GRC 2015 US Brochure

March 17-20 Las Vegas
The premier event for SAP governance,

risk, audit, and compliance
A collaboration of SAP and SAPinsider
This education program has been

approved for 35.5 CPE credits
See page 5 for details.
www.GRC2015.com
SAPinsider Events
@InsiderGRC | #GRC2015
Overview
Join Us!
While there remains no doubt about the desire by Boards of Directors, CEOs and other senior
business leaders for the CFO and their supporting finance departments to evolve into more
strategic business partners, the certainty that this will occur is in jeopardy. What was the
major topic at last years event is now an expectation of the finance profession to have a
thorough understanding of business operations, while working alongside their line-of-business
peers to focus resources and, ultimately, define their companys strategy to meet targets for
profitable growth. While its a safe bet that tomorrows finance leaders will still be applying
the familiar skill sets of today in responding to the needs for funding capital at optimal cost,
managing an increasing burden of compliance requirements, and providing ever more
transparent and real-time reporting and forward-looking disclosure, their ability to truly become a leading enabler of
strategic direction and profitable growth, so often discussed today, remains an open question.
At Financials 2015 and GRC 2015, we will support you in better understanding your options: while advances in
technology are enabling Chief Financial Officers to provide significantly more financial data and information much
faster to other line-of-business decision makers, major gaps remain when it comes to how to effectively translate
data into analysis that those outside of the finance function can understand and use in a meaningful way. Innovate
your finance processes and supporting systems without disrupting your core duties!
This event is your opportunity to network with peers who face the same challenges you are facing and to directly
access SAP solutions experts to help you understand how you can meet your specific business goals. Learn from
other customers that went that path youre aiming for. I hope that you will join us, your industry peers, and the SAP
ecosystem in Las Vegas to engage in fruitful discussions and ensure that you are enabled for success.
Sincerely,
Thack Brown
Senior Vice President, General Manager and Global Head Line of Business Finance
SAP
Schedule
Pre-Conference
Workshops
Monday, March 16
8:00 am Registration opens
9:00 am Pre-Conference
Workshops
Main Conference
Tuesday, March 17
7:30 am
Wednesday, March 18
Thursday, March 19
Friday, March 20
Registration
8:30 am
Keynote address
8:30 am Breakout sessions
9:45 am
Refreshment break
9:45 am Refreshment break
12:00 pm Lunch
10:00 am
Breakout sessions
1:00 pm Pre-Conference
Workshops
11:15 am
Refreshment break
11:45 am Lunch
11:45 am Lunch
11:30 am
Breakout sessions
12:00 pm Speed networking
1:00 pm Breakout sessions
Lunch
12:45 pm
2:15 pm Meet the exhibitors
2:00 pm
Breakout sessions
2:15 pm Refreshment break
12:45 pm Conference
concludes
3:15 pm
Refreshment break
Keynote address
3:30 pm
4:30 pm
Refreshment break
4:45 pm
Breakout sessions
5:45 pm Cocktail hour
6:00 pm
Welcome seception
6:00 pm Ask the Experts
6:15 pm
Ask the Experts
For more information and to register, visit www.GRC2015.com or call SAPinsider at +1-781-751-8700
Overview
Pre-Conference Workshops Monday, March 16
Special three-hour Pre-Conference Workshops hosted on this day offer you the opportunity to fortify
your understanding of key SAP concepts and technologies, explore new trends and strategies, and
enhance your learning experience at the main conference. Advance sign-up is required.
Page 6
Main Conference, March 17-20 More than 90 sessions spanning 8 tracks

Track 1
2015 GRC leadership, processes, and strategy
Page 8
Track 2
Access control, role design, and segregations of duties
Page 10
Track 3
System security, IT governance, and control optimization
Page 14
Track 4
Process control, control automation, and continuous control

monitoring
Page 17
Track 5
Building, interpreting, and adding custom capabilities to GRC reports
Page 19
Track 6
Implementations, upgrades, and migrations
Page 21
Track 7
Fraud and audit management
Page 23
Track 8
GRC and regulatory updates for finance teams
Page 25
Attendee Profile
Geographic Distribution
Extensive draw from Europe, with a
smaller portion from Africa, EMEA, and
North America.
Europe
Other
Africa
Middle East
North America
Professional Services
30.7%
Consumer Products
10.7%
Software
10.0%
Oil & Gas
8.7%
Healthcare & Pharmaceuticals
7.7%
Other
6.2%
Aerospace & Defense
3.5%
High Tech & Electronics
3.5%
Telecommunications
2.5%
Banking & Finance
2.2%
Engineering, Construction & Operations
2.2%
Industrial Machinery & Components
2.2%
Utilities & Waste
1.7%
Building Materials
1.5%
Chemicals
1.5%
Public Sector
1.5%
Media
1.2%
Retail
1.2%
Passenger & Cargo Services
1.0%
83.3%
7.4%
3.7%
3.7%
2.0%
10
Industries
A wide range of industries
across multiple sectors are
represented at SAPinsider
conferences.
20
A sample list of Who

Vice President of Compliance
Compliance Manager
GRC
Professionals
External Auditor
Internal Auditor
30
Should Attend
IT Manager
System Analyst
Security Engineer
Security Specialist
Risk and Control Specialist
Overview
Educational and
Networking Opportunities
Pre-Conference
Workshops
Speed Networking
Special Pre-Conference Workshops

hosted on this day offer you
the opportunity to fortify your
understanding of key SAP concepts and technologies,
explore new trends and strategies, and enhance your
learning experience at the main conference. Advance
sign-up is required.
Ask the Experts
Pull up a chair in the Ask the Experts

area of the Exhibit Hall and spend
one-on-one time with the top
experts. Learn from their real-world
expertise and get specific insights on
topics and questions that matter to you most.
Panel Discussions
These sessions are informal,

interactive get-togethers where SAP
customers can ask panelists their
most pressing questions. Each panel
will be moderated by a subjectmatter expert. You do not need to sign up in advance
to attend, and there is no formal agenda. Just come
with your list of questions in hand.
Youve heard of speed dating

now try speed networking!
Participants will have 5 minutes to
make their initial introductions and
converse before moving on to meet
another contact. An emcee will provide instructions
and keep things moving. Forge new relationships and
build a lasting network of peers you can call on for
years to come.
Evening Reception
Interact with the best and the

brightest minds working with SAP
software. Build a lasting network of
peers and meet with leading product
and service vendors.
2 Conferences
1 Location
GRC 2015 is co-located with

Financials 2015. Registration at
one event admits you to both at
noadditional cost. Please visit
www.GRC2015.com or www.financials2015.com
fordetails.
CPE Credits
This education program has been

approved for 35.5 CPE credits.
Advance your career and keep your
certification current. Earn credits by
attending sessions offered at GRC 2015.
Pre-Conference Workshops
Join us for Pre-Conference Workshops

Monday, March 16
Special deep-dive sessions that enable you to:
Explore new trends and strategies
Enhance your learning experience at the main conference
By registering for Pre-Conference Workshops,

you can:
Attend any sessions of interest to you

Benefit from expert-led instruction, demos, guidelines, and dedicated
question-and-answer time
Gain online access to the session slides and take-homes
Participate in a networking lunch with other attendees
Morning session 9:00 am 12:00 pm

Faced with a complex SAP landscape? Tips and tricks for managing and administering your
GRC systems
Prem Balraj, SAP
Attend this session and meet directly with one of SAPs Senior GRC Support Engineers and learn tips and tricks for managing and
administering your GRC system. By attending this session, you will:
yy Hear recommendations for performance tuning and
sizing your 10.x system
yy Learn how to quickly identify the root cause of
problems and find existing solutions using SAPs new
automated note search tool
yy Equip yourself with leading practices and a better
understanding of the most effective ways to manage
users, roles, profiles, and logon data in the Central User
Administration (CUA)
yy Get practical advice for setting up distribution

parameters within your transactions to determine
where individual parts of a user master record are
maintained
yy Get answers to frequently asked support questions
and hear suggestions for logging messages in the SAP
Service Marketplace
yy Get an overview of support tools available to SAP
customers and how they apply to different GRC
applications
Pre-Conference Workshops continued on next page

Pre-Conference Workshops
Afternoon sessions 1:00 pm 4:00 pm
Running SAP Governance, Risk, and Compliance solutions on SAP HANA: A functional and
technical overview
Nesimi Buelbuel and Andreas Nissen, SAP
Attend this three-hour comprehensive session to get a solid understanding for running your SAP GRC solutions on SAP HANA.
Through lecture and live demonstration this session addresses the most important questions anyone evaluating SAP HANA must
consider, including:
yy What exactly is SAP HANA and how can it support my
existing GRC solutions?
yy What are the key steps for performing an on-premise

install and setup?
yy What GRC processes are most likely to be improved as

a result of utilizing SAP HANA?
yy What new features and functionality are now available

for SAP GRC 10.1 run on SAP HANA
yy What type of deployment scenario is best suited for

my organization: SAP HANA Enterprise Cloud,
on-premise, or SAP HANA Cloud Platform?
yy What is the time frame for getting SAP HANA up and

running?
Attendees will come away with a clear and detailed understanding of what running GRC applications on SAP HANA entails is and
how it operates from both a technical and functional perspective.
The impact of big data on finance and GRC security: How to trade IT complexity for business
agility
Manish Dharnidharka, Peter Hobson, and Frank Rinaldi, PwC
This comprehensive session will examine how big data is leading to a fundamental shift in how businesses create value. Learn
how by utilizing big data, organizations can better focus on data exploration, predictive analytics, and real-time decision making
in the areas of finance and GRC. During this comprehensive three-hour session, you will hear:
yy The types of opportunities big data creates as it relates
to SAPs finance and GRC systems
yy Practical use cases taken from real-world client
examples that cite the benefits of big data
yy How SAP Business Suite built on SAP HANA can be
used as a key technology enabler in transforming the
finance function
yy How to more efficiently perform access control and

