Press Release


 2018 Governance, Risk and Control Conference to Tackle Cyber Risk, Focus on Innovation 

Nashville, TN, USA (31 May 2018) — The quickening speed of technological innovation demands a new way of responding to potential risks. How to innovate strategy and focus on where governance and risk management align for enterprise impact will be the focus of the upcoming 2018 Governance, Risk and Control (GRC) Conference, jointly presented by The Institute of Internal Auditors (IIA) and ISACA.

The conference, scheduled for 13-15 August 2018 at the Omni Hotel in Nashville, is expected to bring together more than 600 governance, risk, and control professionals from more than 40 countries to discuss challenges, forge solutions, and define the future of GRC globally. Cyber risks and digital transformation will be key themes throughout the sessions and workshops.

“As organizations adopt new technologies and undergo digital transformation, their governance, risk and compliance capabilities are more critical than ever,” said Rob Clyde, CISM, incoming board chair of ISACA and board director for Titus. “The investment in their leadership and staff is just as important as the investment in technology.” Clyde will keynote a timely presentation on “Governance in These Digitally Shifting Times.”

The conference will open with an address by Luke Williams, a professor of marketing at New York University’s Stern School of Business, who will present, “Disruptive Thinking: How to Prepare for What’s Coming Next.” Another keynote speaker with be Paul Sobel, CIA, QIAL, CRMA, the new chair of the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Sobel, who is also vice president and chief audit executive at Georgia-Pacific, LLC, will discuss “COSO ERM: Integrating with Strategy and Performance.”

“As the business world continues to evolve at an increasingly astounding rate, it is evermore imperative that professionals working in risk, compliance and governance have the tools, direction and insight to stay ahead of the game,” said IIA North American Board Chair Karen Brady, CIA, CRMA. “This conference will provide the information needed to advance organizations to the next level and arm them with knowledge and advice for the future of GRC.”

GRC conference sessions will be grouped into the following four hot-topic tracks:

  • Cyber (Security, Resilience, Mitigation)
    • Measuring and Improving Your Security Effectiveness
    • Advancing IT Audit’s Capabilities to Conduct Cybersecurity Audits
    • Auditing Mobile Device Management
  • Governance, Risk and Compliance
    • Digital Transformation: Is Internal Audit Ready?
    • Auditing Third-Party Business Partners for Fraud and Corruption Across the Globe
    • Agile and Compliance
  • Leadership, Career and Communication Development
    • Using Diversity as a Strategic Advantage
    • Storytelling: Improving the Audit Process to Communicate Better
    • The Psychology of Successful Internal Auditing: Navigating Stakeholder Relationships for Optimal Business and Career Results
  • Deep Dive Learning Labs
    • Auditing the Cloud: A Practical Approach
    • Building and Maintaining a Sustainable ERM Framework
    • The Keys to the Kingdom: Access Controls and Ways to Improve

Terry Grafenstine, CISA, CGEIT, CRISC, CPA, CISSP, CIA, CGMA, CGAP, board chair of ISACA and managing director at Deloitte & Touche, LLP, will highlight recent ISACA research and encourage attendees to nurture innovation as part of her discussion on “Governance in the Age of Cyber.”

The event will also feature two pre-conference workshops: “COBIT NIST Cybersecurity Framework,” focusing on its goals, implementation steps and how to apply this information; and “Auditing Technology Disruptors,” where attendees will exchange strategies and tools for leveraging disruptive technologies as audit tools to foster positive outcomes.

“This conference will help attendees gain insights into improved audit efficiency, learn real-life approaches to cyberattack mitigation, understand the impact of new technologies like AI, and build their communication skills to deliver the right messages to their stakeholders and boards,” Clyde said.

Attendees can earn up to 18 hours of continuing professional education (CPE) credits for attending the conference, and an additional 7.5 CPEs for attending one of the pre-conference workshops.

For more information about the GRC Conference, visit The IIA or ISACA.

About The Institute of Internal Auditors

The Institute of Internal Auditors (IIA) is the internal audit profession’s most widely recognized advocate, educator, and provider of standards, guidance, and certifications. Established in 1941, The IIA today serves more than 190,000 members from more than 170 countries and territories. The IIA’s global headquarters are in Lake Mary, Fla. For more information, visit or


Nearing its 50th year, ISACA ( is a global association helping individuals and enterprises achieve the positive potential of technology. Today’s world is powered by technology, and ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organizations. ISACA leverages the expertise of its 450,000 engaged professionals in information and cybersecurity, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI Institute, to help advance innovation through technology. ISACA has a presence in more than 188 countries, including 217 chapters worldwide and offices in both the United States and China.


Press Contacts:

Michelle Micor, +1.847.385.7217,
John Babinchak, +1.407.937.1240,