the 2010 governance risk & compliance summit

Register by

August 14 th

Save $400

This comprehensive Governance, risk and compliance (Grc) evenT will demonsTraTe how To:

Identify a methodology to link process and •technology, effectively bridging together internal audit, risk management, information security, operations and compliance functions.

Utilize GRC to effectively execute corporate •strategy in tough economic times

Grow GRC capabilities and transform •a reactive and technologically focused approach, into a proactive and risk based approach

The 2009 Governance, risk manaGemenT and compliance summiT

Develop an Integrated Approach to Risk Management, Compliance and Corporate Governance

sepTember 29, 30 & ocTober 1, 2009John hancock hoTel & conference cenTer

bosTon, ma

Presented by: Sponsors:

Enable Your Organization to Anticipate and Manage Business Risk while More Effectively Delivering Value

Regards,

Luke VinciPresident, GSMI

Dear GRC Executive,Today’s organization is a complex multiplicity of global processes and business relationships. Organizations are struggling to identify, manage, and control Governance, Risk Management, and Corporate Compliance (GRC) across business relationships. At the 2009 Governance, Risk Management, and Compliance Conference you will learn to effectively enable your organization to anticipate and manage business risk while more effectively delivering value for the organization.

PREPARING FOR AN UNCERTAIN FUTURE

Ignoring or misunderstanding financial risks played a substantial role in creating the world financial crisis in 2008. The financial crisis has essentially undone the last decade of deregulation, and corporate leaders and legal teams will bear the responsibility of rebuilding whole industries from the ground up. Business leaders everywhere should be asking themselves what could have been done differently and what can be done in the future to avoid crisis of this proportion.

A large portion of the answer lies in the area of governance itself. Businesses need sound, ethical and well-planned building blocks on which to found their governance principles, regardless of future regulations. Implementing internal controls, breaking down communication barriers between departments and centralizing information are vital to proper corporate governance.

According to a study by The Economist Intelligence Unit, “Companies are beginning to realize that the full value of [governance] depends in large part on the policies and procedures that govern and control its use, access, analysis, retention and protection.” In a poll conducted by the EIU:

“… 77% of respondents expect … governance to be … very important to their company’s success over the next three years. As a result, many firms have begun building the foundation for … governance policies. A majority (65%) have defined policies around how information is to be stored and shared among employees and stakeholders. Furthermore, some organizations are forming formal governance bodies to create strategies, policies and procedures surrounding the distribution of information inside and outside the firm. This is a good start, but considering that 68% of respondents also expect that the complexity of their company’s information governance issues will grow over the next three years, there is little time to waste.”

ADOPT AN INTEGRATED APPROACH

GRC is often positioned as a single business activity, when it actually includes multiple overlapping and related activities within an organization including internal audit, compliance programs like SOX, enterprise risk management (ERM), operational risk, and incident management among others. Within the GRC realm, if the first element –Governance--is not in place, the second two elements -Risk Management and Compliance- become irrelevant and cannot be meaningfully achieved. Likewise, if second element --Risk Management-- is not in place then achieving Compliance becomes irrelevant and generally cannot be meaningfully achieved.

It is necessary to improve each of the elements of your organization’s GRC initiative as well as increase overall performance by breaking down communication barriers between finance, IT (Information Technology) and Legal departments. Organizations must evaluate their financial activities to ensure the correct operation of all financial processes, as well as compliance with any finance-related mandates. Learn how to strike an appropriate balance between business reward and risk. Ensure that the IT organization supports the current and future needs of the business, and complies with all IT-related mandates. Finally, tie all three components together through your organization's legal department and Chief Compliance Officer.

Join GSMI on September 29th, 30th and October 1st in John Hancock Hotel & Conference Center - Boston for the 2009 GRC Conference to learn strategies to join the movement from managing risk as a transaction or compliance activity to adding business value by improving operational decision making and strategic planning. Register today by calling 888.409.4418 or visit us at www.gsmiweb.com. I hope to see you this September!