segregation of duties (SoD) conflict analysis based on
data from multiple systems
yy Step-by-step advice for utilizing SAPs dynamic ad-hoc
reporting capability, which drives more user analysis
with less IT intervention
yy Critical lessons to minimize impact on operations and
system performance when gathering data and
performing analysis
Keynote Address
Keynote Address
Simplifying finance in an increasingly complex world
Thack Brown, Senior Vice President, General Manager and Global Head Line of Business Finance, SAP America
Panelist: Celina Rogers, CFO Magazine and Bill McNee, Saugatuck Technologies
Finance transformation has been a hot topic for the last couple of years. Finance organizations are well aware
that the time for transformation is NOW. Market complexity and volatility, the need to
create greater business value, and ever present cost and compliance pressures are driving
finance executives to change. Innovation in technology Big Data, Cloud, and the mobile,
collaborative work style of the Millennial workforce to name a few demand a fast rethinking of what constitutes a successful finance business model. In his keynote speech,
Thack Brown Senior Vice President, General Manager and Global Head Line of Business
Finance will share SAPs vision of the modern finance department. Thack will be joined
by a panel of thought leaders to look at the challenges and opportunities CFOs face today
Thack Brown
and how SAP Simple Finance offers the agility and capabilities needed to address them.
Thacks opening session is a must for finance leaders looking for a new, competitive way to
do business. Learn how you can start your journey to business transformation with SAP Simple Finance.
Track 1 Track
continued
1
2015 GRC leadership,

processes, and strategy
GRC 2015 spotlight session
SAP solutions for governance, risk,

and compliance (GRC): Product
updates, strategy, and roadmap
Kevin McCollom, SAP
Learn how SAP continues to invest in
solutions that enable customers to proactively
prevent risk events and compliance violations.
During this session:
yy Find out whats new in version 10.1
of SAP solutions for GRC and how the
latest offerings can be leveraged to
protect the value of your organization
yy View a demo of the most recent solution
added to the GRC portfolio that is
powered by SAP HANA and designed to
support the needs of internal audit teams
yy Hear real-world use case scenarios of
how leading organizations are leveraging
enhanced capabilities delivered in version
10.1 to maximize business performance
and sharpen their competitive edge
Leading security, controls, and

GRC trends for top-performing
companies: How does your
organization stack up?
Mick McGarry, KPMG
How does your organization stack up against
leading companies in the areas of security,
controls, and GRC? In this session, walk
through a maturity model that provides the
core characteristics of top-performing organizations, including what separates them from
bottom-performing organizations. Examine:
yy The two primary factors this
model is built upon, including:
An organizations process
and control "IQ"
The degree of GRC technology
adoption to support those process
and control environments
yy Top characteristics of companies in both the top and bottom
quadrants of the maturity model
yy Where your company fits into
the maturity model
yy What opportunities exist for improvement, allowing you to better
plan future roadmaps and build a
business case for wider adoption
Achieving collaborative GRC

accountability: The power of
successful communication between
the business and IT
Tracy Levine, itelligence
This session will highlight the importance of
collaboration between the business and IT
within the realm of SAP Access Control, SAP
Process Control, and SAP Risk Management
and provide a better understanding of the
communication opportunities within GRC.
yy Learn what steps you can take to
eliminate common fractures such as
overlapping responsibilities, processes
and systems, as well as gaps or other
inefficiencies from your GRC processes
yy Develop a deeper understanding of the
key stakeholders and contributors as
part of GRC, including who participates
and at what stages, why they participate, and how they perform these tasks
yy Walk through common instances of
separation of powers within GRC and key
examples of how collaboration drives
checks and balances within the system
SAP Governance, Risk, and

Compliance Think Tank: How to
improve your companys use of GRC
Alan Edmunds, EY
Whether you are in the inception stage of SAP
GRC or in a position to streamline compliance-based activities, there are plenty of
lessons to be learned and shared across
customers, system integrators, and SAP alike.
This interactive session will serve as an open
forum using Think Tank technology to allow
everyone to anonymously collaborate on
the design, implementation, and use of GRC
solutions:
yy Hear from your peers what GRC
components and features are
being used successfully and
why they were successful
Mastering the last mile of GRC:

Userengagement
Gavin Campbell, Integrc
Learn how to improve user adoption and
perception of GRC in your organization by
mastering the user experience. This session
covers both the practical processes and
technologies available to enhance your users
experience of SAP GRC solutions. During this
session:
yy Understand what drives a better
user experience, including
management reporting, mobility,
application personalization, SAP
Fiori apps, and SAPUI5 interface
yy Walk through live demos in SAP
Access Control, SAP Process Control,
SAP Risk Management, and SAP Fraud
Management and learn how a few
simple localizations can enhance
and optimize the user experience
offered by standard SAP GRC
yy Explore lessons learned on how SAP
GRC processes, like user request
workflows, can also be optimized to
ensure that they are relevant, appropriate, adopted, and supported by users
yy Identify challenges with current GRC

solutions and how to best combat them
yy Share your own ideas and tips that other
customers can then use in their own
implementations and GRC projects
Track 1 continued on next page

Track11continued
continued
Track
Panel discussion
How companies leverage SAP

solutions for GRC to safeguard
assets, prevent fraud, and comply
with complex regulations
Moderator: Kent Cowsert , KPMG ; Panelists:
Joshua Moench, MillerCoors; Michelle Womack,
Cargill; Rajashree Londhe, Johnson Controls;
Sangram Dash, eBay; Praveen Nair, Caterpillar
Attend this lively discussion to hear ideas,
experiences, and perceptions from panel
members representing various business
functions regarding opportunities companies can leverage to benefit from SAP
solutions for GRC. Discussion will focus on:
yy Strategic and tactical decisions and
alignment required for leadingclass SAP solutions for GRC
implementations and initiatives
yy Change management tactics and
tips to close the gap between
diverse business units post-rollout to
maximize ROI on GRC technologies
yy How to use strategic enablers and
tools successfully during and after a
GRC technology implementation
Panel discussion
Developing a best-in-class SAP

governance, risk, and compliance
business case and Implementation
roadmap
Moderator: Holly Marrs, Protiviti; Panelists:
Garry De Los Angeles, Juniper Networks;
Benjamin Wienand, McKesson; and Joshua
Lowy, Smith & Wesson
Attend this discussion to hear approaches
to plan and develop a successful short- and
long-term roadmap and to learn how your
company can improve and drive value from
SAP GRC Solutions. Key panel discussions
points will include:
Actionable advice for calculating

the ROI of your GRC project and
sustaining your investment
Steven Oberhauser, KPMG
This session helps you answer the critical
question: How will my SAP GRC implementation translate into financial and business
benefit? Explore a variety of case studies that
illustrate the financial and operational benefit
of SAP solutions for GRC, including:
yy A detailed look at how to measure
success using key performance indicators (KPIs) and benchmarks such as
key drivers of compliance mandates
yy How to utilize those benchmarks
to establish the business value of
your GRC initiative and assist you in
planning your own projects better
yy Critical advice to help you build
your business case and GRC
implementation budget
The SAP Harmony Project: The GRC

Program at SAP
Case study
Driving transformation Hondas

SAP journey toward global
governance, risk, and compliance
Brent Armstrong, Honda North America
During this session, learn how Honda
embarked on a journey to transform its
business operations through standardization of sales and manufacturing on a global
scale and improving internal controls with the
power of SAP. This case study will examine:
yy How Honda is transforming risk
and controls as part of a global
SAP standardization program
yy How Honda aligned risk and controls
between its internal and external audit
departments across multiple countries
yy Key challenges faced and lessons learned
as Honda moved onto a common governance, risk, and compliance platform
yy How Honda rationalized a risk
and control framework for SOX
and J-SOX compliance
Marie-Luise Wagener, SAP SE

Attend this session to learn how SAP runs SAP
solutions for GRC. During this session:
yy Learn about the key components of SAPs Governance, Risk,
and Compliance strategy
yy Hear about SAPs project strategy
and implementation
yy Understand SAPs own keys to
success in driving a globally
integrated GRC program
yy Identifying high value GRC functionality based on the GRC maturity state
yy Recommendations to define
short- and long-term roadmap
for managing compliance initiatives starting with quick wins
yy Approaches to build a successful
business case for implementing or
expanding your SAP solutions footprint
yy GRC project trends and what
companies are planning
10
Track 1 Track
continued
2
Access control, roledesign,

and segregations of duties
Hands-on lab
Hands-on lab
An introduction to using key

features in SAP Access Control 10.1
Part 1: A beginners guide to the

post-installation configuration of
SAP Access Control
Sarma Adithe and Peter Creal, SAP

This hands-on session provides step-by-step
instruction to fully utilize the new key features
in SAP Access Control 10.1, including integration with SAP Fiori. Attendees will:
yy Walk through the key steps for running
risk analysis in SAP Access Control
yy Practice conducting a firefighting
session and review a complete
summary of the activities performed
yy Step through methods for submitting and approving requests for
user access in SAP Access Control
yy Get a complete overview of available
security and audit reports included
with the SAP Access Control solution
Rethinking segregation of duties:

Where is your business most
exposed?
Erin Hughes, SAP
Changes in technology and/or the structure
of an organization can quickly cause segregation of duties (SoD) policies to become
obsolete and dated, yet many companies
fail to periodically reassess them as identifying where poor segregation of duties exist
continues to be challenging. During this
session, gain:
yy Practical advice for staying on top
of your current policies and segregation of duties rule set
Kurt Hollis, David Jayne, and Narayanan

