C O M P L I A N C E

Sessions will cover leading GRC practices and enabling tools, as well as assessing compliance, ethics programs and the overall ethical culture.

CS 1-3
Bells and Whistles: What You Need to Know About Governance, Risk and Compliance Technology
Greg Zimmerman, Jefferson Wells
Patti Walker, Jefferson Wells

In today’s economy, organizations are focused on process optimization and cost-reduction opportunities. For many, compliance initiatives are overly complex and highly redundant. GRC initiatives have been identified as solutions, but, often, they’re focused on the technology component rather than the reduction of the overall compliance efforts.

After this session, participants will:

• Understand the practical approaches to implementing an effective GRC solution.
• Learn how to integrate the appropriate technology with an efficient and optimized control structure.
• Understand how the technology bells and whistles offer insight and good governance.

FIELD OF STUDY: AUDITING

CS 2-3
Moving Forward: Ethical Leadership for the 21st Century
Cynthia Cooper, CooperGroup

What can each of us do to build a culture of compliance, promote ethical leadership and build strong ethical foundations that will lead to sustainable success? What are some of the common threads, root causes, and GRC lessons learned from the recent corporate scandals? What does the recent financial meltdown mean for audit and compliance professionals?

In this session, participants will learn how to:

• Take an active role to promote ethical leadership and build a strong ethical foundation that will lead to sustainable success.
• Better protect your organization and create an action plan to minimize risk and address common threads and governance lessons related to the recent corporate scandals and financial meltdown.
• Take internal audit to the next level in the fight against fraud.
• Implement practical strategies to build a culture of compliance and best of class anti-fraud program as part of the GRC strategy.

FIELD OF STUDY: BEHAVIORAL ETHICS

CS 3-3
Can Internal Auditors Really Audit Behavior? (Panel Discussion)
Mohammed Siddiqui, Hydro Ottawa Group of Companies (Moderator)
Steve Goepfert, Continental Airlines
Neeraj Kumar, Emirates Group
Sridhar Ramamoorti, Infogix
Dr. Gene Barger, Barger, Cowart & Kenney

Corporate catastrophes, from time immemorial, can be traced to uncontrollable greed, passion, arrogance, power, incompetence, dishonesty, bad judgment or a combination of these human behaviors. Auditors, regulators, whistleblower hot-lines and stringent legislation seem to have fallen short in their attempts to protect these organizations and their economies from damage.

Who could alert stakeholders "when good people deviate too far and ruin their organizations?" Do internal auditors have the skills and organizational status to identify the good from the bad behaviors’, before damage is done? Or will internal auditors remain bystanders while businesses fail due to bad behavior?

In this discussion participants will:

• Understand who should alert the stakeholders when an organization is heading into a disaster due to bad people.
• Review whether internal auditors audit ethics and behavior.
• Identify if internal auditors have the skills and organizational status to identify the good from the bad behavior.
• Understand what should be the role of regulators and governance frameworks in protecting organizations from fatal errors due to human behavior.

FIELD OF STUDY: BEHAVIORAL ETHICS

CS 4-3
The Critical Role of Internal Audit in GRC: Assessing GRC Capability, Effectiveness and Performance to Drive Business Success
Carole Switzer, Open Compliance and Ethics Group (OCEG)

In today’s global business world, a broad spectrum of economic and regulatory changes are taking us to new levels of strategic and tactical complexity; creating commensurate pressures on business performance. The modern internal auditor has a critical role to play in guiding the organization beyond traditional risk management toward a proactive integrated governance, risk and compliance (GRC) capability.

In this session, participants will learn how to:

• Be leaders in efforts to integrate and improve governance, risk management and compliance (GRC) efforts that will strengthen organizational performance.
• Contribute to the design of GRC systems that can be measured and evaluated for effectiveness and efficient performance.
• Show executives responsible for risk management, compliance and ethics activities that internal audit can help them develop metrics to improve and demonstrate the value of their programs and enable effective benchmarking.
• Use the GRC Capability Model (OCEG Red Book) and associated GRC Assessment Toolkit (OCEG Burgundy Book) to streamline and conform evaluation of GRC efforts.
• Provide reliable assurance of risk, compliance and ethics program capability, design, operation and performance to the Board.

FIELD OF STUDY: AUDITING

CS 5-3
Assessing Your Corporate Compliance & Ethics Program
Nancy Haig, Eisai Inc.

The standards have changed and internal audit MUST now evaluate the design, implementation and effectiveness of the organization’s ethics-related objectives, programs and activities. So what are ethics-related objectives, programs and activities; what is the relationship to compliance; and how do you go about assessing these functions in your organization?

In this session participants will learn to:

• Understand the relationship among compliance and ethics objectives, programs and activities.
• Work knowledgeably, comfortably and closely with the Legal and Compliance and Ethics teams.
• Develop and implement a formal internal audit program for assessing compliance and ethics objectives, programs and activities.
• Include soft audit skills, including control self-assessment (CSA) and surveys, in performance of the audit.
• Summarize and present pertinent information on these activities to management and members of the Audit Committee/Board of Directors.

FIELD OF STUDY: BEHAVIORAL ETHICS

CS 6-3
Setting Tone at Top for an Ethical Culture
Gil Radford, Verizon Wireless
Alice Brennan, Verizon Wireless

Establishing a strong corporate ethical culture, at a minimum, starts with building a foundation that encompasses senior executive ownership, a comprehensive code of conduct program coupled with continuous employee training programs and an effective compliance monitoring process.

In this session participants will learn how to:

• Set awareness and the proper tone at the top by senior management.
• Apply governance structure around their fraud compliance program.
• Establish a zero tolerance tone in code of conduct and values.
• Synergize with HR in pre-employment screening and training.
• Understand auditing services’ role in fraud prevention, detection and awareness.

FIELD OF STUDY: BEHAVIORAL ETHICS

CS 7-3
GRC: Bringing it all Together
Amy Daly, SolomonEdwardsGroup (Moderator)
Cynthia Cooper, CooperGroup
Rick Steinberg, Steinberg Governance
Richard Anderson, Richard Anderson and Associates
Carole Switzer, Open Compliance and Ethics Group (OCEG)

Today’s climate is driving the need for audit functions to create more value for their organizations. GRC is the new “buzz word” to tell us how. But what is GRC? Is it an acronym for the governance, risk and compliance programs we already have in place; software applications for making those programs more efficient; a new name for ERM; a strong culture and ethics backbone; or a holistic program to integrate and align governance, risk and compliance to drive business performance?

In this session, participants will:

• Gain perspective as to today’s definition of GRC and how GRC concepts are evolving.
• Consider how GRC concepts might be deployed based upon a company’s risk appetite and governance evolution.
• Identify the key pillars of effective GRC programs and how to apply them in an organization.
• Understand how effective and integrated GRC programs can drive business performance.

FIELD OF STUDY: AUDITING