Join the Best and Brightest - The Institute of Internal ... Documents/2017-GRC-Brochure.pdf · Stay at the Heart of the Conference Action! ... preferred rate, ... Internal Controls

2017GRC Where Governance and Risk Management Align for Impact

Be among the global leaders at this

world-class event.

Aug. 16–18, 2017

Dallas-Ft. Worth, Texas, USA

#GRCconf

2017

GR

C W

here

Gov

erna

nce

and

Risk

Man

agem

ent A

lign

for I

mpa

ct

EAR

N U

P T

O 1

8 C

PE

CR

ED

ITS

.

SA

VE

US

$200 W

HEN

YO

U

REG

ISTE

R B

Y J

UN

E 12

, 201

7!

ww

w.t

heiia

.org

/GR

C

Join the Best and Brightest at 2017 GRC.2017 Governance, Risk, and Control ConferenceChallenges and changes impact our enterprises every day. To be best prepared for the future, it is critical to stay ahead of trends and share experiences with others about effective tools and solutions. The 2017 GRC Conference is an ideal setting to immerse yourself in a dynamic gathering of leaders in business, IT, and information systems governance, risk, and control. This unrivaled event is presented by two of the most globally respected associations in our field — The IIA and ISACA®.

Advance Your Knowledge and Gain New Insights 2017 GRC offers many opportunities for you to learn proven solutions for aligning governance and risk management, which you can take back and implement at your enterprise. This conference, which sold out the previous three years, takes place Aug. 16–18 at the Gaylord Texan Resort, in Dallas-Ft. Worth, Texas, USA.

Highlights of 2017 GRC include:

• Thought-provoking speakers who share real-world experiences and solutions

• Customized learning to meet your needs

• Innovative ideas to move your enterprise and your career forward

• Networking with global professionals

• Ability to earn up to 18 CPE hours, plus 7.5 more for a pre-conference workshop

Find the Solutions You Need Choose from among 40+ sessions and workshops to gain the knowledge and skills that are most important to you. Led by globally recognized experts, sessions are grouped into four hot-topic tracks:

• Attributes for Professional Improvement and Advancement

• Privacy/Security in the Technology World

• Integrated Auditing of GRC

• Deep Dive Interactive Discussions

Stay at the Heart of the Conference Action!

Gaylord Texan Resort & Convention Center1501 Gaylord TrailGrapevine, TX 76051, USA (Dallas-Ft. Worth area)Hotel reservations: +1-817-778-1000

Enjoy a first-class experience with southern hospitality as you participate in 2017 GRC sessions and activities. Overlooking beautiful Grapevine Lake, the resort features 4.5 acres of lush indoor gardens and winding waterways.

Your 2017 GRC conference registration includes:• All general and concurrent sessions

• Complimentary continental breakfast daily

• Complimentary lunches on Wednesday and Thursday

• Welcome networking reception on Wednesday

• Conference app with presentations uploaded (when available from speaker)

Bring your coworkers! Organizations that send 4 or more employees to 2017 GRC receive a group discount. For details, contact: +1-407-937-1111 or [email protected].

Special Discounted Room Rates for IIA and ISACA Attendees! Special hotel rates of $209 per night plus tax are available if booked by Friday, July 14, 2017. To obtain the preferred rate, mention that you are attending the 2017 GRC Conference.

Some restrictions apply. See details at www.theiia.org/GRC.

Conference Members and Registration Fees Nonmembers CPE

Early Bird – register by June 12 $1,345 18

Regular – through August 12 $1,545 18

Late – after August 12 $1,645 18

Pre-conference Workshops (each) $550 7.5

Save $200 if you register by June 12, 2017!

The IIA and ISACA are registered with the National Association of State Boards of Accountancy (NABSA) as sponsors of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.learningmarket.org. IIA and ISACA certification holders are required to earn a minimum number of CPE credit hours in order to maintain their designations.

Attendees can earn up to 18 CPE hours by attending this conference and an additional 7.5 credits for attending optional Pre-conference Workshops. This IIA/ISACA conference is Group Live and does not require advanced preparation.

GRC Sold Out the Last Three Years.Space is limited — please reserve your seat soon!

Register today! www.theiia.org/GRC

3701

Alg

onqu

in R

oad,

Sui

te 1

010

Rol

ling

Mea

dow

s, IL

600

08, U

SA

370



world-class event.