Krishnamoorthy, Deloitte
In this hands-on session, gain expert insight in
setting up the GRC Access Control system to
perform the first risk analysis, first emergency
access, and first access request in a newly
implemented version 10.1 system. In this
session, an expert instructor guides you
through key GRC configuration tasks. You will
learn how to:
yy Utilize valuable insight from the 10.1
technical overview and architecture
yy Speed up the process of setting up
your system while learning important configuration settings based on
real customer project knowledge
yy Set up the segregation of duties and
critical action ruleset, and run your
first risk analysis for a user and a role
yy Build the end-to-end emergency
access process, including setting
up of firefighter approval
workflow and review of logs
yy Configure the first access request
workflow using the Multi-stage,
Multi-path (MSMP) framework
yy Set up periodic synchronization jobs including expert tips on
their frequency and their setup
Case study
How ConocoPhillips conducts

user access reviews and monitors
transaction usage in SAP GRC 10.0
Trevor Wyatt, ConocoPhillips
Attend this session and learn how
ConocoPhillips set up and conducted periodic
reviews with integrated transaction usage
statistics. By attending, you will:
yy Find out how the company integrated
the access control suite, access
request management, and business
role management functionality in
order for user access reviews to be
fully operational in version 10.0
yy Explore the reports that
ConocoPhillips uses to track and
evaluate transaction usage
yy Walk through ConocoPhillipss steps to
review and remediate segregation of
duties risks with its transaction usage
yy A clear understanding of the cost and

impact of access control violations
yy Tips to govern access across your entire
landscape and understand financial
exposure due to SoD violations using
SAP Access Control and SAP Access
Violation Management by Greenlight
yy Guidance on how to centralize
monitoring, investigation tracking,
and resolution of access violations

11
Track21continued
continued
Track
Hands-on lab
Case study
Case study
Part 2: An advanced guide to the

post-installation configuration of
SAP Access Control
How eBay effectively utilizes

SAP GRC 10.1 to automate and
streamline its periodic user
certification process
How Tyson Foods remediated

four million segregation of duties
conflicts without changing its
overall security design
Sangram Dash, eBay

Find out how eBay automates the periodic
user access certification process by leveraging
new enhancements to SAP Access Control.
Patrick Snodgrass, Tyson Foods

Hear how Tyson Foods assessed, managed,
and mitigated four million segregation of
duties (SoD) conflicts using SAP Access
Control. During this session:
yy Step through the key stages of

eBays latest SAP Access Control 10.1
user access review deployment
yy Understand the background

of Tyson Foodss GRC initiatives, including its recent upgrade
project and the impact on SoD
Kurt Hollis, Phillip Dunbar, and Narayanan

Krishnamoorthy, Deloitte
In this hands-on session, gain lessons and
hands-on experience performing the more
advanced configuration steps in a newly
implemented SAP Access Control 10.1 system.
An expert instructor guides you through
complex processes and tasks, such as:
yy Advanced set up of the GRC segregation of duties ruleset (SOD)
yy Setting up segregation of duty reviews
using the latest workflow functionality
yy Configuring your system to
automate periodic access reviews
yy Advanced workflow set up in
GRC including the use of Business
Rules Framework (BRF+)
Tools and techniques proven to

unify business role management
across multiple systems in SAP
Access Control 10.x
James Roeske, Customer Advisory Group
This session examines how to streamline role
management across multiple systems with
leading strategies and expert instruction to
leverage business role management (BRM)
in SAP Access Control 10.0 and 10.1. You will
learn:
yy How to build a business case for
BRM in SAP Access Control
yy What steps are required to implement and configure BRM
yy How to ensure role definitions, development, testing, and maintenance are
consistent across the entire enterprise
yy Practical advice to maintain and
report on your roles in a more
timely and organized manner
yy L earn how eBay was able to restrict the

review scope to a specific set of roles,
making the review more manageable
yy Listen in as eBay discusses the pros
and cons of using role owners or
managers as periodic access approvers
yy Hear what critical success factors
the company performed to
ensure a successful, accurate,
and complete review
Apply existing risk and compliance

processes across both SAP and
non-SAP systems with SAP Access
Violation Management
Susan Stapleton, Greenlight Technologies
This session will provide best practices
for leveraging your SAP Access Control
implementation to apply existing risk and
compliance processes across both SAP and
non-SAP systems. Through lecture and demo:
yy See firsthand how to establish a sustainable approach to
enterprise-wide access control
yy Learn how to enhance existing
mitigating controls with automated
monitoring of users who perform
conflicting transactions
yy Understand the financial exposure
that segregation of duties risks
have on the organization
yy Find out how to detect, quantify,
resolve, and prevent access risks
that can negatively impact the
bottom-line of your organization
yy Evaluate Tyson Foodss methodology for monitoring and

remediating its SoD conflicts
yy Hear how Tyson Foods defined the
scope of its remediation plan and
understand the steps the company
took to achieve its goal of remediating most of its conflicts
yy Walk through a best-practice approach
that prevents common mistakes which
can slow down your remediation efforts
Access governance for the

enterprise: Integrating identity
management with SAP Access
Control
Erin Hughes, SAP
Many customers today are looking to
combine processes for managing identities
with application governance for their enterprise applications and IT systems. Attend this
session to:
yy Receive practical guidance to properly
integrate SAP Access Control and
identity management solutions,
helping to establish an integrated
end-to-end process that automates
permission assignments in IT systems
yy Develop a deeper understanding of the
SAP identity governance and administration solution, including key integration
scenarios and deployment options
yy Find out how to employ identity
analytics for analyzing roles, users, and
activity data for purposes of performance, efficiency, risk, and compliance
yy Learn about integration of HR cloud
applications to on-premise provisioning

12
Track21continued
continued
Track
How to perform a system audit
and technical review of SAP Access
Control
Simplify and automate your review

processes with user access and
segregation of duties reviews
Kehinde Eseyin, Turnkey Consulting

A technical system review of SAP Access
Control is usually performed both pre- and
post-go-live, as well as on an ongoing basis
to ensure continuous compliance. Attend this
session to:
Dylan Hack, Deloitte

In this session, learn how your organization
can take full advantage of two underutilized
features of SAP Access Control 10.1 including
functionality for automated user access
reviews (UAR) and automated segregation
of duties (SoD) reviews. Participants will gain
insight into:
yy Learn what steps are required to

adopt a risk management approach
that evaluates the threats, vulnerability, and risk implications of a
compromise of any kind to the implemented controls in your system
yy Gain deeper insights into the
pre-conditions which must be
in place for a successful system
review of SAP Access Control
yy Walk through leading practices for
the administration and management
of batch jobs in SAP Access Control
yy Examine what is needed for the
ongoing maintenance of workflow
and approval processes
Designing and building compliant

roles within SAP GRC 10.x: How to
take the first step
Troy Konis, Turnkey Consulting
In this session, examine the key steps youll
need to take to design and build compliant
roles that work with the functionality of SAP
GRC 10.0 (and beyond) and not against it. You
will:
yy Examine proven design approaches
that leverage SAPs governance,
risk, and compliance solutions
yy Leading practices for implementing

both the UAR and SoD reviews
yy How performance tuning and decisions
about UAR and SoD review configuration options can impact your
organizations adoption of the reviews
and overall end user experience
yy How to group and rollout the UAR
and SoD reviews in staged phases,
and how your organization can
leverage multiple coordinators
to manage review responses
Choosing the best method for

emergency access management
(EAM) in SAP Access Control 10.x
Holly Marrs, Protiviti
With the latest version of SAP Access Control,
there are now two different options for
setting up firefighter review processes in
SAP Access Control 10.0/10.1: using either
emergency access management (EAM) or
workflow approval. This session will discuss:
yy An outline of the key configuration elements for each option
yy Pros and cons to utilizing log reviews
in EAM versus workflow approvals
What can SAP Access Control do

for me? An in-depth review of key
functionality and practical use
cases
James Roeske, Customer Advisory Group
Attendees of this session will gain detailed
insight into both the technical aspect as well
as realistic compliance scenarios within SAP
Access Control. Walk through:
yy A detailed explanation of what access
risk analysis (ARA), emergency access
management (EAM), access request
management (ARM), and business role
management (BRM) can do and what
compliance requirements they address
yy The little known pieces of functionality that most customers overlook
or may not have used yet, including
password self-service and segregation of duties reviews
yy A technical overview of what is involved
in the configuration and implementation of the different components
of SAP Access Control functionality
A detailed guide to building and

customizing workflows in SAP
Access Control 10.x using both
business rule framework+ (BRF+)
and MSMP
Ruth Johnson, Customer Advisory Group
Walk through the latest features and capabilities of the new workflow engine in SAP Access
Control and learn how to configure a framework for access requests. During this session,
you will explore:
yy See firsthand what a good role design

looks like in 2015 and what recent trends
will impact design considerations
yy The key Sarbanes-Oxley requirements

for emergency access, including the
new COSO 2013 guidance framework
yy The capabilities and flexibilities of the multi-stage, multi-path

(MSMP) workflow, including rules,
agents, paths, and variables
yy Get practical advice to develop

more scalable and sustainable
designs that work hand-in-hand
with your GRC investment
yy Options to incorporate SAP

Process Control continuous control
monitoring functionality to facilitate the EAM review process
yy Why SAP Access Control workflow

components cannot be migrated
but must be manually configured and how to do so
yy Learn how to overcome common design

pitfalls and gotchas that can result in
sub-optimal integration into processes
yy Undocumented tips and tricks to incorporate the business role framework+

