UK Corporate Governance Workshop: Controls and Risk Management by Design, LONDON

In today’s complex business environment, effective internal control management is more essential than ever for strengthening corporate governance, risk management and compliance (GRC). As regulatory demands increase—in the shape of the CSRD, changes to the UK Governance Code and more—and stakeholder demands evolve, organisations face mounting pressure to maintain a complex and agile internal control framework. 

In this workshop, Michael Rasmussen, the father of GRC, will provide a strategic blueprint for internal control that supports business performance, integrates with risk and audit processes and fosters transparency in decision making. 

Today’s organisations need more than isolated controls—they need a cohesive approach that aligns with business strategy, addresses risk and ensures compliance across all functions. This workshop will guide you through the process of building an agile internal control framework that responds dynamically to regulatory changes, globalisation and operational complexity, offering real-time, 360° insights. 

Through expert-led lectures, peer collaboration and interactive tasks, you will learn how to: 

• Build a top-down as well as a bottom-up approach to internal control management that is aligned with your business objectives and values 

• Explore internal control management architecture models and how they apply to your organisation
• Discover techniques for communicating, assessing and monitoring internal controls within your business 
• Develop an internal control information architecture that aligns with business operations and processes

This workshop is ideal for GRC professionals, internal control managers, business managers with control responsibilities, executives overseeing compliance and audit personnel providing assurance on internal controls. 

Agenda

08:00-08:30 | ARRIVAL

• Breakfast & Networking

08:30-09:30 | WORKSHOP PART 1: WHAT IS INTERNAL CONTROL MANAGEMENT?

• Understanding Internal Controls in the Context of the Organisation
  • Different views of internal control throughout the organization
  • Who owns internal controls?
  • Understanding internal controls and its role in assurance to business strategy, objectives, performances, and operations
  • Workshop Project & Discussion

09:30-10:30 | WORKSHOP PART 2: FEDERATED INTERNAL CONTROL MANAGEMENT

• Blueprint for Internal Control Management Collaboration and Strategy
  • Developing an internal control committee (or herding cats), bringing together the range of GRC roles in the organisation
  • Defining an internal control management charter
  • Developing a collaborative and enterprise view of internal controls and how it relates to performance, risk, and compliance
  • Workshop Project & Discussion

10:30-11:00 | BREAK

• Coffee & Snacks

11:00-12:00 | WORKSHOP PART 3: INTERNAL CONTROL MANAGEMENT PROCESS LIFECYCLE

• Integrated Processes to Identify, Analyse, Manage and Provide Assurance on Controls
  • Internal Control Identification – Collaborative process to identify internal controls from both the bottom and the top
  • Internal Control Analysis – Defining effective and operational controls to provide assurance while mitigating risk
  • Internal Control Management – Strategies to manage controls in context of performance, risk, and compliance
  • Internal Control Communication – Assign and manage internal control ownership and accountability
  • Workshop Project & Discussion

12:00-13:00 | WORKSHOP PART 3: INTERNAL CONTROL MANAGEMENT INFORMATION & TECHNOLOGY ARCHITECTURE

• Providing an Integrated View of Internal Controls to the Enterprise
  • Developing an internal control taxonomy and attributes of internal controls
  • Mapping internal controls to objectives, risk, policy, and compliance
  • Monitoring internal controls in a changing environment
  • Technology capabilities and considerations to support internal control management
  • Workshop Project & Discussion

13:00-14:00 | LUNCH AND NETWORKING

GRC 20/20 Instructor

Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on enterprise GRC strategy and processes supported by robust information and technology architectures.  With 30+ years of experience, Michael helps organizations improve GRC strategy and processes supported by the correct GRC technology architecture. This enables organizations to align GRC with the business and deliver effective, efficient, resilient, and agile capabilities to the organization.  He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — the first to define and model the GRC market in February 2002 while at Forrester.

Workshop Host

Workiva is on a mission to power transparent reporting for a better world. We build and deliver the world’s leading cloud platform for assured integrated reporting to meet stakeholder demands for action, transparency, and disclosure of financial and non-financial data. Workiva offers the only unified SaaS platform that brings customers’ financial reporting, Environmental, Social, and Governance (ESG), and Governance, Risk, and Compliance (GRC) together in a controlled, secure, audit-ready platform. Our platform simplifies the most complex reporting and disclosure challenges by streamlining processes, connecting data and teams, and ensuring consistency. Learn more at workiva.com.