The AI Way to Building an Enterprise GRC Program that Works on the Ground, KUALA LUMPUR

Malaysian enterprises are navigating one of the most demanding regulatory environments in Southeast Asia. Bank Negara Malaysia’s Risk Management in Technology (RMiT) framework and its sharpening expectations on AI governance, the Securities Commission’s evolving digital asset and capital markets oversight, the long-anticipated modernization of the PDPA, NACSA’s National Cybersecurity Policy, and the accelerating pace of the Madani Economy’s digital agenda are all in motion simultaneously. Manual GRC cannot keep pace — and organizations that treat this as a technology upgrade problem will keep falling behind.

This session is centered on shifting perception from GRC as a tool to a business enabler, while addressing front-line resistance and underutilization, and showcasing how AI can be layered in to enhance usability, adoption, and decision-making without adding complexity.

• GRC as competitive advantage: how leading enterprises in the region are using AI-enabled GRC programs to accelerate business, reduce audit friction, lower regulatory capital requirements, and build board confidence
• Why manual GRC breaks under compounding pressure: the fragmentation trap — disconnected tools, siloed risk, compliance, audit, cyber data, and periodic point-in-time assessments that leave organizations exposed between cycles
• The adoption gap and its cost: why most GRC programs are technically deployed but organizationally stranded — avoided by the business, invisible to the board, and unable to demonstrate value until something goes wrong
• Shifts in GRC: from periodic to continuous sensing and assessments; from reactive to predictive intelligence; from assurance-speak to business decision language; and from bolted-on to embedded AI
• AI Governance as a business imperative: how to operationalize responsible AI with clear ownership, explainability, third-party model oversight, policy controls, and compliance readiness as AI permeates every technology environment  

Please complete the registration form to secure your spot. Confirmation will be shared shortly. Availability is limited.

Agenda 

• 08:30 – 09:00 = Registration
• 9:00 – 09:15 = Welcome Address & Opening Remarks
• 09:15 – 11:00 = Session by Michael Rasmussen
• 11:00 – 11:20 = Networking Coffee Break
• 11:20 – 12:00  = MetricStream AI Showcase
• 12:00 – 13:00  = Interactive Panel Discussion
• 13:00 – 13:10 = Closing Remarks & Key Takeaways
• 13:10 – 14:00 = Networking and Lunch

Location: Makati Shangri-La Manila 

---

GRC 20/20 Presenter . . .

Michael Rasmussen is an internationally recognized authority, thought leader, and pioneer in the disciplines of governance, risk management, and compliance (GRC). With over 30 years of experience, he is globally known for defining and shaping GRC strategy, processes, and technology. In February 2002, while at Forrester Research, Michael developed the concept of GRC — establishing the foundation for how organizations approach strategy, process, and technology in today’s complex business environment. For this, he is widely acknowledged as the “Father of GRC.”

A trusted advisor to boards, executives, and professionals around the world, Michael has dedicated his career to helping organizations design and implement effective GRC strategies that are aligned with business objectives. His work empowers organizations to be more effective, efficient, resilient, and agile. He is a sought-after keynote speaker, author, and advisor, with his thought leadership influencing legislation, regulatory frameworks, and corporate best practices globally.

Michael is the host of the Risk is Our Business and the Hitchhiker’s Guide to the GRC Technology podcasts, where he leads conversations with global experts exploring the evolving frontiers of risk, resilience, and corporate integrity.

Seminar Host . . .

MetricStream simplifies Governance, Risk, and Compliance (GRC) with purpose-built AI-first Risk, Compliance, Audit, CyberGRC, Third-party Risk, and Resilience products on a single low-code / no-code GRC cloud platform. Trusted by over 1 million GRC professionals across 35+ countries, our industry-specific products and AI agents help businesses successfully manage audits, avoid compliance violations and fines, reduce risk exposure, and strengthen resilience. MetricStream is headquartered in San Jose, California, with operations and offices around the globe. More information is available at www.metricstream.com

In Association With:

Expleo is a global engineering, technology and consulting service provider that partners with leading organisations to guide them through their business transformation, helping them achieve operational excellence and future-proof their businesses. Expleo benefits from more than 50 years of experience developing complex products, optimising manufacturing processes, and ensuring the quality of information systems. Leveraging its deep sector knowledge and wide-ranging expertise in fields including AI engineering, digitalisation, hyper-automation, cybersecurity and data science, the group’s mission is to fast-track innovation through each step of the value chain. As a responsible and diverse organisation, Expleo is committed to doing business with integrity and working towards a more sustainable and secure society. Expleo boasts an extensive global footprint, powered by 18,000 highly-skilled experts delivering value in 29 countries and generating more than €1.4 billion in revenue.