(BRF+), initiator, and routing rules into
your MSMP workflow implementation
13
Track21continued
continued
Track
Case study
Johnson & Johnsons journey for

improving its role design on a
global level in SAP Access Control
5.3
Alka Paradtel and Lynn Reed, Johnson &
Johnson
Hear the how and why behind Johnson &
Johnsons implementation of enterprise role
management (ERM) functionality in SAP
Access Control 5.3 across its large, decentralized, global landscape. Explore:
yy The leading drivers behind Johnson
& Johnsons project, which included
the companys need for a sustainable finance access management
GRC customer networking

roundtable
SAP Access Control

Are you currently working on or are in the
planning stages and/or evaluation stages of
an SAP Access Control project? Looking to
meet with like-minded customers while at
GRC 2015? Attend our 75-minute customer
networking roundtable. There is no formal
presentation; all thats required is a willingness
to come and exchange ideas, questions, and
issues with fellow GRC attendees.
*Advanced sign-up at the session room will be
required. Seats are limited.
yy What initial elements need to be

considered before implementing
ERM, including those surrounding
key role design, role ownership,
and role governance processes
yy The companys method for identifying
business risks and defining its global rule
set as a foundational step to role design
yy Lessons learned and watch-outs
from the companys approach for
aligning the SAP global role design
while also establishing governance
around role change management
14
Track 1 Track
continued
3
System security, IT
governance, andcontrol
optimization
Practical approaches for
implementing and designing
SAPHANA security
Sachin Nayyar, Saviynt
SAP HANA offers significant capabilities and
benefits to its customers by being able to
process a vast amount of data and provide
more real-time insight to events instantaneously. This kind of speed and insight also
introduces new security challenges where
sensitive information is enabled for access on
the fly. Attend this session to:
SAP security Part 1
A beginners guide to SAP Access

Control and fundamental security
concepts within SAP ECC
Raymond Mastre, PwC
This session offers attendees with little or
no previous knowledge of SAP ECC security
the fundamentals for implementing a sound
security architecture and design. During this
session, you will:
yy Learn key risks and what steps your

organization can take during the implementation to prevent breaches to its data
yy Get a detailed overview of each

module within SAP Access Control, as
well as a live demo that highlights the
key areas that are important from an
audit and compliance perspective
yy Find out the implications implementing SAP HANA will have on

your current security landscape
yy Examine core security concepts within

SAP such as roles, profiles, authorizations, fields, and values
yy Better understand the security architecture of SAP HANA including how the
scenario for which you are using SAP
HANA will impact the security approach
yy Understand the key differences and drivers

between a task-based and job-based
security methodology and tips for choosing
the right method for your organization
Five steps for building an

effective SAP control optimization
framework
Michael Kosonog, Deloitte
Walk through five required attributes to
effectively track the SAP control optimization activities at your organization. Gather
tips and tricks for applying the appropriate
governance and organizational recommendations within your current control environment
to increase adoption and sustainability of
optimization efforts. During this session, learn:
yy How to align roles for internal audit,
business owners, and controls resources
for SAP controls optimization
yy Various approaches to controls
optimization, including top-down
and bottom-up approaches
Take home a list of standard delivered SAP

tables and ways to incorporate them into your
security approach.
SAP security Part 2
Advanced concepts for SAP Access

Control and SAP ECC security and
design
Matt Bennett, PwC
Looking for more advanced tips to enhance
your SAP Access Control implementation? In
this session, learn some of the more advanced
security concepts, settings, and options in SAP
Access Control and get detailed advice to:
yy Use the BRF+ rule engine to customize
processes, such as complex role
approvals in SAP Access Control
yy Adjust and modify the user interface of
SAP Access Control more efficiently
yy What opportunities for technology

enablement may exist in your organization, including controls automation,
controls testing, and how SAP GRC
10.1 can be used in these efforts
yy Set up and utilize business roles and link

those roles to multiple systems without the
need to go through a transport process
yy Important considerations for global

implementations and localization requirements during rollout
Take home a list of standard delivered SAP

tables and a list of security objects to secure
the user interface.
Transform your SAP organization

and deliver business value through
IDM-GRC integration and role
redesign initiatives
Peter Hobson, PwC
This session provides insight into how to
transform your global SAP security operations
through the implementation of common
tools. Gain an understanding of how the
implementation of common, global SAP roles,
processes, and automated provisioning tools
can be used to transform operations and
deliver value to business, compliance, and IT
stakeholders. Learn how to:
yy Design a single set of SAP security
roles to manage multiple business
units, locations, and SAP systems
yy Deploy an integrated identity access
management solution SAP Access
Control 10.x (IDM-GRC) to standardize
and automate the SAP access request,
approval, and provisioning processes
yy Overcome cultural and language
barriers to implement commons tools
and processes and drive organizational
transformation through initiatives traditionally considered to be IT only
yy Configure user access reviews to validate

user assignments on a periodic basis
15
Track31continued
continued
Track
Get out the rubber ducky: Keeping
SAP security clean with SAP Process
Control
Zachary Leahan, PwC
So you finally cleaned up your SAP roles
and authorizations: now how do you keep
your environment in line with your GRC and
security design policy? Attendees of this
session will understand how to leverage the
automated monitoring capabilities of SAP
Process Control to actively monitor key SAP
security and GRC metrics. Find out:
yy How to set up your data sources and the
business rules for actively monitoring
security in your SAP environment
yy How to build analytics that kick off a
remediation workflow to truly leverage
the capabilities of SAP Process Control
yy How to create an automated
control, which includes defining
the data source, applying the logic,
and assigning issue owners
Take home example business rules and BRF+
code.
Case study
Leading lessons from Pfizer:

How to successfully maintain
security processes in a mature GRC
landscape
Patricia Rothenbacher, Pfizer
Learn how Pfizer, a multinational pharmaceutical corporation that has been running
SAP GRC for 10+ years, is able to successfully
maintain its security and control environment.
yy Hear firsthand how Pfizer created a
global business governance structure to
create business ownership for its security
controls within multiple functional area
yy Find out how Pfizer ensures users are
mitigated for segregation of duties
(SODs) before access is provisioned
yy See firsthand how the company
simplified the process for creating
roles in a shared environment for
20,000+ users across the globe
yy Walk through a provisioning strategy
that includes business user access, GMP
(Good Manufacturing Practice) access,
temporary access, and critical access
Case study
How IHS approached the design,

execution, and validation of its
master data using the master data
upload generator (MDUG) tool
Diane Davis, IHS
This session will address important lessons
learned from IHSs multiple GRC solution
deployments, including its recent SAP Access
Control and SAP Process Control 10.1 upgrade
projects. During this session, learn:
yy How IHS structured its master data
and organization hierarchy
Deciphering security in SAP

Process Control 10.1 and SAP Risk
Management 10.1
Alpesh Parmar, ultimumIT
Security practices in SAP Process Control and
SAP Risk Management differ from those in
other GRC products as well as those in SAP
ERP. This session will explore:
yy The different pre-delivered roles
and second level authorizations
that exist in SAP Process Control
and SAP Risk Management
yy Key considerations the company

had to account for when designing
master data elements
yy How to customize these roles and

how doing so can either help or derail
an SAP Process Control and/or SAP
Risk Management implementation
yy How the company successfully utilized the master data

upload generator (MDUG) tool
yy Dos and donts for designing, customizing, and building your SAP Process
Control and SAP Risk Management roles
yy Recommendations for timing and

sequencing the loading and validation of data at the various stages of the
GRC implementation and upgrade
Auditing the security of an SAP

HANA implementation
yy What dependencies exist between GRC

master data and continuous control
monitoring (CCM) in SAP Process Control
Case study
How Honeywell standardized

and streamlined the global
management of risks and controls
using SAP Process Control and SAP
Risk Management
Pablo Hernandez, Honeywell
Step through Honeywells journey to creating
one consolidated view of its risks and controls
using SAP Risk Management in conjunction
with SAP Process Control. During this session:
yy Understand the key challenges the
company faced when trying to manage
its risks and controls on a global scale
yy Learn why Honeywell chose SAP
GRC solutions to address these
challenges in an effort to provide
users with one view of risk
Mariano Nunez, Onapsis

Do you know whether your SAP HANA implementation is secure? Join us to understand
the most common security threats affecting
SAP HANA implementations, including live
demonstrations of potential attacks on
insecure platforms. By attending this session,
you will:
yy Learn how to perform security audits and
vulnerability assessments of SAP HANA
environments, identifying critical security
gaps and remediation information
yy Walk through an SAP HANA security
audit cheat sheet which details several
controls on how to ensure your platform
is running securely and compliant
yy Gain a clear understanding of the potential business impact of a security breach
on an insecure SAP HANA system
Take home a list with the top 10 security
controls necessary to monitor whether an SAP
HANA platform is deployed securely.
yy Step through the companys

integrated project plan which was a
critical component of its successful
implementation of both tools
yy Listen in as the key configuration and
critical issues that were faced during
the implementation are revealed and
how the company was able to determine acceptable workarounds
16
Track31continued
continued
Track
Actionable advice for kicking off a
security role redesign project
Matt Villier, PwC
Security roles are rarely the first priority
during an SAP implementation. This session
will discuss how to approach a security role
redesign project from beginning to end. For
each phase of the project, learn how to:
yy Estimate the level of effort based on
user base and the scope of transaction codes in your design
yy Understand the types of roles
and responsibilities, and the
time commitments needed
yy Identify key tasks and decision
points, evaluating pros and cons
to the available options while
avoiding common challenges
yy Leverage tools such as SAP Access
Control to simplify your scope
of transactions and accurately
assign new roles to users
Case study
Redesigning security at Stanley

