Risk Appetite Dinner, CHICAGO

---

Identity Governance as Enterprise Risk

An Executive Identity GRC Summit for CISOs

Risk Appetite Executive Dinners are an invitation-only global thought leadership series for senior governance, risk management, cybersecurity, and compliance executives who are responsible for navigating uncertainty, protecting enterprise value, and enabling the organization to take the right risks.

This special Chicago edition is curated on the theme Executive Identity GRC Summit, focused on one of the most urgent and under appreciated enterprise risks today: identity.

Identity sprawl, fragmented access controls, cloud adoption, third-party access, and increasing regulatory scrutiny have transformed identity into the primary enterprise attack surface. At the same time, boards and regulators are asking harder questions about accountability, governance, and assurance over who has access to what — and why. This dinner convenes senior leaders to explore identity governance not as a technical issue, but as a core enterprise risk, governance, and resilience challenge.

Hosted by Michael Rasmussen, Founder of GRC 20/20 Research, analyst at GRC Report, and host of the Risk Is Our Business and Hitchhiker’s Guide to the GRC Technology Galaxy podcasts, this invitation-only dinner brings together a carefully curated group of CISOs, risk leaders, and GRC executives for candid, off-the-record discussion. This is not a vendor pitch, conference panel, or marketing event. It is a high-trust forum for peer-level dialogue among executives facing real-world board pressure, regulatory expectations, and identity-driven risk exposure.

Dining Experience

Hosted at The Alston, one of Chicago’s most refined dining venues, this seated executive dinner is intentionally designed to slow the pace, encourage open dialogue, and foster meaningful peer connections. Attendance is strictly limited to ensure depth of discussion and a shared level of seniority and experience around the table.Discussion Focus

This executive dinner will explore:

• Why identity has become a systemic enterprise risk, not just a security control
• The convergence of identity governance, enterprise GRC, and operational resilience
• Regulatory and audit expectations around identity, access, and accountability
• How organizations are redefining ownership, oversight, and assurance for identity risk
• What boards expect CISOs and risk leaders to do next

Featured Executive Voices

• Michael Rasmussen, Founder, GRC 20/20 Research – Globally recognized GRC visionary and one of the most cited analysts in governance, risk, and compliance. A leading voice on how identity, digital risk, and GRC converge at the enterprise level.
• Peter Hodge, Managing Director, Cyber Security – Deloitte – Author of White Blaze Leadership: Find Your Way To Lead In The Everyday, Peter will share leadership perspectives from the front lines of cyber and identity risk and will be available to sign copies of his book during the evening.

Agenda Snapshot

• Welcome and Opening Remarks
• Keynote Address: Michael Rasmussen
• Leadership Perspective: Peter Hodge (Deloitte)
• Executive Panel: Identity Governance and Enterprise GRC
• Peer Exchange & Networking
• Closing Remarks

Event Details

Date: Wednesday, March 18, 2026
Time: 4:00 PM – 7:00 PM (CDT)
Location:
The Alston
750 North State Street, 3rd Floor
Chicago, Illinois 60654

Participation

Attendance is by invitation only. Registration requests are reviewed to ensure a senior, peer-level audience and a balanced, high-value discussion. For those selected, this Risk Appetite Executive Dinner offers a rare opportunity to step away from surface-level debate and engage deeply with fellow leaders who understand that risk is not something to be avoided — but something to be governed, aligned, and deliberately embraced.

GRC 20/20 Risk Appetite Facilitator . . .

If you ask my family what I do for a living, they might say that I “travel the world talking about risk.” And honestly, that wouldn’t be far from the truth. But the more formal introduction is that I am an analyst, researcher, storyteller, and, as the industry likes to remind me, the Father of GRC. More than 23 years ago, while at Forrester Research, I coined the acronym GRC and articulated it as a way to integrate governance, risk management, and compliance capabilities in strategy, process, and technology.

Today, through GRC 20/20 Research, I spend my days studying how organizations around the world navigate complexity and uncertainty. My job is to observe patterns, identify challenges, understand how strategy, process, and technology intersect, and help organizations evolve to be more effective, efficient, resilient, and agile. Along the way, I also founded GRC Report, a global news and insights platform focused entirely on governance, risk management, compliance, and business integrity news and insights around the world. It has become a place where practitioners, executives, policymakers, and technologists can see the GRC landscape through a global lens.

I also host two podcasts — Risk Is Our Business Podcast and Hitchhiker’s Guide to the GRC Technology Galaxy Podcast — because I believe conversation is one of the most powerful tools we have for changing how people think about risk and integrity. These podcasts allow me to explore big ideas with remarkable minds from around the world, and they keep me grounded in the reality that risk is not merely a function — it is the fabric of every decision and every ambition. In many ways, I am an explorer of uncertainty. As an industry analyst, I map and monitor the ever-expanding GRC galaxy — now tracking over 1,500 solutions and the professional services orbiting them. The universe of GRC is vast, dynamic, and constantly in motion, and I am endlessly fascinated by how organizations chart their course through it.

Risk Appetite Dinner Host . . .

SafePaaS is the policy-based access governance platform that automatically detects and prevents access risks, security incidents, and audit findings across the entire enterprise in one single platform. Built from the ground up, our organic, agile cloud platform allows organizations to adopt and extend identity security and access governance solutions efficiently and effectively when required. SafePaaS supports any enterprise application, any cloud infrastructure, and any IAM or ITSM system for complete governance. Policies sit at the center of our platform architecture delivering immediate value without the complexity of role-based IGA solutions.