There are good conferences and bad conferences. Having spent seventeen professional years attending various GRC, risk, compliance, and security conferences – most are categorized in my poor to bad category with only a handful making the good.

There are a few conferences that I deeply respect – some put on by vendors others by media or professional associations. However, there is one conference that is my must attend event every year – Compliance Week. In my opinion this is the leading GRC conference available. It attracts the best audience with the most interesting sessions derived from practical experience. While vendors attend there is no opportunity for free reign vendor fluff during the sessions. Every year I have attended I come back inspired and ready to march forward a fresh with new GRC thoughts, perspectives, and new relationships that impact my research.

I highly recommend that you attend Compliance Week’s 5th Annual Conference which will be held May 24-26, 2010 at the Mayflower in Washington D.C.

I also recommend Matt Kelly’s blog on the conference if you want to learn more what will be featured this year.

GRC Achievement Awards at Compliance Week:

This year brings something new to the Compliance Week conference – the 2010 OCEG GRC Achievement Awards. Nominations are due shortly, and I highly recommend that you consider submitting a nomination for a leading GRC program that you are aware of. If you need advice or help drafting a nomination – please let me know.

The Awards recognize the great strides that many companies, government agencies and other organizations have made in improving and integrating their approaches to governance, risk management and compliance (GRC) to achieve Principled Performance®.

Nominations are being accepted through March 21, 2010. The Awards will be presented at Compliance Week’s 5th Annual Conference, May 26, 2010, in Washington, D.C.

Awards will be presented to organizations that demonstrate achievements in any (or several) areas including:

  • Structure: Establishing a strong GRC organizational structure to ensure adequate oversight and coordination of efforts;
  • Information: Improving management, use and transparency of GRC relevant information;
  • Effectiveness: Gaining greater confidence in the effectiveness of compliance controls;
  • Processes: Coordinating risk assessment processes to develop a clearer enterprise view of risk;
  • Performance: Streamlining aspects of GRC capability to reduce cost and improve performance.

Here are some examples of achievements you may want to nominate:

  • Culture & Context: Achievement in better understanding or changing organizational culture, including ethical culture, risk culture, workforce culture and governance culture.
  • Organize & Oversee: Success in establishing a clear mission and vision for the organization’s GRC efforts, or in integrating GRC management and oversight across and throughout the enterprise.
  • Assess & Align: Successes in streamlining, coordinating, or strengthening risk assessments; or improvements in risk identification and monitoring
  • Prevent & Promote: Achievements might address improvements in effectiveness and performance in any of the core elements of an effective compliance program: Code of Conduct, Policies, Awareness & Education, Human Capital Incentives and more.
  • Detect & Discern: Successes in hotline/helpline design and operation, workforce survey or other information gathering techniques, or effective use of detective controls.
  • Respond & Resolve: Achievements might address how an organization manages investigations, implements corrective controls, or integrates GRC efforts with crisis management and business continuity efforts.
  • Monitor & Measure: Achievements in various aspects of monitoring, measuring and improving program performance, including providing assurance to the Board or oversight committees.
  • Inform & Integrate: Achievements might address any aspect of information management, technology improvement, or usage for GRC efforts, including systems for enhancing communication internally or to external stakeholders about GRC expectations and outcomes.

To apply simply send a Microsoft Word document entitled GRC Achievement Award Nomination to [email protected]. The nomination should include the following sections:

  1. Name of Project/Achievement
  2. Name of Organization
  3. Primary Contact Name/email/phone number
  4. Brief Description of Project (50-150 words per section below); should include:
    1. Challenge addressed
    2. Desired outcome(s)
    3. Process undertaken and roles involved
    4. Outcome(s) achieved, which may be operational, financial and/or other
    5. Optional – planned next steps

Nominations must be submitted by March 21, 2010, for consideration.

Award winners will be notified by April 10th and will be asked to submit a more detailed description (instructions to be provided), a number of which will be selected for review by participants at Compliance Week’s 5th Annual Conference at The Mayflower Hotel in Washington, D.C., May 24-26, 2010. Voting at the conference will determine the winners of thePeer Choice Prize for GRC Accomplishment, an additional award highlighting the “best of the best” as selected by the diverse group of GRC professionals who attend the Compliance Week conference.

The Achievement Awards will be announced at the conference and the Peer Choice Prize will be presented in a ceremony on the closing day of the conference, May 26th. OCEG and Compliance Week also will feature award recipients in future articles and webcasts.

Contact: For more information please contact OCEG at [email protected].