Black & Decker: How to create a
more centralized and automated
security process
Rebecca Hodge, Stanley Black & Decker
Get a picture of how Stanley Black & Decker
conducted a global redesign of security from
the ground up, resulting from manual security
processes, ineffective role design, and inconsistent security policies. Hear firsthand how
the company:
yy Revamped its customized segregation of duties rule set in SAP Access
Control so that it better aligned to
business risks and overall risk tolerance
yy Instituted a new global security governance model for all SAP environments
yy Replaced existing SAP roles
with new task-based global
roles free of SOD conflicts
yy Created a new access control architecture which included upgrading from
SAP Access Control 5.3 to version 10.0
and creating a three-tiered landscape
yy Automated manual user provisioning
processes using SAP Access Control 10.1
17
Track 1 Track
continued
4
Process control, control

automation, and
continuous control
monitoring
Best practices for continuous
control monitoring in SAP Process
Control
Jan Gardiner, SAP
Many companies are not sure how to get
started with continuous control monitoring.
Many even implement a monitoring product
without first defining what they want to
accomplish and exploring the best way to go
about it. Attend this session to:
yy Explore project approaches and
techniques for getting the most
value from continuous control
monitoring and automated testing
using SAP Process Control
yy Leverage innovations with SAP HANA
to continuously monitor big data
yy Understand how recent enhancements
simplify the rule building process
Taking the next step with your

GRC roadmap and strategy: How
to leverage SAP Process Control
to extend your SAP Access Control
investment
Marie-Luise Wagener, SAP SE
If your organization has implemented or is
adopting SAP Access Control, attend this
session to learn whats next when tasked with
the responsibility of streamlining and better
managing your GRC initiatives. Come away
from this session with a clear understanding
of:
yy Requirements and capabilities of the latest
versions of SAP Process Control, including
its architecture, framework, and key
integration points with SAP Access Control
yy Use cases that explore options for
extending the capabilities of your
GRC environment by integrating the
functions and processes of SAP Access
Control and SAP Process Control
yy How to leverage SAP Process
Control to automate monitoring
of general computer controls
Getting the most from your SAP

Process Control investment: Tips
from recent implementation
projects
Jan Gardiner, SAP
This session sheds light on new features available in SAP Process Control 10.1 and provides
examples of how other customers have leveraged them to maximize ROI. This session,
designed for those with some familiarity with
SAP Process Control, explores:
Hands-on lab
A practical guide to using key

features in SAP Process Control 10.1
Jan Gardiner and Joao Paulo Fortes, SAP
This hands-on session guides you through
an introduction to key processes youll need
to know to get the most of your SAP Process
Control system. By attending, learn:
yy How to leverage the standard delivered reports in SAP Process Control
to identify control exceptions
yy Implementation and usage tips gathered

from SAP Process Control customers
yy How to properly make changes

to controls master data
yy How you can benefit from the newest

features in SAP Process Control 10.1
yy The most effective methods for

performing self-assessments
and raising control issues
yy Best practice suggestions from SAP

consultants and solution managers
Panel discussion
Customers share their successes

and lessons learned from SAP
Process Control projects
Moderator: Jrme Pugnet, SAP
Panelists: Adam Lagacy, Caterpillar, Pablo
Hernandez, Honeywell, Diane Davis, IHS, and
Kathleen Deane, Chevron
Participate in this candid, moderated discussion with SAP customers who will share
detailed insight, best practices, and lessons
learned from their experiences so far with SAP
Process Control and SAP Risk Management.
Hear firsthand from these leading organizations: :
yy How they add business value
by successfully managing their
risks and risk responses
yy Methods to measure the success
of GRC efforts and to troubleshoot implementation challenges
yy What has and has not worked for
other companies during pre-project
business case development, project
realization, and go-live phases
yy How to leverage entry pages

in SAP Process Control, a new
feature with version 10.1
Unlocking the power of SAP

solutions for GRC to simplify risk
and compliance management
Jrme Pugnet, SAP
This session examines the range of capabilities and automation available in SAP solutions
for GRC to monitor your business on multiple
levels: risk, compliance, fraud, audit, and
business process performance. Attend and
discover ways to maximize the value of these
features, including how to:
yy Automate and standardize
processes and controls
yy Manage holistic views of risk and compliance exposures to improve assurance
yy Generate dynamic and real-time risk
and control intelligence and reporting
yy Analyze risk indicators and manage
exception-based decision making
yy
yy
yy
yy Case study
18
Track41continued
continued
Track
Case study
How The Hershey Company

leverages SAP Process Control 10.1
for continuous monitoring and
control self-assessments
Jonathan Laubenstine and Jeff Szmerda, The
Hershey Company
Like many organizations today, The Hershey
Company faces an increasingly complex
marketplace and continuously-changing risk
landscape. This session discusses how The
Hershey Company is meeting these challenges
through the use of SAP Process Control 10.1 for
continuous monitoring and self-assessments.
You will learn:
yy How to build a business case for implementing SAP Process Control and the
factors that drove The Hershey Companys decision to roll out continuous
monitoring and control self-assessments functionality within the tool
yy Key steps to building a continuous
monitoring roadmap and how to
identify which controls to implement
yy How process control surveys are used to
perform control self-assessments within
The Hershey Companys operations as well
as with key third-party business partners
yy Pitfalls to avoid and lessons learned
throughout the SAP Process
Control 10.1 implementation
Design strategies for building

organizational and process
hierarchies in SAP Process Control
10.x
Bill Smith, Deloitte
This session will explore various strategies
for designing organizational and process
hierarchies in SAP Process Control 10.X. By
attending, you will get practical advice to:
yy Effectively assess your organizations
regulatory reporting requirements,
including how to determine whether or
not your organizations current structure
will meet future regulatory and reporting
yy Evaluate the various scenarios
and options for building your
organization hierarchy
yy Build your organizational and
process hierarchies using the appropriate implementation techniques
Tips for developing an effective

automation strategy
Natalie Reuss, EY
Having a clear strategy to implement automation at your organization is a key component
of success. Attend this session for tons of
practical tips and guidance to roll out a
control automation strategy within your own
organization. You will:
yy Get valuable tips to help define
your automation strategy and
outline project goals
yy Learn how a phased approach
can help maximize the capabilities of your environment
yy See firsthand via a live demonstration
the types of automation rules which
can be utilized in SAP Process Control
yy Learn what continuous control
monitoring techniques are most
utilized in both SAP Process Control
and other tools within the GRC suite
yy Hear how other customers have successfully deployed an automation strategy
Leveraging SAP Process Control to

support the multiple compliance
frameworks
Thomas Jeschke, EY
Learn how to maximize the return of your
GRC technology investment by leveraging
SAP Process Control for multiple compliance
regulations, not just Sarbanes-Oxley. During
this session, you will:
yy Gain a functional understanding on
how SAP can support the management of compliance frameworks
from an end-to-end perspective
yy Receive instructions for assigning organizations, processes, and controls to multiple
regulations to avoid data redundancies
yy Learn how to be more efficient
by sharing control test results
with multiple regulations
Hands-on lab
How to perform the configuration,

set up, and use of SAP Process
Control
Kurt Hollis, Jessica Scott, and Rohit Kumar,
Deloitte
In this hands-on session, gain practical
instruction to perform implementation steps
of SAP GRC 10.1 with a specific focus on SAP
Process Control. An expert instructor guides
you through key processes and tasks, such as:
yy An introduction to SAP Process Control
configuration and technical architecture
yy Assessment techniques within GRC
yy Master data best practices including
setting up and configuring the
organization structures, processes,
sub processes, and controls
yy Key configurations within
SAP Process Control
yy How to enable real-time
automated monitoring within
your SAP GRC solutions
roundtable
SAP Process Control

planning and/or evaluation stages of an SAP
Process Control project? Looking to meet
with like-minded customers SAP Process
Control customers at GRC 2015? Attend our
75-minute customer networking roundtable covering the topic of SAP Process
Control. There is no formal presentation; all
thats required is a willingness to come and
exchange ideas, questions, and issues with
fellow GRC attendees who are currently or
will soon be embarking on an SAP Process
Control project.
yy Learn key considerations and limitations when setting up multiple

compliance frameworks
Take home a document that will support your
business case to get more out of your SAP
Process Control investment.
yy Design and develop custom

fields within SAP Process Control
master data hierarchies
19
TrackTrack
1 continued
5
Building, interpreting, and

adding custom capabilities
An up-to-date guide to reporting
and analytics options for SAP
solutions for GRC
How to facilitate value-adding

analytics and reports from SAP GRC
solutions
Swetta Singh, SAP

Examine the many reporting options available to view and analyze the information you
manage, monitor, and record with the latest
release of SAP solutions for GRC. During this
session, you will:
Simon Persin, Turnkey Consulting

In this session, the fundamentals of how
SAP GRC 10.1 stores information within the
systems databases across SAP Access Control,
SAP Process Control, and SAP Risk Management will be examined. By attending, you will:
yy Learn how to integrate the reporting

capabilities of SAP solutions
for GRC (version 10.1) with SAP
Business Warehouse (SAP BW)
and SAP BusinessObjects business
intelligence (BI) solutions
yy Gain a clear grasp of how data is used

within the standard reporting capabilities and how it can be configured to
support customer requirements
yy Examine what options exist to

customize reports for mobile devices
using SAP solutions for GRC with
SAP BusinessObjects Mobile 4.0
yy Walk through important considerations that users of GRC analytic

solutions should be aware of
yy Walk through a demonstration of

analytical scenarios showing data
integration and aggregation, data
quality checks, and both tactical reports
and management-level analytics
Tips for interpreting access reports:

How to create a clean, sustainable
security environment
Jonathan Pasquale, KPMG
After the installation and configuration of
a rule set in the access risk analysis (ARA)
functionality of SAP Access Control, clients
are often unsure of the next steps and how to
interpret all that data. By attending, you will:
yy Gather tips for reading and interpreting
reports and understanding what they
say about your current security design
yy Better understand what your
reports indicate about your users
and how security access should
then be mapped to those users
yy Learn how to embark on the task of
cleaning up the segregation of duties
violations that ARA is now uncovering
yy Review the available data structures in SAPs GRC solutions
yy Understand key GRC reporting requirements and how they can be met with
current functionality in SAP GRC 10.1
A detailed guide to setting up the

new reporting and analytic view in
SAP GRC 10.1
Creating custom reports in GRC:

Isit really necessary and where do
I start?
Rupesh Tyagi, Cognizant

Gain an understanding of the capabilities,
requirements, and setup of the new reporting
and analytic view (remediation view) in SAP
GRC 10.1 for both SAP Access Control and SAP
Process Control. By attending, you will:
John Livingood, Protiviti

GRC solutions come with a vast array of
standard, out-of-the-box reports, however,
depending on how the master data is setup
and the level of detail needed, customization
may be required to better manage risks or
satisfy compliance requirements. This session
will provide step-by-step guidance to:
yy Get tips for setting up a consolidated view of segregation of

duties risks in your system
yy Examine the prerequisite which needs
to be activated in system to make the
remediation view work correctly
yy Take full advantage of the

standard reporting capabilities that come with SAP GRC
yy Learn how to configure your system

so corrective actions can be triggered
directly from your reports
yy Determine when standard reports

will not be sufficient and how
customizations can be added to
meet organizational needs
yy Get to know the common errors

encountered during configuration of the remediation view
and how to resolve them
yy Build custom reports that assist

with SAP security remediation,
redesign efforts, and more
yy Maximize reporting capabilities with key
critical design and configuration considerations such as naming conventions
and setting up your GRC master data

20
Track51continued
continued
Track
Designing a user-friendly, front-end
web interface for your GRC reports
to improve the user experience
Kyle Kitsch, PwC
Attend this session for an in-depth look at
design and customization techniques for the
GRC front-end web interface (SAP NetWeaver
Business Client). You will learn how these
techniques can be utilized to enhance the
GRC user experience. This session will walk
through:
yy Steps for designing a user-friendly
front-end web interface to allow
for easy access and navigation by
the end user community, from an
everyday user to GRC administrators
yy Tips and tricks that will allow your
business to fully realize reporting
capabilities and support processes
through the GRC front-end web client
yy Leading practices for setting up custom
t-codes and queries within SAP to allow
users to perform a number of functions,
including access custom reporting
A detailed look at the new risk

report application in SAP GRC
Jochen Thierer and Daniel Welzbacher, SAP
Senior executives require a constant update
on critical risks and an overview on the legal
and regulatory compliance to ensure the
success of their company. Attend this session
to:
yy Learn how the new SAP GRC Enterprise Risk Report Fiori application
aggregates data from multiple sources,
including SAP Process Control and SAP
Risk Management, to provide a holistic
view of risk and compliance status
yy Obtain information about new risks
which may emerge, for example,
through a shift in strategy, operations, or competitive landscape
yy Learn key considerations for implementing this application and how to
ulitize it to better meet the GRC expectations of your executive team
21
Track 1 Track
continued
6
Implementations,
upgrades, and migrations
SAP Access Control in the cloud:
Implementation considerations,
best practices, and lessons learned
Chris Radkowski, SAP
Attend this session to uncover the latest
capabilities of SAP Access Control run in the
cloud. During this session, examine:
yy The available cloud deployment
options for SAP Access Control
yy How the new cloud-based capabilities of SAP Access Control can automate
and accelerate your process for
detecting, remediating, and preventing
access risk and fraud violations
yy Steps for building a secure and
trusted cloud computing infrastructure for SAP Access Control
yy Lessons learned from recent customer
implementations of SAP Access
Control in the cloud including key
challenges and resolutions
yy Practical advice for building a
business case for SAP Access Control
in the cloud with key use cases
A technical primer: Step-by-step

guidelines for upgrading your GRC
solutions
Ankur Baishya, SAP Labs
Attend this unique session and get technical
guidance from an expert on SAP solutions
for GRC 10.1 implementations and upgrades.
Examine how to:
yy Prepare your system landscape and
architecture for the upgrade
yy Arm yourself with a detailed understanding of the key success factors
and best practices for an implementation or upgrade
yy Execute the upgrade with a
proven step-by-step process for
migrating from previous releases
yy Customize the user interface and leverage other available
standard SAP tools
yy Overcome and avoid common potential technical pitfalls by learning from
successful customer approaches
Panel discussion
SAP Access Control customers share

their implementation successes and
lessons learned
Moderator: Erin Hughes, SAP
Panelists include: Tammy Holiness, Alagasco
Todd Rhodes, The Andersons, Inc , and Erin
Kucharczuk, Stanley Black and Decker
Participate in this candid, moderated discussion with SAP customers who will share
detailed insight, best practices, and lessons
learned from their experiences with SAP
Access Control. Find out how these leading
organizations are working to:
Case study
yy Automate the process of analyzing

users and roles for segregation
of duties (SoD) and critical access
risks and moving to a preventative rather than reactive approach
Lessons from Honeywells use

of SAP Access Control 10.1 as an
enabler of its risk-based security
methodology
yy Measure the success of GRC efforts

and troubleshoot implementation
challenges through the pre-project
business case development, project
realization, and go-live phases
yy Reap the benefits of including SAP
Access Control in their initial SAP
ERP implementation to immediately address security risk
Case study
How Bridgestone prepared and

built a case for its SAP Access
Control 10.1 upgrade project
Tim Holleman, Bridgestone
This session will provide attendees with
examples of how Bridgestone planned a
successful SAP Access Control 10.1 upgrade
business case, including:
Tom LaBonte, Honeywell

Hear how Honeywell implemented and
continues to use SAP Access Control 10.1,
including Access Risk Analysis (ARA), access
request management (ARM), and emergency
access management (EAM). Explore how to:
yy Globally deploy and maximize the potential of ARM in SAP Access Control 10.1
yy Configure your system to
set up multiple alerts
yy Manage financial segregation of duties violations within a
role-based authorization concept
that is fully automated using ARM
yy Create reports to assist with
audit and compliance specifically, how to monitor what you did
do versus what you could do
yy How the company was able to identify

and determine what functional improvements were required for its system
yy Steps for establishing the timeline for
the project so as not to conflict with
any other critical ongoing tasks
yy Bridgestones strategy for effectively developing its deployment
plan by focusing on quick wins
yy KPIs needed to be considered
when planning the upgrade
22
Track61continued
continued
Track
Auditing the security of an SAP
HANA implementation
Mariano Nunez, Onapsis
Do you know whether your SAP HANA implementation is secure? Join us to understand
the most common security threats affecting
SAP HANA implementations, including live
demonstrations of potential attacks on
insecure platforms. By attending this session,
you will:
yy Learn how to perform security audits and
vulnerability assessments of SAP HANA
environments, identifying critical security
gaps and remediation information
yy Walk through an SAP HANA security
audit cheat sheet which details several
controls on how to ensure your platform
is running securely and compliant
yy Gain a clear understanding of the potential business impact of a security breach
on an insecure SAP HANA system

roundtable
SAP Risk Management

planning and/or evaluation stages of an
SAP Risk Management project? Looking to
meet with like-minded customers while at
issues with fellow GRC attendees.
SAP and Concur travel solutions: An

overview
Debbie Peake, SAP Labs
This session provides an up-to-date overview
of SAP travel solutions including the Concur
offering. Attend this session and:
yy See firsthand what the new SAP Travel
Management with SAP Fiori UI looks
like and learn how you can leverage it
yy Understand the status of SAP Travel
Management ERP, the SAP Cloud for
Travel and Expense solution, and the
strategy around these solutions
yy Get an overview of the Concur products
for business travel, including the expense
solution, an online booking component
See a demo of the Concur Messaging
Tool, a Travel/HR risk management tool.
Take home a list with the top 10 security

controls necessary to monitor whether an SAP
HANA platform is deployed securely.
23
Track 1 Track
continued
7
Fraud and audit management

Reduce auditing expenses and
improve the efficiency of your
GRC landscape using SAP Audit
Management
Bruce McCuaig, SAP
Attend this session and learn how SAPs new
audit management tool provides support for
the end-to-end audit cycle. Get recommendations and strategies to:
yy Enable the assessments of risk
for purposes of audit planning
to ensure audits are aligned with
business risks and objectives
yy Successfully utilize business controls
to plan and conduct audits
yy Drive internal audits from risks
identified by the business
yy Streamline communication
with executive management
and the audit committee
Hands-on lab
How to speed up audit processing

with SAP Audit Management
James Chiu, SAP
This hands-on session explores practical,
step-by-step advice for managing resources,
schedules, tasks, and remediation activities
using SAP Audit Management. Participants
will gain practical experience and proficiency
that can be put to immediate use back at the
office, including lessons to:
yy Create, process, and manage audit plans
yy Integrate auditing activities
across multiple applications for
different business requirements
yy See firsthand what new enhancements are available for internal audit risk
management as part of SAP GRC 10.1
How to detect and investigate fraud

for improved financial processes
Toms Kong, SAP
With the amount of data growing exponentially every day, this session will explore how
SAP Fraud Management can help you keep
up with changing behaviors and patterns in
fraud and misuse of financial data and assets
to ensure that your operations run efficiently.
During this session, you will:
yy Gain in-depth understanding of
how to identify unknown fraud
patterns that arent detected by
current detection methods
yy Understand the planning, scoping, and
realization, as well as the integration
aspects into the GRC solution portfolio
not only from an IT perspective,
but also from a business perspective
yy Learn firsthand from experts about the
top technical tips and tricks and how
to take your project and audit activities to the next level, including how SAP
InfiniteInsight for predictive analytics
complements SAP Fraud Management
How to keep your SAP Process