Aug. 16–18, 2017


#GRCconf

2017

GR

C W

here

Gov

erna

nce

and

Risk

Man

agem

ent A

lign

for I

mpa

ct

EAR

N U

P T

O 1

8 C

PE

CR

ED

ITS

.

SA

VE

US

$200 W

HEN

YO

U

REG

ISTE

R B

Y J

UN

E 12

, 201

7!

ww

w.t

heiia

.org

/GR

C



































3701

Alg

onqu

in R

oad,

Sui

te 1

010

Rol

ling

Mea

dow

s, IL

600

08, U

SA

370

EDUCATIONAL SESSIONS

Wednesday, Aug. 16EDUCATIONAL SESSIONS

Thursday, Aug. 17PRE-CONFERENCE WORKSHOPS

Tuesday, Aug. 15EDUCATIONAL SESSIONS

Friday, Aug. 18

Track 1: Attributes for Professional Improvement and Advancement

Establishing and Maintaining an Effective Internal Audit Quality Assurance and Improvement Program: Tips, Tricks, and Tools

Stretch Yourself: Developing Internal Audit Communication Techniques for all Audiences

Chutes and Ladders of Internal Audit: How to Rise and Fall Due to Meeting or Failing to Meet Stakeholder Expectations

Critical Thinking for Results

Voice of the Customer; Stakeholders Messages From the CBOK Global Internal Audit Study

Track 2: Privacy/Security in the Technology World

NIST Cybersecurity Framework Assessment

Auditing the Cloud Environment: An Introduction

A Real-life Practical Internal Audit Approach to Cybersecurity

Hunting for Hackers: How to Turn the Table on Hackers

Operationalizing Cybersecurity With Risk-based Governance

Track 3: Integrated Auditing/GRC

How Risk Culture Affects Compliance and Internal Controls

GRC IQ: How Intelligent Is your ERP Environment?

Best Practices for Proactive IT Governance

Integrated Audits for Business Processes

Stop Fraud Before It Starts: New Guidance for Managing Fraud Risks

Track 4: Deep Dive Interactive Sessions

Data Analytics at Xerox: A Journey From Idea to Reality

Measuring Effectiveness of a Risk-focused Third-party Risk Management Program

Auditing the Cloud Environment: Advanced

Implementing ERM in a Small to Medium Enterprise

How Vanguard’s Fund Process Excellence Team Is Building an Effective Controls Culture


External Quality Assessments (EQA): The Benefits of and Leading Practices to Exceed Stakeholder Expectations

Adding Value by Managing the Perception Gap

Cultivate a Culture of Accountability: Achieve Desired Results

Why Emotional Intelligence and Critical Thinking Skills Are Essential

Getting the Boss to Listen to You: Becoming a Trusted Strategic Advisor


Cloud Computing Controls: Managing Risk

Auditing Network Devices

Cyber Resilience Framework for the 21st Century Executive

Ransomware in the Enterprise

Post-merger Cyber Considerations


COSO’s Revised ERM Framework: It’s Final!

Collaborative Risk Management: Audit and the 2nd Line of Defense

Auditing Business Continuity

The Transformational Internal Auditor: Improving Compliance by Improving Process

Outsourcing: Who Is Responsible for the Risk?


Change Management Best Practices for ERP Systems: A Case Study From Audits of Oracle E-Business Suite Installations

FCPA: Are You Risk-focused and Audit Ready?

When Life Gives You Lemons: 5 Ways to Turn GRC Struggles Into Success

Utilize the STAR Model in Auditing Governance

Diamond in the Rough: Maximizing Synergies of Global Governance and Investigation

GENERAL SESSION: 8:30 – 9:45 a.m.

The Cyber Blacklist: Top Threats and Countermeasures for Data SecurityJohn Sileo’s identity was stolen by a business insider and used to embezzle $300,000 from his clients. This destroyed Sileo’s company and consumed two precious years as he fought to stay out of jail. Combining real-world experience with years of study, Sileo became an award-winning author and trusted advisor on managing privacy and reputation in an economy plagued by digital overexposure. His story helps empower others to take control of their data exposure before it is too late.