2 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit


Adopt an

Integrated Approach

to Governance, Risk and Compliance

• Governance, risk, compliance (gRC) staff

• CFO• Chief Risk Officers• Chief Legal Counsel • Chief Compliance Officer• VPs of Risk Management• VP of Finance• Treasurers• Controllers• Director, Internal audit• Director, Operational Risk

• Manager, Enterprise Risk Management• Risk analysts• ARM• ARM-P• IT governance directors/managers •I T risk directors/managers • IT compliance directors/managers • IT Audit directors/managers • Information security directors/

managers • IT directors/ consultants

WHO SHOULd ATTEnd?Managers and executives involved in Governance, Risk Management and Compliance:

• Audit • Compliance • Governance• Risk management• Sarbanes Oxley (SOX) • Ethics • Regulatory

• Legal • Governmental affairs • IT• Accounting• Finance • Reliability • Quality assurance

involved in the followinG aReas:

Mitigate Risks and Prevent Future

Compliance Issues

venue:the 2009 GRC Conference will be held at John hancock hotel & Conference Center, Boston, Ma

accommodations: a limited number of rooms have been reserved at the John hancock hotel (located at the John hancock Conference Center) at a discount rate of $189 per night (contact the hotel by september 10, 2009 to receive the discounted rate). also, please make sure to ask for the GsMi conference rate when you call for reservations. to make reservations, call, 617 933 7700.


Agenda at a Glance

day Two - September 30, 2009

8:00 Continental Breakfast and Registration

8:45 Keynote: Stakeholder Reputation Risk: The Real Driver Behind Coordinated GRC Policies

9:40 Integrated GRC: Assurance Integration with Real ROI

10:35 Break and Refreshments

10:50 Best Practices to Achieve Results with Governance Risk and Compliance

11:35 Choosing the Right GRC Software

12:15 Networking Luncheon

Breakout sessions

1:15 it GRC: governance, Risk, Compliance - and Mobility

eRM: Utilizing ERM to Rebuild our Economy

Breakout sessions

2:15 it GRC: developing Metrics and Measures for information governance

eRM: Case Study: Putting the “R” in gRC, an enterprise Risk Management (ERM) Perspective


Breakout sessions

3:30 it GRC: GAIT for Business and IT Risk

eRM: Learn How Your ERM Strategy Can Enhance Your Company’s Value and Credit Rating

4:30 it GRC: Security By Compliance - A discussion of information Risk Management’s Greatest Challenge

eRM: iso 31000 and eRM

5:30 Adjourn

day Three - October 1, 2009

8:00 Continental Breakfast

8:30 A Measure of Success: Tools to Evaluate GRC Program Design and operation

Breakout sessions

9:15 financial GRC Case Study: Beyond Compliance: A SOX Perspective

legal GRC:Bridging the Gap between Legal and GRC


Breakout sessions

10:30 financial GRC: Mastering Financial Governance – Bridging the Gap Between SOX, Internal Audit, and Risk Management Processes

legal GRC: How the financial crisis will affect governance for corporate legal departments


1:15 Protect and Grow Shareholder Value with Best Practices and effective tool

1:45 Panel Discussion - Establishing GRC Goals and Performance Metrics


2:30 Building an Effective Whistle-blower Program - “Best mechanism to surface fraud and wrongdoing”

3: 30 Bringing it all Together: Evaluating the Results of Your GRC Program

4:30 Conference Adjourn

day One - September 29, 2009

8:30 Continental Breakfast and Workshop Registration

Breakout sessions

9:00 workshop a: Leveraging Your Compliance Program Toward Corporate governance

workshop B: Aligning ERM to Strategy through the Balanced Scorecard (BSC)

12:00 Luncheon

Breakout sessions

1:15 workshop C: Practical Application of Lead-ing Practices in Regulatory Compliance

workshop d: ERM Process Improvement

4:15 Adjourn

55 Reasons to Attend 2009 GRC Conference

1. integrateLearn from leaders in risk management, governance and compliance how to achieve compliance and insure ethical conduct while meeting general business objectives. Take lessons learned back home to your organization’s GRC silo leaders and facilitate integration among your entire company.

2. Connect Network with your peers from organizations throughout the country and around the world. Learn how others are implementing and improving GRC initiatives and programs for today’s economy. There will be ample opportunity for networking during our receptions, meals, breaks and informative sessions.

3. focus Four interactive break out tracks. Identify case studies and lessons learned to manage, measure, improve and integrate your GRC functions across all silos – IT, Financial and Legal.

