The recent events on Wall Street and the world's financial markets will cast a long, deep and painful regulatory compliance shadow over most organizations. The post-Enron rules like Sarbanes-Oxley will be a bittersweet memory that will feel like a walk in the park compared to what will rise up from ashes of bad mortgages and government bailouts.

You'll find a comprehensive agenda designed to help guide you through today's tumultuous environment and anticipate how to stay on track for the future.

Track A: Emerging & Strategic Governance, Risk Management and Compliance (GRC) - Risk management and Compliance requirements emanate today from more than just regulators. Stakeholders that include customers, suppliers, and communities have a growing expectation that the enterprise will manage risk more effectively in support of strategic business goals. Additionally, the organizations license to operate will often by influenced by the management teams ability to manage non-financial data and to demonstrate an appropriate commitment to sustainable development. This track will look at the emerging and strategic GRC issues of: environmental sustainability management; corporate social responsibility; risk culture; privacy and multi-regulatory compliance.

Track B: Enterprise & IT Risk Management - Enterprises are putting increasing focus on Risk Management as not just an extension of compliance and IT security, but also as a strategy to achieve better business performance in an uncertain world. This track will focus on what organizations can and should do to establish risk management as an overall business-focused, process-centric discipline that aligns behavior with risk appetite, business objectives, and enterprise personality and behaviors. In the not too distant future, we expect to see IT risk management (and compliance) as a function that is fully integrated into the enterprise risk management framework.

Track C: Continuous GRC - As organizations become increasingly sophisticated in their response to global regulation, they inevitably migrate from the tactical governance approach of periodic snapshots to a more strategic one of continuous risk assessment and process improvement. This track will examine current technologies, standards and best practices to automate compliance and risk management processes, making them more efficient, reliable, and better documentedAs organizations become increasingly sophisticated in their response to global regulation, they inevitably migrate from the tactical governance approach of periodic snapshots to a more strategic one of continuous risk assessment and process improvement. This track will examine current technologies, standards and best practices to automate compliance and risk management processes, making them more efficient, reliable, and better documented.

Timely Professional Services Sessions

For Financial Services, Legal, Sustainability and Social Responsibility Professionals

Professional tracks are for IT risk management and compliance professionals who are in (or support) the Financial Services industry (especially banking), Legal, and Sustainability or CSR.

Attendees will find a robust offering of sessions that zeroes in on the key issues specific to their responsibilities, with the goal of providing the most up-to-date information and solutions. These sessions comprise virtual Professional Tracks and are denoted by icon on the Agenda.

The Financial Services sessions will provide insight and actionable advice on how to get a fast start to effectively interconnect elements of risk and performance across the enterprise, including the immensely important aspect of data integration, and the technology applications necessary not just to survive but to leverage risk management as a competitive weapon.

The General Counsel & Legal Technology sessions will focus on those areas where the speed and reach of technology outpace corporate policy, jurisprudence, and often good judgment. Gartner analysts will share research, client experiences, and technology solutions that range from the internal nexus of IT and enterprise risk management to the transborder conflicts in the globalization of privacy.
View the sessions >

Sustainability & Corporate Social Responsibility (CSR) Sessions Talk about sustainability and "Green IT" is much more than just preserving natural resources and reducing overall cost of operations. The same is true about corporate social responsibility; it goes well beyond organizational philanthropy and brand polishing. The presentations in this virtual track will look at how IT organizations are addressing these issues. The content will also be supplemented with hands-on Analyst User Roundtables (AURs).

E-Discovery Workshop

Sorting Through the Myths & Facts of E-Discovery
Friday, May 1, 2009
8 am - 3 pm
To complement the General Counsel & IT Legal Professional Track, we are pleased to announce a special workshop that addresses some of the most pressing issues related to E-discovery. All sessions feature a Gartner analyst and an attorney known for their work in e-discovery.

Click here for more details >

Workshop is included in full conference fee. Please use code WKSHCMP to reserve your space.

Workshop Only
Attendance to the Workshop ONLY is $450. Please use code FCCMP.

Registration for either Workshop-only or Full Summit with Workshop must be done by calling +1 866 405 2511.

Get "deep dive" learning through these workshop sessions:

• What Happened, Where Are We, What's Next?
• Sorting through Search
• Cross Border Issues in E-Discovery
• Theater in the Round Lunchtime Panel

plus closing keynote: Second City "GRC" Comedy Club: Comply with Me!

Analyst/User Roundtables

Best Practices for Records Management and E-Mail Archiving
At times, classifying e-mail as a record is daunting. Network and share your challenges and best practices for classifying e-mail as a record, setting retention periods, and archiving.

ERM Best Practices in Financial Services
Financial services organizations have found that ERM requires a much expanded view of operational risks. Share your insights and challenges on how to build a functional ERM program.