Internal Audit in a World of ChangeLearning Objectives:

• Discuss key disrupters of change affecting internalaudit

• Identify what to audit and when in a world of changeand disrupters

• Review competencies needed to adapt to change

• Explore strategies to retain those with the neededrange of skills to conduct audits at the speed of risk

8:30 a.m. – 5:00 p.m.

COBIT® NIST Cybersecurity Framework Limited capacity: only 50 seats available!Prerequisites: Basic knowledge of COBIT and security concepts

This course is focused on the Cybersecurity Framework (CSF), its goals, the implementation steps, and the ability to apply this information. The course and exam are for individuals who have a basic understanding of both COBIT 5 and security concepts, and who are involved in improving the cybersecurity program for their enterprises.

After completing this workshop, you will be able to:

• Understand the goals of the CSF

• Know and discuss the content of the CSF and what itmeans to align to it

• Understand each of the seven CSF implementation steps

• Be able to apply and evaluate the implementation stepsusing COBIT 5

8:30 a.m. – 5:00 p.m.

ERM Can Now Work! Putting the Updated COSO ERM Framework and ISO 31000 Standards Into Practice Limited capacity: only 50 seats available!

This workshop will use the new COSO ERM Framework, with reference to ISO 31000, to discuss how we should consider risk and what it means to properly manage risk in an organization. Those responsible for facilitating risk management in their organization, or auditing a risk management activity, will find this workshop to be useful in providing a firm understanding of how risk manage-ment should be defined, structured, and executed in organizations. In addition, as all auditors use risk as the foundation for audit planning, execution, and reporting, this workshop will provide insight on how an auditor’s view of risk should be upgraded to incorporate the latest thinking embodied in these two updated projects. The workshop will use a combination of theory and small group discussion to unpack the theory into easily under-standable parts, and case studies to cover these topics.

Facilitator Mark Thomas, CGEIT, CRISCPresidentEscoute Consulting

Facilitator Doug AndersonManaging Director, CAE SolutionsThe IIA

Facilitator Charlie Wright Director, Enterprise Risk SolutionsBKD


Keynote Speaker John Sileo, CSPCEOThe Sileo Group

Keynote Speaker Larry Harrington, CIA, QIAL, CRMA, CPAVice President, Internal AuditRaytheon CompanyPast ChairmanIIA Global Board of Directors

10:15 – 11:30 a.m.

Which Leadership Quality Matters Most…With Clients and EmployeesLeaders who build trust excel at our two most important goals: create respected relationships with stakeholders and produce more work from their teams. Which trust skills matter most? Our studies say this:

1. Be transparent…show vulnerability by saying “I don’tknow,” take risks to do the right things, be consistentup and down the organization chart

2. Apologize when you should…take responsibility for allyou do right and wrong, commit to improving in thefuture

3. Hold others accountable…whether stakeholders orthose on your team, express clear expectations,recognize those who do well, and follow up with thosewho miss; keep performance discussions confidential

These same trust-building skills apply to our stakeholders, too, as small but strong indicators go a long way to believing in our competence and integrity. And those two words…competence and integrity…are in the first sentence of any auditor’s job description.

8:30 – 9:45 a.m.

Using Multiple Guidance Systems for the Governance of Enterprise ITLearning Objectives:

• Recognize the importance of having multiple“guidance systems” to navigate your GRC effortsin a holistic manner

• Learn how to leverage multiple perspectives andtechniques in balancing performance andconformance when determining GRC priorities

• Gain insight into how you can take the things you’velearned at the conference and apply them in a mannerthat truly creates value for your enterprise

Keynote Speaker Dick FinneganCEOC-Suite Analytics

10:15 a.m. – 5:05 p.m. 10:10 a.m. – 5:00 p.m.

REGISTER BY JUNE 12 AND SAVE US$200! Visit www.theiia.org/GRC to learn the latest and register.

Some sessions are still to be determined. Speakers and sessions are subject to change without notice.





Friday, Aug. 18





















































• Discuss key disrupters of change affecting internalaudit

• Identify what to audit and when in a world of changeand disrupters


• Explore strategies to retain those with the neededrange of skills to conduct audits at the speed of risk

8:30 a.m. – 5:00 p.m.





• Know and discuss the content of the CSF and what itmeans to align to it


• Be able to apply and evaluate the implementation stepsusing COBIT 5

8:30 a.m. – 5:00 p.m.









10:15 – 11:30 a.m.