4. evolve Information security is quickly evolving into information risk management. The enterprise of today can no longer rely on technology alone to protect information and information infrastructure, and requires a business approach to information risk management, governance, and compliance to be successful. Gain insight and guidance on key issues faced by enterprises today, as they mature their capabilities and transform a reactive and technologically focused approach to information security, into a proactive and risk based one.

5. saveSimplify GRC and reduce costs by managing multiple regulatory requirements with one enterprise GRC platform..



feaTured speakers

oTher speakers include:

Michael Rasmussen, President, Risk & Compliance Advisor, CORpORATE InTEGRITy, LLC

patricia Florissi, Distinguished Engineer, Strategic Initiative Leader, Governance, Risk and Compliance, EMC, InC

Chris Boswell, Director Risk and Compliance Services, CA, InC

nick Bako, CMA, Chief Risk Officer, OnTARIO LOTTERy And GAMInG

Ranga Bodla, Director, Solution Marketing, EpM And GRC. SAp, InC.

• Jason Mefford, VP of Business Process Assurance, Ventura Foods

• Brad Vorhies, Manager of Financial Controls Compliance, energy Future Holdings

• Carole L. Basri, University of Penn Law School, Corporate lawyering group llC

• Irving Kagan, Kagan Consultants

• Tony Tarantino, Phd, Author and Adjunct Professor of Finance at santa Clara uniVersity

• Dave Ingram, Senior VP, willis re

• Steven Saporito, Managing Director, Enterprise and Risk Finance Practice, willis re

• Dr. Prodyot Samanta, Managing Director, tHrideye risKinsigHts

Mark Smith, CEO & EVP Research, VEnTAnA RESEARCH

Geoffrey Buswick, Managing Director, Boston Head Office, STAndARd & pOORS CORpORATE And GOVERnMEnT RATInGS

Johannes Swanepoel, Director Enterprise Risk Management, CURA SOFTWARE


8:30 Continental Breakfast and Registration

9:00 workshop a:

leveraging Your Compliance Program toward Corporate Governancegain an understanding of various paradigms around corporate governance, risk management, and compliance (gRC). discuss the many challenges involved in aligning GRC within an organization.

Join us for this practical workshop and identify:

• How one company is working through challenges of aligning gRC;

• Resources available to help your company work through compliance challenges; and

• Various approaches for leveraging your existing compliance and risk management programs to improve corporate governance

9:00 workshop B:

aligning eRM to strategy through the Balanced scorecard (BsC)The COSO Framework describes eRM as a process that guides the achievement of strategic objectives. Because of the integral role ERM plays in strategy execution, it must be understood throughout the entire organization. the Balanced Scorecard (BSC) is a performance measurement system that communicates organizational progress in executing strategy across four perspectives (financial, customer, internal processes, learning and growth). At the core of the BSC is a strategy map that shows the strategic linkage between organizational objectives.Through integrating objectives related to addressing specific risks into the strategy map, organizations can create initiatives that make eRM an integral part of strategy execution. In this comprehensive workshop, you will experience a hands-on approach to incorporating eRM into organizational strategy through using the BSC and the strategy map that supports it.

12:00 Luncheon

1:15 workshop C:

Practical application of leading Practices in Regulatory ComplianceToday companies face the challenge of establishing a consistent set of processes, practices and systems that support external compliance and internal self-assessment. Join us for this workshop to identify leading practices that are being used by companies to create proactive programs that are sustainable and adaptable in the face of countless regulatory expectations and requirements across the physical and financial markets.

Workshop attendees will gain an understanding of the key components of a compliance program as well as gain valuable insight regarding the regulatory compliance capability maturity of their own organizations. Some specific leading practices discussed include:

• Risk Assessment Processes• Organizational Structure• Underlying Policies and

Procedures• Control and Monitoring

Mechanisms• IT Systems and Information

Management

1:15 workshop d:

eRM Process improvement Learn to benchmark your organizations enterprise risk management (eRM) structure, process, and practices with COSOs ERM Integrated Framework. This workshop will identify opportunities for improving your organizations ERM process by sharing and comparing practices with other eRM practitioners. attendees in this workshop will:

• Participate in a series of discussions on eRM challenges and strategies for sustaining the eRM process.