Control system compliant: Key
things your auditor is looking for
Don OHair, EY
This session will provide detail on how
companies using SAP Process Control can
leverage the functionality to further improve
the efficiency and effectiveness of your next
audit.
yy Understand all the functionality available in SAP Process Control that will
help to speed up the time it takes for
your external audit to be completed
as well provide your auditors with
visibility into the managements
of SOX activities and results

roundtable
SAP Audit Management

planning stages and/or evaluation stages of
an SAP Audit Management project? Looking
to meet with like-minded customers while at
issues with fellow attendees surrounding the
topic of SAP Audit Management.
Strategies for a successful external

audit alignment: From project
inception through the post-go-live
phase
Shivraj Patil, EY
For most implementation and upgrade
projects, managing compliance needs
while balancing budget and operational
constraints can be particularly challenging;
this may be driven by one or many factors.
This session will:
yy Discuss key compliance challenges
faced by organizations going through
people, process, or technology changes
yy Provide proven strategies to
manage external audit alignment
and expectations throughout the
project lifecycle and beyond
yy Examine key lessons learned during
external audit alignment activities
yy Divulge key benefits of optimally
planning the audit alignment activity
and impact on cost and sustainability
yy Discuss exception scenarios and key
audit management strategies
yy Get tips for developing a benchmarking

strategy that will demonstrate not only
what controls are being monitored
but how you are monitoring them
yy Learn what steps you can take to proactively address PCAOB comments
BEFORE your auditors arrive leveraging
SAP Process Control functionality

24
Track71continued
continued
Track
Tactics and procedures to
successfully audit segregation of
duties in SAP
How to enhance your internal

audit function with SAP Audit
Management
Vincent Calabrese, KPMG

Segregation of duties (SoD) continues to be
a challenge for companies faced with audit
requirements and auditing segregation of
duties for SAP can be quite complex and
technical. This presentation will provide:
Bruce McCuaig, SAP

Attend this session and learn how to exploit
the full capabilities SAP Audit Management
to streamline the internal audit cycle and
expand the capabilities of the internal audit
function beyond the core traditional audits.
yy Top procedures for auditing SoD,

regardless of the tool you are using
yy Leading practices for bringing together
both the IT and Financial auditors
through the SoD auditing process
yy A key listing of the key documentation requirements that are needed
to support your SoD audit
yy Tips for validating SoD rule set
and minimizing false positives
Successfully integrate SAP Audit

Management with the SAP GRC
solution portfolio
Shola Oguntunde, EY
This session offers expert tips to streamline
internal audit engagements and help build
a business case for investing in the new SAP
Audit Management system. By attending,
youwill:
yy Gain a solid understanding
of the functionality within
SAP Audit Management
yy Get tips on leveraging the integration between SAP Audit Management
and SAP Fraud Management for
data analytics and continuous
transaction monitoring
yy Learn how to leverage the integration
between SAP Audit Management and
SAP Risk Management specifically for
risk assessment and planning activities
yy Explore the integration capabilities
that exist between SAP Audit Management and SAP Process Control
yy Learn how to enable the internal

audit cycle, from scoping to reporting,
with SAP Audit Management
yy Get real-world advice on how to set up
an audit plan in SAP Audit Management

roundtable
SAP Fraud Management

planning stages of an SAP Fraud Management project? Looking to meet with
like-minded customers while at GRC 2015?
Attend our 75-minute customer networking
roundtable. There is no formal presentation;
all thats required is a willingness to come and
exchange ideas, questions, and issues with
fellow attendees surrounding the topic of SAP
Fraud Management.
yy Understand the key integration

points between SAP Audit Management and SAP Process Control and the
value derived from the integration
yy Understand the reporting capabilities
available in SAP Audit Management
How to perform a system audit

and technical review of SAP Access
Control
Kehinde Eseyin, Turnkey Consulting
A technical system review of SAP Access
Control is usually performed both pre- and
post-go-live, as well as on an ongoing basis
to ensure continuous compliance. Attend this
session to:
yy Learn what steps are required to
adopt a risk management approach
that evaluates the threats, vulnerability, and risk implications of a
compromise of any kind to the implemented controls in your system
yy Gain deeper insights into the
pre-conditions which must be
in place for a successful system
review of SAP Access Control
yy Walk through leading practices for
the administration and management
of batch jobs in SAP Access Control
yy Examine what is needed for the
ongoing maintenance of workflow
and approval processes
25
Track 1 Track
continued
8
GRC and regulatory updates

forfinance teams
GRC for finance teams: How to
identify and resolve key areas
of risks within your financial
processes
Stephanie Gruber, SAP America
Finance professionals continue to be under
pressure to not only manage ever-changing
regulatory requirements, but to do so with
fewer and fewer resources. This session will
illustrate:
yy How SAP solutions for GRC can help you
do more with less by monitoring end-toend business processes and alerting you
to high-risk areas and control exceptions as well as suspicious activity
yy What steps you can take to transform your organizations approach
from manual and reactive to an
automated and proactive approach
yy How to gain timely insights into key
areas of risks within financial processes
and techniques for process improvement and corrective actions
Key processes, risks, and controls

for financial control compliance in
SAP
Sandeep Malik, PwC
Gain an understanding as to why the
monitoring of financial controls is critical to
reduce financial risk and accuracy of financial
statements and how failure to do so can derail
the financial compliance effectiveness of an
organization. As an attendee, you will:
yy Get leading practices to effectively utilize SAP Process Control
to attain better confidence around
the health of financial statement
yy Understand the full scope of an
automated monitoring framework
(AMF), including its limitations, pitfalls,
and leading practices for managing
yy Learn how enabler technologies like
SAP HANA can assist in the management of financial data monitoring
Stop money from walking out

the door: Tips for creating
controls to monitor the
purchasing and accounts payable
processes
Jamie Levitt, PwC
Internal mistakes, fraud, and vendor
inconsistencies can wreak havoc on your
accounts payable and purchasing activities. Understand how to implement both
standard ERP and SAP GRC functionality
to solve these common problems. Attend
this session to:
yy Learn the common business problems
associated with the payables process
yy Find out how to utilize configurations, continuous control analytics,
and continuous transaction analytics
to better control key processes, save
costs, and avoid identified pitfalls
yy Reduce the effort required for controls
analytics and at the same time,
achieve business process improvements and compliance objectives
yy Identify ways to achieve ROI by utilizing
existing technology investment in
SAP or other GRC technologies
Mitigate risks and continuously

monitor controls within the recordto-report process using SAP Process
Control
Brian Perotto, PwC
Understanding your risks and appropriately
designing configurable controls to mitigate
these risks is instrumental to your financial
statement reporting process. In this session,
you will learn:
Leveraging analytics and data

visualization techniques for
performance and compliance
analysis and auditing
Brian Greenberg, KPMG
Organizations continue to do more with less.
It is important to identify ways to continually
improve audit coverage and effectiveness to
protect your organizations not only from a
compliance perspective, but from a business
performance perspective. This session will
provide:
yy Insights into the most current
trends in data, analytics, technology,
and continuous monitoring
yy Expert techniques for incorporating
data analytics and data visualization techniques in the audit process
from planning and scoping to
execution through reporting
yy Critical advice for transforming
analytical results into business
insights utilizing analytics
yy The most common risks in the record-toreport process and SAP configurations
to manage and mitigate these risk
yy How SAP configurations can save
the business time and money when
leveraged in lieu of or in combination with manual controls
yy How companies that have implemented
continuous controls monitoring (CCM) tools
are able to streamline control and compliance activities for these key configurations
yy How SAP Process Control provides an
end-to-end, workflow-driven solution
for issue identification and remediation
26
Track81continued
continued
Track
Cost-efficient options to address
compliance in SAP ERP Financial
projects: How to do more with less
Comply with FASB/IASB lease

accounting standards utilizing
SAPReal Estate Management
Mithilesh Kotwal, Protiviti

Many organizations are managing to tighten
budgets and deadlines, and very often,
compliance requirements are addressed
toward the end of SAP projects or even after
go-live. This presentation will include how
tos and lessons learned surrounding the
most critical SAP governance and compliance
requirements that should be addressed in SAP
projects, including:
Tom Anderson, SAP

A challenging economic environment is
forcing organizations to closely examine
massive real estate-related expenditures
incurred through the entire real estate
lifecycle. This presentation will provide:
yy A full review of the most

common compliance risks
surrounding SAP projects
yy How to build your own interim tools to
ensure compliance requirements are still
addressed until a more comprehensive
tool like SAP GRC can be implemented
yy Critical SAP security requirements
and options to help minimize security
remediation/redesign after go-live
yy How to leverage standard SAP
reports for compliance purposes
Doing business in Latin America:

