Risk & Resilience Management by Design, MUNICH

Blueprint for Business-Integrated, Agile, and Context-Aware Risk & Resilience Programs

Gone are the days when business operations were linear, local, and predictable. Today’s organizations face exponential change and increasing complexity driven by globalization, technology, regulatory intensity, distributed workforces, data proliferation, and accelerated competitive pressure. In this environment, managing risk and enabling resilience has become a strategic necessity.

Yet many organizations continue to treat risk management as a siloed compliance obligation and resilience as a disconnected business continuity function. The result? Gaps in preparedness, reactive responses, and missed opportunities to align risk-taking with performance and purpose.

Risk & Resilience Management by Design is a hands-on, interactive workshop that equips attendees with the frameworks, tools, and strategies needed to design and operationalize a risk and resilience program that is integrated, intelligent, and future-ready. This workshop delivers a structured and scalable approach to managing uncertainty and disruption in a way that protects performance, supports agility, and reinforces organizational trust.

Today’s business ecosystem demands 360° contextual awareness—of objectives, risks, interdependencies, and external threats. Organizations must move beyond checklists and departmental metrics to adopt a unified, federated approach that aligns risk, continuity, and resilience efforts across functions and operations.

This workshop empowers organizations to:

• Understand and adapt to the evolving risk and resilience landscape
• Connect risk management with business strategy, decision-making, and performance
• Build a lifecycle-based approach to risk and resilience that reflects real-world complexity
• Develop governance structures and technologies that foster coordination, ownership, and accountability
• Deliver continuous assurance of resilience to boards, regulators, and stakeholders

---

Workshop Objectives

Attendees will take back practical approaches to:

• Define a complete and continuous lifecycle for managing risk and resilience
• Establish federated governance, strategic alignment, and cross-functional accountability
• Align risk and resilience efforts with objectives, operations, and business change
• Monitor and respond to both internal and external risks in real-time
• Enable consistent and scalable risk/resilience processes across departments
• Track critical risks, treatments, and resilience activities with transparency and traceability
• Facilitate board- and regulator-ready assurance on organizational resilience
• Identify and resolve material gaps, duplications, or inefficiencies in risk and resilience programs
• Build a business case for risk and resilience investment tied to strategic outcomes
• Leverage technology for risk visibility, scenario planning, monitoring, and reporting

---

Benefits to Attendees

• Understand how to create a risk and resilience framework that is integrated, strategic, and scalable
• Explore different models of risk/resilience maturity and identify what fits your organization
• Build effective governance structures (committees, charters, plans) to unify efforts
• Improve alignment between risk-taking, decision-making, and operational capability
• Examine how to bring business continuity and operational resilience into the broader risk discussion
• Learn how to benchmark effectiveness and communicate outcomes to leadership
• Explore the role of enabling technology and data in a dynamic and proactive resilience program

---

Who Should Attend?

• Chief Risk Officers & Risk Managers
• Business Continuity & Resilience Leaders
• Operational Risk and ERM Professionals
• Compliance & GRC Executives
• Internal Audit and Assurance Teams
• Strategy, Transformation, and Program Managers
• Technology Architects supporting GRC and BCM functions
• Board Advisors and Governance Professionals

---

Workshop Agenda

Part 1: Risk & Resilience by Design – Why It Matters Now

• Understanding how risk and resilience impact business strategy and performance
• Exploring the disarray: silos, fragmentation, and blind spots in current practices
• Risk exposure in a volatile world: where resilience gaps become existential threats
• Current global trends, drivers, and regulatory mandates shaping risk/resilience integration
• Interactive Exercise: Mapping risk and resilience maturity in your organization

---

Part 2: Risk & Resilience Governance – Building the Foundation

• Establishing a federated governance model for integrated risk and resilience
• Creating a Risk & Resilience Management Committee with cross-functional authority
• Drafting a Risk & Resilience Charter that aligns mission, roles, and oversight
• Developing a strategic plan that connects risk resilience to business objectives
• Interactive Exercise: Designing your governance framework and charter elements

---

Part 3: Risk & Resilience Lifecycle – Managing in Context of Change

• Risk and resilience lifecycle: from identification to assurance
• Monitoring the external and internal environment for threats and disruptions
• Conducting risk assessments, BIAs, and forward-looking scenario planning
• Engaging business units in treatment planning and ongoing response preparedness
• Reporting and evaluating: turning data into assurance and board-ready insights
• Interactive Exercise: Building your risk and resilience lifecycle

---

Part 4: Risk & Resilience Architecture – Enabling Visibility & Agility

• Designing an information architecture that supports holistic insight and action
• Integrating data from operations, strategy, compliance, and continuity
• Establishing taxonomies, workflows, and linkages between risks, objectives, and controls
• Exploring technology architecture: what tools are needed, what to prioritize
• Building the business case: articulating ROI and strategic value to leadership
• Interactive Exercise: Mapping your risk and resilience information ecosystem

---

This workshop enables you to create a risk and resilience capability that is proactive, adaptive, and aligned with your organization’s mission. It provides the design blueprint needed to move beyond fragmented processes and into a state of readiness, reliability, and trust.

Your objectives are too important—and your risks too complex—to leave resilience to chance.

GRC 20/20 Presenter . . .

Michael Rasmussen is an internationally recognized authority, thought leader, and pioneer in the disciplines of governance, risk management, and compliance (GRC). With over 30 years of experience, he is globally known for defining and shaping GRC strategy, processes, and technology. In February 2002, while at Forrester Research, Michael developed the concept of GRC — establishing the foundation for how organizations approach strategy, process, and technology in today’s complex business environment. For this, he is widely acknowledged as the “Father of GRC.”

A trusted advisor to boards, executives, and professionals around the world, Michael has dedicated his career to helping organizations design and implement effective GRC strategies that are aligned with business objectives. His work empowers organizations to be more effective, efficient, resilient, and agile. He is a sought-after keynote speaker, author, and advisor, with his thought leadership influencing legislation, regulatory frameworks, and corporate best practices globally.

Michael is the host of the Risk is Our Business and the Hitchhiker’s Guide to the GRC Technology podcasts, where he leads conversations with global experts exploring the evolving frontiers of risk, resilience, and corporate integrity.

Workshop Host . . .

Mitratech has a 35-year history as a leader in providing technology and services that empower organizations to manage risks, increase efficiency, control costs, and scale for the future.

The lines continue to blur across Legal & Claims, Risk & Compliance, and Human Resources (HR)— and Mitratech is the trusted partner in driving clarity and collaboration across all these functions with cloud-based, automation-driven solutions.

Scalable, flexible, and highly configurable by design, Mitratech’s Governance, Risk and Compliance suite offers end-to-end, top-to-bottom risk and compliance management capabilities, spanning policy management, enterprise risk management, data privacy, AI governance, third-party risk management, and more.

Whether organizations are just starting to implement GRC processes or looking to deploy next-generation programs across their full enterprise, Mitratech simplifies the process with cross-industry applications, convenient out-of-the-box templates, and relevant analytics to empower data-driven business outcomes.

Mitratech serves over 24,000 organizations worldwide, spanning more than 160 countries.

For more information, please visit: www.mitratech.com