• Validate the ERM approach and identify any blind spots.

daY one: Pre-Conference workshops: september 29, 2009

Best Practices and Strategies from Leaders in GRC!

aGenda and speakinG faculTy

Effectively Manage and Track GRC Activities Across an Enterprise



8:45 Keynote: stakeholder Reputation Risk: the Real driver Behind Coor-dinated GRC PoliciesA key component in the emerging regime of coordinated governance, risk, and compliance (gRC) management is ensuring that the company’s business is conducted in a manner that serves its various stakeholders in an effective, compliant, and untainted fashion. a true indicator of the success or failure of this internal company effort is the company’s imputed goodwill or reputation, arguably the most valuable, yet fragile, attribute a company possesses.

This keynote presentation will explore how the imposition of recent — and the strengthening of longstanding — compliance obligations have compounded the responsibilities of professionals charged with enforcing governance, risk, compliance, audit and ethics roles. It will examine compliance measures and their practical impact on companies, due to:

• The expansive reach of the requirements

• The lack of precedents

• The emphasis on self-disclosure

• The uncertainty over due process rights in enforcement

It will further examine how these elements expose the company’s reputation to immediate risk, and how to structure a GRC culture within the organization to address these exposures in a manner ensuring that compliance issues are disseminated effectively through the organization and implemented enterprise-wide. Further, identify a coherent integrated GRC effort developed by senior management in collaboration with the governance, risk, compliance, audit, legal and ethics team to drive the entire organization to foster and protect a company’s stakeholder reputation.

9:40 integrated GRC: assurance integration with Real RoiIntegrated GRC in the Virtual, Hyper-Extended Business: Integration of GRC silos for Real ROI. Find out why integration is the key to success and why it is often the major cause of corporate governance failures as organizations transition to new business models in the virtual world. Discover new approaches for leveraging performance management and infrastructure monitoring systems to harvest empirical evidence for gRC. Learn how to reduce the cost and complexity of your company’s silo’d gRC initiatives and gain insight into new strategies, tactics and approaches to optimize your infrastructure to create real return on investment.


10:50 Best Practices to achieve Results with Governance Risk and ComplianceThis session will cover the evolution of governance, risk and compliance (gRC) management and discuss how it is being shaped by key stakeholders including consultants, regulators and end-users. Identify various approaches to GRC and highlight the strengths and weaknesses of each approach to cut through the hype and identify areas where true value can be derived today. Attendees will also learn tips and tricks to help streamline risk, compliance and audit processes.

11:35 Choosing the Right GRC softwareAssess Your Needs and Establish Evalu-ation Criteria for Finance, Operations and it

the challenges for organizations in addressing the spectrum of governance, risk and compliance (gRC) is having clarity in the requirements for ad-dressing the specific process needs across business and IT. GRC has specific needs for finance, operations and IT areas where the specific competencies across people, processes, information and technology need to be reviewed for determining the right steps for improvement. To do this successfully is to understand the evaluation catego-

ries to assess your current vendors and technologies and examine new ones. Unfortunately the majority of organizations lack the technology know-how for making improvements from monitoring to automation and control to the specific analytics and metrics required to successful with GRC. This session will provide clarity on the scope of GRC and the software that can best meet an organization needs while leveraging existing invest-ments and provide the tools for every participant to make the best decision for their organization.


BReaKout sessions Choose: it GRC or eRM

it GRC:

1:15 developing Metrics and Measures for information GovernanceInformation Governance has become a critical issue within organizations, and a key success factor for businesses. In order to effectively maintain the stewardship, integrity and security of an organization’s information infrastructure effective metrics and measures must be developed, implemented, and monitored. this session will cover the concept of enterprise metrics and measures in the context of Information Governance maturity as well as the issues that must be considered when developing, implementing and monitoring them.

Attendees will participate in an interactive session to:

• Identify current and target States on an Information Governance Maturity Model

• Discuss challenges and strategies in implementing roadmaps, metrics and reporting

• Learn about technologies that accelerate movement up information Management maturity curves

daY two: september 30, 2009

aGenda and speakinG faculTy (conTinued)



eRM:

1:15 utilizing eRM to Rebuild our economyWhat role, if any, did ERM play in the collapse of the financial markets? enterprise Risk Management can be the tool to rebuild our economy. This session will evaluate how ERM is shaping business and how to use it your advantage. You’ll hear the perspectives from rating agencies, updates on the latest S&P initiatives, tools you can use to implement ERM going forward, how financial institutions’ failures reflect on their eRM practices, and other current issues of relevance.

it GRC:

2:15 developing Metrics and Measures for information GovernanceInformation Governance has become a critical issue within organizations, and a key success factor for businesses. In order to effectively maintain the stewardship, integrity and security of an organization’s information infrastructure effective metrics and measures must be developed, implemented, and monitored. this session will cover the concept of enterprise metrics and measures in the context of Information Governance maturity as well as the issues that must be considered when developing, implementing and monitoring them.