Managing the risk and cost of
compliance
Steve Sprague, Invoiceware International
Electronic invoicing and tax policies continue
to change in Latin America. Both Brazils
SEFAZ regulations (Nota fiscal) and Mexicos
SAT have launched legislation that includes
changes to customer and supplier invoicing.
During this session you will:
yy Learn the latest mandates to help
simplify your day-to-day management of Latin America e-invoicing
yy Walk through the three primary classifications of Brazils e-invoicing mandates
including Nota Fiscal, Brazil Electronic
Invoice for Services (NFE-s), and Brazil
Transportation Document (CT-e)
yy Learn how to avoid the risk of
non-compliance, which places your
organization at risk for customer collection issues, delayed shipments, large
fines, and criminal penalties as it is
considered a form of tax evasion
yy An overview of how real estate

lifecycle management simplifies the
optimization of real estate assets
yy What proposed FASB/IASB lease
accounting standards will have a significant impact on organizations balance
sheet and income statements, bringing
real estate leasing under intense
scrutiny by the organizations CFO
yy Guidance for managing both the financial and non-financial aspects of lease
administration, including postings, rent
escalations, critical date monitoring,
and financial analysis required by
new lease accounting regulations
Managing tax through an SAP

transformation project
Andrew OBrien, KPMG
Attend this session and get leading advice
to help your tax function thrive and not just
survive an SAP implementation. The presentation will include:
yy Key tax concepts that are critical
to the project success of an SAP
implementation, including how to
correctly define "tax", connect tax
to the enterprise processes, and
integrate tax across work streams
yy Lessons on how incorporating a tax
business case can achieve tax improvements within the SAP project and
contribute to the overall SAP project ROI
yy Effective strategies and alternatives for managing constrained and
geographically disbursed tax resources
during an SAP implementation
yy Tax change management considerations
Panel discussion
How to prepare for the deployment

of SAP functionality for revenue
recognition
Moderator: Pete Graham, SAP
Panelists: Julie R. Zielke, EY; Arnold Nel, PwC;
David Furgason, Deloitte Consulting; Ken
Gabriel, KPMG; and Mike Szabo, SAP
Attendees of this session panel discussion
will learn how to effectively evaluate SAPs
newly released revenue recognition solution
for strategic fit within their organization,
including key revenue and process transition
impacts, configuration and data migration/
transformation impacts, system integration requirements, comprehensive testing,
resource planning, and deployment issues
that will need to be addressed. You will:
yy Walk through key evaluation criteria to
better understand the benefits, risks,
and impacts of SAPs newly released
revenue recognition solution
yy See firsthand the framework that is
needed to complete a solution fit and
gap analysis of SAPs revenue recognition to your industry and organization
yy Find out from a resource and effort
planning perspective how long it will
take to ensure a successful project
Demystifying the puzzle: SAP tax

configuration tips and tricks
Tracy Davis, KPMG
When rolling out SAP, its imperative that
companies integrate tax into the entire
lifecycle to maximize the efficiency of
downstream tax processes. Virtually every
business transaction has tax implications, so it
is very important that dedicated tax resources
be assigned to the implementation team to
proactively integrate these tax data requirements into the design of SAP. By attending,
you learn:
yy How the pieces of the tax puzzle fit
together in SAP including master data,
configuration, common RICEFs and more
yy When and how to best involve
the tax department in an implementation project
yy Key tax considerations, potential
tax value drivers, and an outline of a
typical tax implementation approach
Take home leading practices and a sample
process for accumulating tax requirements
and translating those into SAP solutions.

27
Track81continued
continued
Track
How to improve efficiency for direct
tax using SAP HANA
Prabhukumar Chinnakonda, KPMG
Learn how to successfully achieve real-time
efficiency for direct tax computational (provision, compliance) needs, leveraging financial
data from SAP ERP and SAP Business Planning
and Consolidation. You will:
yy Learn the various SAP HANA technology
components for direct tax automation (provision, compliance) and
how to use them as an effective tool
for obtaining timely information at
book-close and year-end tax filings
yy Walk through practical advice on how
to set up complex direct tax computational scenarios using Excel 2013 and the
SAP HANA decision table with minimal
dependency on corporate IT groups
yy Get tips on ways to improve corporate
tax (Federal, State, Foreign) provision
and compliance scenarios with real-time
financial (consolidated and unconsolidated) data and analyze in real time
New revenue recognition standard

is released! How to prepare your
organization and supporting
systems
Is your organization ready to meet

the proposed leasing regulatory
standards?
Pete Graham, SAP
Join this session to learn about the steps
required to prepare for the upcoming regulatory changes and the time/cost benefits that
can be gained by preparing now. During this
session:
yy Learn how the SAP Lease Administration application by Nakisa is specifically
designed to provide visibility into your
lease contract exposure, enabling you
to optimize asset portfolio management and support accounting processes
for more efficient cost controlling and regulatory compliance
yy Understand the benefits of optimizing
not only your leasing accounting
processes, but also transactional
processes, including equipment and real
estate management, supplier management, business planning, and more
Best practices for customer

adoption of the new revenue
recognition standard using SAP
solutions and services
Pete Graham, SAP
On May 28, 2014, the IASB and the FASB
published a new accounting standard for
revenue recognition. Every publicly traded
company worldwide will be forced to adopt
these changes by January 1, 2017. Please join
us in this session to learn:
yy Whats included in the new revenue
recognition standard and the tools
and services that SAP has developed
to ensure best practices for customers
in adopting the new standards
yy How to utilize the SAP solution to
automate the revenue recognition and
accounting process and to simplify
the tasks of revenue accountants in
following the new accounting guidelines
yy Best practices in handling performance
obligations, stand-alone selling prices,
contract combinations, multiple-element
arrangements, and migration strategies for adopting the new standard,
including fulfillment of the necessary
opening balance sheet requirements
Ravi Krovidi, PwC

With the release of the new revenue recognition standard by IASB/FASB, the risk of
revenue compliance will be higher unless
companies take a comprehensive approach to
adoption. This session will answer the four key
questions that finance and IT stakeholders are
faced with, including:
yy What does the proposed revenue recognition standard mean to my company?
yy What can we do to adopt
the new standard?
yy Is there a framework or tool to understand what we need to do from a
process, system, and data perspective?
yy How can I leverage my current investment in SAP to address the future
revenue recognition needs?
28
March 17-20 Las Vegas

LAS VEGAS
March 17-20, 2015
Conference rates
Early Bird Discount
Pay by January 9 and
SAVE $200
Pay by February 13 and
SAVE $100
Full price
Wynn
Las Vegas
Conference
+ Pre-Conference
Workshops
March 16-20
Conference Only
March 17-20
Pre-Conference
Workshops Only
March 16
$2,499
$2,099
$899
$2,599
$2,199
$899
$2,699
$2,299
$899
Send your team!
3131 Las Vegas Blvd. South

Las Vegas, NV 89109
702-770-7000
Bring your team and you can divide and conquer all of your
learning objectives. Call Rodrigo Scaldaferri at +1-781-751-8857
tolearn how your organization can take advantage of exclusive
group rates.
SAPinsider Events
@InsiderGRC | #GRC2015
www.GRC2015.com
Produced by Wellesley Information Services, LLC, publisher
of SAPinsider. 2015 Wellesley Information Services. All
rights reserved. WIS information products include SAPinsider
and insiderPROFILES magazines, SAP Experts online libraries
and anthologies, SAP Professional Journal, and SAPinsider
Seminars OnDemand. SAP products and services mentioned

herein as well as their respective logos are trademarks or
registered trademarks of SAP SE (or an SAP affiliate company)
in Germany and other countries. All other product and service
names mentioned are the trademarks of their respective
companies. WIS is not affiliated with SAP SE or any of the SAP

SE group of companies. GRC 2015 is conducted independently
by WIS, publisher of SAPinsider, with permission from SAP SE.

GRC 2015 US Brochure

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

GRC 2015 US Brochure

Uploaded by

Copyright:

Available Formats

March 17-20 Las Vegas

The premier event for SAP governance,

This education program has been

8:00 am Registration opens

8:00 am Registration opens

8:00 am Registration opens

8:30 am Breakout sessions

8:30 am Breakout sessions

8:30 am Breakout sessions

9:45 am Refreshment break

9:45 am Refreshment break

9:45 am Refreshment break

10:30 am Breakout sessions

10:30 am Breakout sessions

10:00 am Breakout sessions

11:15 am Refreshment break

12:00 pm Speed networking

1:00 pm Breakout sessions

1:00 pm Breakout sessions

11:30 am Breakout sessions

2:15 pm Meet the exhibitors

2:15 pm Refreshment break

3:00 pm Breakout sessions

2:45 pm Breakout sessions

4:00 pm Refreshment break

4:15 pm Refreshment break

4:30 pm Breakout sessions

5:45 pm Cocktail hour

6:00 pm Ask the Experts

Ask the Experts

4:30 pm Breakout sessions

Main Conference, March 17-20 More than 90 sessions spanning 8 tracks

2015 GRC leadership, processes, and strategy

Access control, role design, and segregations of duties

System security, IT governance, and control optimization

Process control, control automation, and continuous control

Building, interpreting, and adding custom capabilities to GRC reports

Implementations, upgrades, and migrations

Fraud and audit management

GRC and regulatory updates for finance teams

Oil & Gas

Healthcare & Pharmaceuticals

Aerospace & Defense

High Tech & Electronics

Banking & Finance

Engineering, Construction & Operations

Industrial Machinery & Components

Utilities & Waste

Passenger & Cargo Services

A sample list of Who

Special Pre-Conference Workshops

Ask the Experts

Pull up a chair in the Ask the Experts

These sessions are informal,

Youve heard of speed dating

Interact with the best and the

GRC 2015 is co-located with

This education program has been

Join us for Pre-Conference Workshops

Special deep-dive sessions that enable you to:

Explore new trends and strategies

Enhance your learning experience at the main conference

By registering for Pre-Conference Workshops,

Attend any sessions of interest to you