Upcoming Corporate Integrity Bootcamps & Workshops:

BOOTCAMP: GRC Fundamentals, Strategy, & Technology

Join Corporate Integrity, LLC in a three-day basic training exercise in GRC Fundamentals, Strategy, and Technology. Attendees will receive value in understanding and defining a GRC strategy. This bootcamp is authorized and endorsed by OCEG. The objective of this bootcamp is to provide attendees with the knowledge and hands-on practice necessary to efficiently design a GRC program. Attendees will learn about defining a GRC Strategy aligned with Red Book 2 through lectures and practical group interaction, discussions, and exercises. Others, such as technology providers and professional service firms, also benefit from understanding the issues and ap
proaches to GRC challenges that organizations across industries are grappling with.

Chicago, IL, USAGRC Fundamentals, Strategy, & Technology

Date: Wednesday, April 21, 2010 at 8:00 AM – Friday, April 23, 2010 at 5:00 AM (CT)

London, UKGRC Fundamentals, Strategy, & Technology

Date: Monday, June 7, 2010 at 8:00 AM – Wednesday, June 9, 2010 at 5:00 AM(GMT)

San Diego, CA, USAGRC Fundamentals, Strategy, & Technology

Date: Wednesday, June 23, 2010 at 8:00 AM – Friday, June 25, 2010 at 5:00 AM (PT)

New York, NY, USAGRC Fundamentals, Strategy, & Technology

Date: Monday, August 16, 2010 at 8:00 AM – Wednesday, August 18, 2010 at 5:00 AM (ET)

WORKSHOP: Effective Policy Management & Communication

Attendees of the Effective Policy Management & Communication workshop will specifically learn:

  • Defining a process lifecycle for managing policies
  • Establishing policy ownership and accountability
  • Providing consistency in policies through consistent style and language
  • Communicating policies across extended business relationships
  • Tracking policies attestation and delivering effective training
  • Monitoring metrics to establish effectiveness and/or issues with policies
  • Relating policy management to risk, issue/case, and other GRC areas

Seattle, WA, USA – Effective Policy Management & Communication

Date: May 6, 2010 – 8:00 AM to 5:00 PM (PT)

Boston, MA, USAEffective Policy Management & Communication

Date: July 13, 2010 – 8:00 AM to 5:00 PM (ET)


WORKSHOP: Developing a Risk Assessment & Management Process

Attendees of the Developing a Risk Assessment & Management workshop will specifically address answers to the following questions perplexing business:

  • Alignment of risk in the context of business.
  • Risk intelligent decision-making.
  • Establishment of risk culture and policy.
  • Risk monitoring and metrics.
  • Communication of business relevant risk information.
  • Defining ownership of risk within the business.
  • Multi-perspective risk analysis.
  • Effective risk treatment in context of business objectives.
  • Governance of risk within the business.
  • Consistent ranking and measurement of risk.

Milwaukee, WI, USADeveloping a Risk Assessment & Management Process

Date: February 31, 2010 – 8:00 AM to 5:00 PM (Central Time)

Seattle, WA, USADeveloping a Risk Assessment & Management Process

Date: May 7, 2010 – 8:00 AM to 5:00 PM (PT)

Boston, MA, USADeveloping a Risk Assessment & Management Process

Date: July 14, 2010 – 8:00 AM to 5:00 PM (ET)


Other Events Corporate Integrity is Engaged In:

Subscribe to receive notifications of future events by Corporate Integrity, LLC.

  • 3/1
    0: Research Board Conference, Atlanta, GA, USA
  • 3/23: Archer WEBINAR: GRC in Healthcare
  • 4/28: EMC/RSA/Archer WEBINAR: GRC Value Proposition
  • 5/11-13: OpenPages OPUS:
  • 5/20: Institute of Internal Auditors, Los Angeles Chapter, Risk Conference III, Los Angeles, CA, USA


GRC, Risk, & Compliance Strategy Planning

Corporate Integrity is actively engaged in helping organizations plan their risk and compliance strategies. If you need a few hours of advisory time on the phone or in person to help plan your strategic approach to risk and compliance and need to understand drivers, trends, best practices, benchmarks, assessments, and the landscape of professional services and technology providers – contact me.


Michael Rasmussen, J.D., CCEP, OCEG Fellow
Risk & Compliance Lecturer, Writer, & Advisor
[email protected]
LinkedIn · Twitter

Corporate Integrity LinkedIN Group

Leave a Reply

Your email address will not be published. Required fields are marked *