Attendees will participate in an interactive session to:

• Identify current and target States on an Information Governance Maturity Model

• Discuss challenges and strategies in implementing roadmaps, metrics and reporting

• Learn about technologies that accelerate movement up information Management maturity curves

eRM:

2:15 Case study: Putting the “R” in GRC, an enterprise Risk Management (eRM) Perspective As compliance issues have become increasingly important and the magnitude of their consequences has escalated, the interface between governance risk and compliance has moved up in prominence not just among regulators, but among stakeholders, shareholders, and management. This session will describe how these GRC elements are integrated with a focus on the role of enterprise risk management in strategic and operational planning.


it GRC:

3:30 Gait for Business and it RiskDiscover why leading-edge chief audit executives and audit practitioners say there is no such thing as information technology (IT) risk. Discuss the relationship between business risk and IT risk. Review the methodology in the guide to the assessment of it Risk (GAIT) publication GAIT for Business and IT Risk and how it is used to ensure efficient auditing of IT. Develop a solid understanding of the gait for Business and IT Risk methodology as well as the ability to apply it.

eRM:

3:30 learn how Your eRM strategy Can enhance Your Company's value and Credit RatingReviewing the quality of enterprise risk management (eRM) programs is no easy task. Learn directly about the review process, major findings and lessons-learned, and how to integrate the review into ratings determination. Discover how others have improved the quality of their decision making by incorporating risk information directly into business and strategic planning, and link your ERM programs to driving value and improving business resiliency.

it GRC:

4:30 security By Compliance - a discus-sion of information Risk Manage-ment's Greatest ChallengeWhen most organizations today think about information protection, compliance is at the top of that list. This new level of consciousness has become both a tremendous benefit to information security professionals as well as their greatest fear. The leadership of many companies are now falling into the trap of feeling secure merely because they are compliant; however simply meeting legal and regulatory compliance requirements, does not necessarily mean that companies have fulfilled their requirements for information risk management and protection. Learn how to take advantage of the benefits created by new compliance requirements, while also overcoming the challenge of this new operating procedure.

eRM:

4:30 iso 31000 and eRMthe international risk management framework is scheduled to be published in 2009. Most risk professionals recognize the importance of a formalized framework to ensure the successful implementation of enterprise risk management (eRM). Starting with the ISO 31000 risk management process schedule, learn how to tailor ERM to the individual needs of any organization, align risk management objectives to organizational strategic goals and missions and graft eRM culture onto existing corporate culture.

5:30 Adjourn

daY two: september 30, 2009 (Continued)

BReaKout sessions - Choose: it GRC or eRM




8:30 a Measure of success: tools to evaluate GRC Program design and operation• Learn how to evaluate the design and operating effectiveness of governance, risk management, and compliance (GRC) systems

• Hear about the new procedures and criteria for GRC program design evaluation and certification

• Expand your understanding of metrics that can be used to help GRC systems contribute to business objectives

daY thRee: october 1, 2009

financial GRC:

9:15 Case study: Beyond Compliance: a sox Perspective Learn how to embed reliable control self-assessment into your organization in order to provide ongoing assurance that goes far beyond Sarbanes-Oxley Section 404 (SOx) compliance in order to achieve operational objectives and quality control over internal control. You will learn how to leverage your existing investment to achieve an embedded process that will greatly reduce costly direct testing and the non-value-add burden of SOX compliance. Moreover, this process can be used to provide ongoing assurance regarding the achievement of all company control objectives.

legal GRC:

9:15 Bridging the Gap between legal and GRCtoo often, corporate legal departments have neglected to take an active role in governance decisions and oversight, resulting in avoidable consequences. Mitigating risks and preventing future compliance issues are both dependent on setting up defensible governance policies now, before regulations force the issue. Legal departments must ensure accountability, defensibility and transparency in a company’s processes, systems, protocols, structures, operations and controls. the legal scope is growing to fulfill new roles in the realm of corporate governance. General counsel is ideally positioned within corporations to lead important decision-making processes and help

companies weather the coming regulatory storm. Identify how to utilize general counsel to help lead the way as far as implementing processes and ensuring compliance. Key points of focus of this session include:

• How legal will overlap but not duplicate work being done by records information management (RIM) and information technology (it) and corporate compliance officers

• How corporate legal departments can influence legislative decision makers to minimize the negative impacts on my company and industry

• How to build support across the organization for an expanded general counsel role


financial GRC:

10:30 Mastering financial Governance – Bridging the Gap Between sox, internal audit, and Risk Management ProcessesWith ever increasing regulations, the maturity of SOX processes, and the growing need for enhanced risk management disciplines, enabling a sound financial governance strategy has become very complex. Most finance departments currently manage these processes in disparate silos and systems that fail to provide an integrated view of audit, risk management and financial control compliance.

The convergence of financial governance disciplines provides the opportunity to streamline processes, improve risk management, and create greater transparency and visibility to financial processes, risks and controls.

• Discuss the basics and best practices of financial governance

• Provide examples of how to improve and converge the efforts of internal audit, risk management and compliance

• Offer a pragmatic approach to better implement risk management discipline across your finance business processes

legal GRC:

10:30 how the financial Crisis has and will continue to affect Governance for Corporate legal departmentsWe can be absolutely sure that the consequences of the financial crisis will reach far and wide, in the form of a fresh round of regulation and oversight that is likely to spill over into many jurisdictions, with important implications for governance and corporate legal departments. While legal’s role in governance is but one facet in a corporation, it is an essential one. It is likely that the aftershocks of the Wall Street meltdown will have lasting effects with new rules coming around governance and transparency. Identify ways in which you and your company’s legal department can be prepared for the future changes.

MoRninG BReaKout sessions - Choose: financial GRC or legal GRC

Network, Learn and Transform Your Organization!




1:15 Protect and Grow shareholder value with Best Practices and effective tools

In many organizations, risk management and strategy management are often treated as unrelated processes. . this disconnected approach often fails to take into account the impacts that risk might have on strategic initiatives. Strategy management is ultimately about creating new and sustainable value. Without an understanding of the inherent risks associated with value creation, it is difficult to get a clear picture of the strategy, or worse, no effective path to execute the strategy. Using best practices and pursuing an integrated approach to strategy and risk management, executives ensure that they are focusing on the right initiatives to drive execution of strategy and manage risk.

Avoid Letting New Strategies and Initiatives Fail

Learn why so many new strategies and initiatives often fail. Management often lacks the ability to track strategy execution, and the associated risks are not comprehensively monitored and managed.

Risk-intelligent strategic planning provides for the ability to understand and manage business performance. SAP offers a solution that integrates risk management and strategy management processes to effectively and proactively execute with a complete understanding of underlying risks.


2:30 Building an effective whistle-blower Program - “Best mechanism to surface fraud and wrongdoing”A whistle-blower function provides an important element in a more robust enterprise risk management framework:

• Helps set “tone at the top” of the organization

• Effective “detective” control

• Supplements normal information & communications systems

• Mechanism for risk monitoring

The objectives of these programs are to: • encourage ethical and legal violations

to be brought forward for prompt resolution

• minimize the organization’s exposure to damage

• let employees know the organization is serious about adherence to codes of conduct

3:30 Bringing it all together: evaluating the Results of Your GRC ProgramYour company has implemented a robust GRC program, but how do you really know if it’s designed adequately and operating effectively? Traditional audit techniques may not provide you with the full answer to that question. In this presentation, participants will gain an understanding of the following:

• Determining the scope of a comprehensive gRC audit

• Designing a maturity-based audit approach

• Gathering information on the soft aspects of a gRC program

• Reporting the results to get action

4:30 Conference adjourns

daY thRee: october 1, 2009

Adopt A

Unified

Strategy To

Improve

Governance,

Assess Risk

And Ensure

Compliance


sponsors and media parTners:

interested in sponsorship Or exhibiting opportunities?

