RSA Charge is the pinnacle conference for Governance, Risk and Compliance and the premier event for RSA Archer every year. The insights, networking, friendships and experiences shared not only help attendees with their day to day jobs but broaden their careers. I can personally attest to the value of presenting at conferences such as RSA Charge. Having been a presenter in countless conferences (and yes, I have been around long enough to consider it countless), I know the commitment and courage it takes to get up in front of a room full of peers and share your own thoughts and opinions. However, the benefits far outweigh any trepidation or fear. Making myself rein in my experiences, put together a thoughtful presentation and then share them with my fellow GRCers has given me the best opportunity to learn and grow.
For this year's RSA Charge, we have created six tracks for presentations. Our approach was based on our key messages and themes:
Taking Command of Your Journey
Sessions should focus approaches, strategies and recommendations for building organizational capabilities that bring maturity to your overall risk and compliance program. Content should include maturation criteria, organizational barriers or obstacles and how they were overcome, and case studies or war stories. Examples include how to achieve consensus, measure value of the program, maturity processes, etc. The presentation should include an explanation of the GRC approach taken (centralized, top-down, decentralized, federated, or some combination), the rationale, the phases of organizational achievement, and the major milestones in risk and compliance maturity.
Inspiring Everyone to Own Risk
Sessions should focus on how you were able to inspire your organization to own risk - especially in terms of the Three Lines of Defense. Risks could include operational risks, third party risk, resiliency or enterprise risk. Content should include best practices, case studies or war stories. Examples include how to identify, assess and monitor risk, track loss events, model processes, audit risk, etc. The presentation should include an explanation of the business problem, desired outcomes, required functionality, solution outcomes and metrics used to measure success.
Where Cyber Risk Meets Business Risk
Sessions should focus on the approach for leveraging Archer solution(s) to solve a critical IT Security and/or IT Risk business problems. Content should include best practices, case studies or war stories. Examples include how to integrate security tools, address remediation activities, respond to incidents, managing IT Security policy & compliance, IT Business context, etc. The presentation should include an explanation of the business problem, desired outcomes, required functionality, solution outcomes and metrics used to measure success.
Sessions should focus on how your organization transformed compliance processes by leveraging Archer solution(s) to solve a critical Corporate and/or Regulatory Compliance or Industry challenge. Content should include best practices, case studies or war stories. Examples include how to develop policies and standards, measure controls, report on compliance posture, audit program management, etc. The presentation should include an explanation of the business problem, desired outcomes, required functionality, solution outcomes and metrics used to measure success.
We also have two tracks open for Technical presentations - Basic and Advanced.
Sessions should cover beginner to advanced uses of the platform, custom objects, data feeds, on demand applications, integrations, etc. The content must include demonstrations of a business problem that is addressed using the RSA Archer platform. Screen shots, recorded or interactive demonstrations are required. These should be a “How To” presentation to instruct the audience on optimal platform configuration. Other technical presentations may cover topics such as the administration of the platform, backup/recovery, system architecture, etc.
I highly suggest you submit to present. Don't discount your story. If you are in the early phases of your GRC program or Archer implementation, your insights can help others in the same situation. For those of you with mature programs or Archer implementations, sharing use cases, lessons learned or tips and tricks –from a practitioner, technical or program management perspective – can provide inspiration to others. Don't miss this opportunity to share your experience with others. Your peers will benefit from your story and you will be sure to learn something from the experience.