1. Be transparent…show vulnerability by saying “I don’tknow,” take risks to do the right things, be consistentup and down the organization chart

2. Apologize when you should…take responsibility for allyou do right and wrong, commit to improving in thefuture

3. Hold others accountable…whether stakeholders orthose on your team, express clear expectations,recognize those who do well, and follow up with thosewho miss; keep performance discussions confidential


8:30 – 9:45 a.m.


• Recognize the importance of having multiple“guidance systems” to navigate your GRC effortsin a holistic manner

• Learn how to leverage multiple perspectives andtechniques in balancing performance andconformance when determining GRC priorities

• Gain insight into how you can take the things you’velearned at the conference and apply them in a mannerthat truly creates value for your enterprise


10:15 a.m. – 5:05 p.m. 10:10 a.m. – 5:00 p.m.







Friday, Aug. 18

















































2017 Governance, Risk, and Control Conference





• Discuss key disrupters of change affecting internal audit

• Identify what to audit and when in a world of change and disrupters


• Explore strategies to retain those with the needed range of skills to conduct audits at the speed of risk

8:30 a.m. – 5:00 p.m.





• Know and discuss the content of the CSF and what it means to align to it


• Be able to apply and evaluate the implementation steps using COBIT 5

8:30 a.m. – 5:00 p.m.









10:15 – 11:30 a.m.


1. Be transparent…show vulnerability by saying “I don’t know,” take risks to do the right things, be consistent up and down the organization chart

2. Apologize when you should…take responsibility for all you do right and wrong, commit to improving in the future

3. Hold others accountable…whether stakeholders or those on your team, express clear expectations, recognize those who do well, and follow up with those who miss; keep performance discussions confidential


8:30 – 9:45 a.m.


• Recognize the importance of having multiple “guidance systems” to navigate your GRC efforts in a holistic manner

• Learn how to leverage multiple perspectives and techniques in balancing performance and conformance when determining GRC priorities

• Gain insight into how you can take the things you’ve learned at the conference and apply them in a manner that truly creates value for your enterprise


10:15 a.m. – 5:05 p.m. 10:10 a.m. – 5:00 p.m.







Friday, Aug. 18

















































2017 Governance, Risk, and Control Conference





• Discuss key disrupters of change affecting internal audit

• Identify what to audit and when in a world of change and disrupters


• Explore strategies to retain those with the needed range of skills to conduct audits at the speed of risk

8:30 a.m. – 5:00 p.m.





• Know and discuss the content of the CSF and what it means to align to it


• Be able to apply and evaluate the implementation steps using COBIT 5

8:30 a.m. – 5:00 p.m.









10:15 – 11:30 a.m.


1. Be transparent…show vulnerability by saying “I don’t know,” take risks to do the right things, be consistent up and down the organization chart

2. Apologize when you should…take responsibility for all you do right and wrong, commit to improving in the future

3. Hold others accountable…whether stakeholders or those on your team, express clear expectations, recognize those who do well, and follow up with those who miss; keep performance discussions confidential


8:30 – 9:45 a.m.


• Recognize the importance of having multiple “guidance systems” to navigate your GRC efforts in a holistic manner

• Learn how to leverage multiple perspectives and techniques in balancing performance and conformance when determining GRC priorities

• Gain insight into how you can take the things you’ve learned at the conference and apply them in a manner that truly creates value for your enterprise


10:15 a.m. – 5:05 p.m. 10:10 a.m. – 5:00 p.m.





world-class event.

Aug. 16–18, 2017


#GRCconf

2017

GR

C W

here

Gov

erna

nce

and

Risk

Man

agem

ent A

lign

for I

mpa

ct

EAR

N U

P T

O 1

8 C

PE

CR

ED

ITS

.

SA

VE

US

$200 W

HEN

YO

U

REG

ISTE

R B

Y J

UN

E 12

, 201

7!

ww

w.t

heiia

.org

/GR

C



































3701

Alg

onqu

in R

oad,

Sui

te 1

010

Rol

ling

Mea

dow

s, IL

600

08, U

SA

370

2017GR

C W

here Governance and Risk Managem

ent Align for Impact

Be am

ong th

e

glo

bal le

aders at th

is w

orld

-class eve

nt.