Contact: Byron Mignanelli [email protected] or 888.409.4418

media parTners:

associaTion sponsor:

Cura enables over 200 business, government and other entities worldwide to achieve the bottom line benefits of enterprise-wide governance, risk management and compliance (GRC) and enhanced performance management, through fast implementation, easier configurability and true enterprise architecture. Cura has offices in new York, london, sydney, Melbourne and Johannesburg, and partners in 10 countries

eMC works with organizations around the world, in every industry, in the public and private sectors, and of every size, from startups to the fortune Global 500. our customers include banks and other financial services firms, manufacturers, healthcare and life sciences organizations, internet service and telecommunications providers, airlines and transportation companies, educational institutions, and public-sector agencies. eMC also provides technology, products, and services to consumers in more than 100 countries.

aP is the world’s leading provider of business software(*), offering applications and services that enable companies of all sizes and in more than 25 industries to become best-run businesses. with more than 86,000 customers in over 120 countries, the company is listed on several exchanges, including the frankfurt stock exchange and nYse, under the symbol “saP.”

sponsors:

venue:The 2009 Governance, Risk Management and Compliance Summit Conference will be held at:

John Hancock Hotel & Conference Center

40 Trinity Pl, Boston, MA 02116

(617) 933-7700

www.jhcenter.com

aCCoMModations: A limited number of rooms have been reserved at the John Hancock Hotel (located at the John Hancock Conference Center) at a discount rate of $189 per night (contact the hotel by September 10, 2009 to receive the discounted rate). also, please make sure to ask for the gsMi conference rate when you call for reservations.

to make reservations, call, (617) 933 7700

exhiBitinG and sPonsoRshiP infoRMation: To learn more about exhibiting at 2009 GRC Conference, please contact Luke Vinci at

888.409.4418 or email him at [email protected]

RegistRation: the 2009 Governance, Risk Management and Compliance summit september 29, 30 and october 1, 2009 John Hancock Hotel & Conference Center • Boston, MA

Please fill in the following information and fax back to: (619) 923-3542

name

title

department

Company

Mailing address

City state

Zip code Country (if applicable)

telephone fax

email

Payment Method:

Credit Card: q amex q visa q MasterCard q Check

Credit Card number

name on Card

expiration date

do you have any dietary restrictions (e.g. kosher, vegetarian)? q Yes q no

if so, please specify:

do you require any accommodations that require special attention? q Yes q no

if so, please specify:(e.g. wheel-chair access)

ReGistRation fee: by 7/10 by 8/14 after 8/15

Commercial

summit only q $1595 q $1795 q $1995

silver Pass: summit + 1 workshop q $2090 q $2290 q $2490

Gold Pass: summit + 2 workshops q $ 2390 q $2590 q $2790

Government non Profit

forum only q $1295 q $1495 q $1695

silver Pass: summit + 1 workshop q $1790 q $1990 q $2190

Gold Pass: summit + 2 workshops q $2090 q $ 2290 q $2490

GRouP disCounts of 5 oR MoRe:For information about group discounts of 6 or more people and Team Learning opportunities for 2009 GRC Conference, please contact Luke Vinci at 888.409.4418 or email him at [email protected]

adMinistRative note: A 10% cancellation fee on registration will be charged for cancellations received less than three weeks from the date of the conference. As speakers are confirmed six months before the event, some speaker changes or topic changes may occur in the program. GSMI is not responsible for speaker changes, but will work to ensure a comparable speaker is located to participate in the program.

CanCellation & QualitY assuRanCe:

The Global Strategic Management Institute strives to provide you with the most productive and effective educational experience possible. If after completing the course you feel there is some way we can improve, please provide us in writing with your comments on the evaluation for provided up on arrival. Should you feel dissatisfied with your learning experience and wish to request a credit or refund, please submit it in writing no later than 10 business days after the end of the training to: VP of Educational Services, GSMI, 1804 Garnet Ave #492, San Diego, CA 92109. We will evaluate individual complaints in a context of collective comments from the event.

A $300 service fee will be charged on cancellations received less than four weeks from the date of the event. A credit memo will be sent reflective of your tuition rate minus the $300 cancellation service fee. The remaining tu-ition funds will only be valid for a future conference and must be used within one year of the credit memo. If you do not cancel your registration before the day of the event, you will be charged for the full conference amount. As speakers are confirmed months before the event, some speaker changes or topic changes may occur in the program. Global Strategic Management Institute is not responsible for speaker changes, but will work to ensure a comparable speaker is located to participate in the program.

the 2010 governance risk & compliance summit

Business

key success

john hancock

enterprise

contact luke

information

vincigsmiweb

conference

real roi