User Activity Monitoring Technology for Compliance and Security
Join this peer exchange that is focused on the use of activity monitoring technology for compliance reporting, user activity monitoring, and threat management.

Applying ISACA's New Risk IT Framework
Urs Fischer (Chair of ISACA's RiskIT Initiative)
ISACA plans to release Risk IT, it's new IT risk management framework that is aligned with CobiT. This question and answer session features the chair of the committee for Risk IT.

Improving Financial Governance
Financial governance is not just GRC, but also means improving critical financial processes. Learn how your peers are getting started at better financial governance.

Applying ISACA's CobiT Framework
Robert Stroud (Chair of CobiT Steering Committee and International VP of ISACA and ITGI)
CobiT is used by most IT organizations as the basis of their internal controls framework. This networking session on the challenges and the value of implementing CobiT features the chair of the CobiT committee.

Managing IT Risks during Cost Cutting Periods
Decision makers need to assess and consciously consider the security, service, financial and capability risks of cost-cutting options. Organizations should evaluate the risks through the linkage of IT services and projects to business functions.

Applying ISACA's Val IT Framework
Paul Williams (member of the Val IT Steering Committee and past president of ISACA/ITGI)
ISACA's Val IT is a valuable framework for IT investment decision making and governance. This question and answer session features ISACA's chair for Val IT.

User Developed Applications Risks
Spreadsheets are a critical management and reporting tool, but they introduce a lot of risks to compliance and business processes. Share your challenges and learn from your peers on how they manage the risks of spreadsheets.

Sustainability Reporting for IT
Sustainability initiatives have many stakeholders who want information, but the metrics are not clear. Lean how your peers are meeting their challenges in reporting these non-financial measures.

Managing IT Risks During Cost Cutting Periods
Decision makers need to assess and consciously consider the security, service, financial and capability risks of cost-cutting options. Organizations should evaluate the risks through the linkage of IT services and projects to business functions.

ERM Best Practices for Non-Financial Services
ERM programs at most companies are in their early stages. Learn from your peers on how they are getting started and meeting the challenges of ERM.

Best Practices in Applying ISO 27001
ISO 27001 has become the most accepted standard for IT security controls. Share your insights and learn from your peers on the challenges and best practices for implementing ISO 27001.

Getting Business Value from XBRL
While most XBRL initiatives have focused on external financial reporting, much of the value of XBRL may be in improving internal processes. Share your insights and learn from peers on how to get business value from XBRL initiatives.

Continuing Professional Education

As an attendee to this event, any sessions you participate in that advance your knowledge within that discipline may earn you Continuing Professional Education credits from the following organizations:

ISC²/CISSP
Gartner is an Official (ISC)²® CPE Submitter and can submit 24 group "A" credits toward CISSP® recertification requirement, based on the content in the Gartner Risk Management & Compliance Summit. You will be required to provide your name, certification number or (ISC)²® number and your email address when onsite at the Summit.

Continuing Legal Education Credits (CLE)
Gartner has partnered with the John Marshall Law School's Center for Information Technology & Privacy Law (CITPL). Attendees to the E-Discovery Workshop will receive four (4) MCLEs from the state of IL.

ISACA CPE hours (CISA, CISM, and CGEIT) may be available as follows as outlined in their Continuing Education Policy: (www.isaca.org/cisacpepolicy, www.isaca.org/cismcpepolicy, www.isaca.org/cgeitcpepolicy)

• CISM - if such courses advance the CISM's information security or managerial knowledge or skills.
• CISA - if such courses advance the CISA's IS audit, control and security or audit-related managerial knowledge or skills.
• CGEIT - if such courses advance the CGEIT's IT governance knowledge or skills.

For more information and to submit your course work, please contact: certification@isaca.org.

NEW! "ISACA/ITGI Frameworks" Analyst/User Roundtable Sessions

Join experts from ISACA and the IT Governance Institute (ITGI) in discussion with Gartner analysts and your peers around three governance frameworks and guidance materials:

• Val IT: Paul Williams, past international president of ISACA and the affiliated ITGI, and a member of the ISACA Strategic Advisory Group and Val IT Committee.
• CobiT: Robert Stroud, international vice president of ISACA and the ITGI and a member of ITGI's CobiT Steering Committee.
• Risk IT: Urs Fischer, chair of the ITGI's Risk IT task force and a member of ISACA's Assurance Committee.

Hot Topics

• How to be a socially responsible business while meeting regulations and profitability goals
• PKIs and their impact on performance management and business risk
• Role of XBRL in banking
• Balancing compliance and regulatory reporting requirements
• SAS 70 issues
• Your career in risk management
• Conflict between diverging requirements and way to advance holistically
• The Future of Risk Management
• The First 100 Days of the Risk Officer
• Continuous Monitoring
• Continuous Audit

Visit the Agenda Builder