Aug. 1

6–1

8, 2

017

Dallas-F

t. Worth

, Texas, U

SA

#G

RC

conf


EARN UP TO 18 CPE CREDITS.

SAVE US$200 WHEN YOU REGISTER BY JUNE 12, 2017!

www.theiia.org/GRC

Join the Best and Brightest at 2017 GRC.2017 Governance, Risk, and Control ConferenceC

hallenges and changes impact our enterprises every day. To be best

prepared for the future, it is critical to stay ahead of trends and share experiences w

ith others about effective tools and solutions. The 2017 G

RC

Conference is an ideal setting to im

merse yourself in a dynam

ic gathering of leaders in business, IT, and inform

ation systems governance,

risk, and control. This unrivaled event is presented by two of the m

ost globally respected associations in our field —

The IIA and IS

AC

A®.

Advance Your Knowledge and Gain New

Insights 2017 G

RC

offers many opportunities for you to learn proven solutions for

aligning governance and risk managem

ent, which you can take back and

implem

ent at your enterprise. This conference, which sold out the previous

three years, takes place Aug. 16–18 at the G

aylord Texan Resort, in

Dallas-Ft. W

orth, Texas, US

A.

Highlights of 2017 G

RC

include:

•Thought-provoking speakers w

ho share real-world experiences

and solutions

•C

ustomized learning to m

eet your needs

•Innovative ideas to m

ove your enterprise and your career forward

•N

etworking w

ith global professionals

•A

bility to earn up to 18 CP

E hours, plus 7.5 m

ore for a pre-conference w

orkshop

Find the Solutions You Need C

hoose from am

ong 40+ sessions and w

orkshops to gain the knowledge

and skills that are most im

portant to you. Led by globally recognized experts, sessions are grouped into four hot-topic tracks:

•A

ttributes for Professional Im

provement and A

dvancement

•P

rivacy/Security in the Technology W

orld

•Integrated A

uditing of GR

C

•D

eep Dive Interactive D

iscussions


Gaylo

rd Texan R

esort &

Co

nvention C

enter1501 G

aylord TrailG

rapevine, TX 76051, US

A

(Dallas-Ft. W

orth area)H

otel reservations: +1-817-778-1000

Enjoy a first-class experience with southern hospitality as you participate in

2017 GR

C sessions and activities. O

verlooking beautiful Grapevine Lake,

the resort features 4.5 acres of lush indoor gardens and winding w

aterways.

Your 2017 GRC conference registration includes:•

All general and concurrent sessions

•C

omplim

entary continental breakfast daily

•C

omplim

entary lunches on Wednesday and Thursday

•W

elcome netw

orking reception on Wednesday

•C

onference app with presentations uploaded (w

hen available from speaker)

Bring your cow

orkers! Organizations that send 4 or m

ore employees to 2017 G

RC

receive a group discount. For details, contact: +1-407-937-1111 or C

ustomerR

[email protected].

Sp

ecial Discounted

Room

Rates for IIA

and IS

AC

A A

ttendees! S

pecial hotel rates of $209 per night plus tax are available if booked by Friday, July 14, 2017. To obtain the preferred rate, m

ention that you are attending the 2017 GR

C C

onference.

Som

e restrictions apply. See details at w

ww

.theiia.org/GR

C.

Co

nference M

emb

ers and

Reg

istration F

ees N

onm

emb

ers C

PE

Early B

ird – register by June 12 $1,345

18

Regular – through A

ugust 12 $1,545

18

Late – after August 12

$1,645 18

Pre-conference W

orkshops (each) $550

7.5


The IIA and ISACA are registered with the National Association of State Boards of Accountancy

(NABSA) as sponsors of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Com

plaints regarding registered sponsors may be subm

itted to the National Registry of CPE Sponsors through its w

ebsite: ww

w.learningmarket.org. IIA and ISACA certification holders

are required to earn a minim

um num

ber of CPE credit hours in order to maintain their designations.

Attendees can earn up to 18 CPE hours by attending this conference and an additional 7.5 credits for attending optional Pre-conference W

orkshops. This IIA/ISACA conference is Group Live and does not require advanced preparation.

GRC Sold Out the Last Three Years.Space is lim

ited — please reserve your seat soon!

Register today! ww

w.theiia.org/GRC

3701 Algonquin Road, Suite 1010 Rolling Meadows, IL 60008, USA

370