulations Through Harmonization
Track 3: Internal Audit: Personal Brand Enhancement Strategies
Influence Without Authority: The Impact of Your Actions
Marketing the Audit Function
Building Your Personal Brand
Moving the Needle From Police to Partner: Solutions to Help the Business Help Itself When the Auditor Can’t Be Present
People-Centric Skills: Crisis Management
Step Up and Stand Out: Put Your Professional Brand on Display
Track 4: Internal Audit Core Skills Refinement
COSO’s Revised ERM Framework: What’s Up?
Organizational Governance: Internal Audit’s Role
Don’t Go Topless on Risks
Keeping Good Company: Third-party Risk Management
Transforming the Fraud Risk Assessment: Assessment to Testing Model
Finding the First Domino: The Key to Root Cause
2016 Governance, Risk, and Control Conference (an IIA & ISACA collaboration)
8:30 – 9:45 a.m.
Panel Discussion: COSO ERM Framework UpdateOriginally issued in 2004, the COSO ERM framework has now been updated and released for public comment. Entitled Aligning Risk with Strategy and Performance, this revised framework builds on key foundational concepts developed in the 2004 framework but makes some new and important distinctions, improvements, and additions. Key leaders involved in the update will present this panel with a Q&A session.
GENERAL SESSION: 8:30 – 9:45 a.m.
Big Data and the Internet of Things: Boon or Bust for Your Cyber Security Efforts?Marketing databases, customer analytics, and behavioral patterns are easier to manage with big data—but will these data elements be safe from hackers? And what is the impact of the Internet of Things? Theresa Payton will explain how to harness the power of big data and build your big data to achieve business goals while adding safeguards to fight cybercriminals. She will also explain how the Internet of Things may be the ultimate driver of global change.
GENERAL SESSION: 8:30 – 9:45 a.m.
The Influence of Culture on GRCSession description still being finalized. Please visit www.theiia.org/GRC for details.
8:30 a.m. – 5:00 p.m.
COBIT® NIST Cybersecurity Framework Limited capacity: only 50 seats available!
This course is focused on the Cybersecurity Framework (CSF), its goals, the implementation steps, and the ability to apply this information. The course and exam are for individuals who have a basic understanding of both COBIT 5 and security concepts, and who are involved in improving the cybersecurity program for their enterprises.
Pre-requisites: Basic knowledge of COBIT and security concepts
After completing this workshop, you will be able to:
• Understand the goals of the CSF
• Know and discuss the content of the CSF and what it means to align to it
• Understand each of the seven CSF implementation steps
• Be able to apply and evaluate the implementation steps using COBIT 5
8:30 a.m. – 5:00 p.m.
Fraud Cases And Their Impact on Internal Auditors Limited capacity: only 50 seats available!
Using a facilitated case study approach, participants will learn how to:
• Identify fraud exposures and risks
• Detect fraud and misconduct
• Manage fraud cases – both large and small
• Document fraud for presentation to management and external parties
• Work effectively and efficiently with legal, human resources, and security specialists
• Build a fraud resource guide and investigative checklist
• Avoid common case handling mistakes
• Assist management with fraud prevention and detection efforts
Facilitator Mark Thomas, CGEIT, CRISCPresidentEscoute Consulting
Facilitator John J. HallPresidentHall Consulting, Inc.
ModeratorRobert B. HirthChairmanCOSO
PanelistJennifer BayukManaging DirectorEnterprise Risk ManagementCITI
PanelistFrank Martens Senior ManagerDirector Advisory ServicePricewaterhouseCoopers
PanelistRichard F. Chambers, CIA, QIAL, CGAP, CCSA, CRMA, President and Chief Executive OfficerThe IIA
Keynote Speaker Theresa PaytonFounder, Fortalice, LLC and Former White House CIO
Keynote Speaker Richard F. Chambers, CIA, QIAL, CGAP, CCSA, CRMA, President and Chief Executive OfficerThe IIA
10:15 – 11:30 a.m.
Agile Leadership: How to Lead Up, Across, and Down in a VUCA WorldChange is constant and today’s leaders need to think on their feet, leverage their teams’ strengths, and lead with confidence. At stake is close to a trillion dollars in lost productivity. In a world that is Volatile, Uncertain, Complex, and Ambiguous, Andrew Tarvin has helped more than 100 organizations increase efficiency through humor. Hear Andrew’s approach to using humor in the workplace to be more productive, less stressed, and happier.
Learn:
• Five traits of strong leaders
• The dangers of leadership
• How to lead anyone
Keynote Speaker Andrew Tarvin International Project Manager and Best-selling Author, Humor The Works
10:15 a.m. – 5:10 p.m. 10:15 a.m. – 5:00 p.m.
REGISTER BY JUNE 20 AND SAVE US$200!
REGISTER BY JUNE 20 AND SAVE US$200! Visit www.theiia.org/GRC to learn the latest and register.
Some sessions are still to be determined. Speakers and session titles are subject to change without notice.