Governance, Risk & Controls Conference
August 17-19, 2026 | San Diego, CA & Virtual | Up to 28 CPEs
For the 13th year, The IIA and ISACA will bring together leading minds in governance, risk management and control (GRC) to deliver world-class content, innovative ideas, and practical guidance for today’s risk environment. From emerging risks to evolving regulations, GRC 2026 equips professionals with actionable insights they can apply immediately.
Empower yourself to excel in today’s dynamic GRC environment. Join us for the GRC 2026 Conference, 17-19 August in San Diego, California or virtually.
Lead with confidence in a complex risk landscape
Join governance, risk and control professionals from around the world for three days of practical insights, peer exchange, and forward-looking perspectives at GRC 2026.
Program overview
Explore session tracks and learning moments designed to address today’s most pressing governance, risk, and control challenges.
Speakers
Hear from industry leaders, and subject matter experts shaping the future of governance, risk management, and internal control.
Workshop
Experience focused, hands-on workshops that deliver deeper insights and practical tools you can apply immediately.
Location & hotel
Plan your visit to San Diego with venue details and hotel information for a smooth conference experience.
Who should attend the GRC Conference?
Designed for governance, risk, audit, cybersecurity, and compliance leaders, GRC 2026 equips professionals to manage emerging technologies, evolving regulatory demands, and complex enterprise risk environments. Whether you’re building AI governance frameworks, strengthening third-party oversight, or modernizing your control environment, this event delivers the insights and tools to lead with confidence.
What you can expect at GRC Conference
40+ Sessions
Explore more than 40 forward-focused sessions addressing today’s most pressing GRC challenges.
2026 focus areas:
- AI Governance & Agentic Risk
- Cybersecurity, Deepfakes & Quantum Readiness
- Data Governance & Privacy Strategy
- Modern Assurance & Combined Defense
Up to 28 CPE Credits
Earn up to 28 CPE credits — including 16 CPEs during the main conference (in person or virtual) and up to 12 additional CPEs through pre- and post-conference workshops — while gaining actionable frameworks you can immediately apply across your organization.
50+ Speakers
Hear from over 50 leaders and innovators from organizations including Microsoft, PayPal, Mastercard, Intuit, the National Basketball Association (NBA), Generali, Snowflake, Protiviti, and other global brands advancing governance, risk, and controls. See who’s been announced below and check back soon as keynotes will be shared soon!
Voices shaping the future of GRC
Joseph Edivri CISA, CISM, CISSP, CDPSE, CCSP, C|CISO, CRISC, PMP
Security Engineering Manager
Microsoft
Kathireasan Jayabalan
Senior Quality Engineer
Mastercard International
Sridevi Rammohan
Staff Engineer, Risk & Compliance
Instacart
Enhance your experience with pre- and post-conference workshops
Extend your learning with optional in-person pre- or post-conference workshops (separate registration and fees apply) and earn additional eligible CPE beyond the main conference.
Workshop 1: Beyond the Hype: Auditing and Governing Generative AI at Scale
Presented by The IIA
Sunday, August 16 | 9:00 a.m.-5:00 p.m. | 8 CPE | US$650
Generative AI is rapidly scaling across enterprises—bringing new governance, risk, and audit challenges with it. This immersive workshop equips GRC professionals with practical tools, case studies, and simulations to audit and oversee AI responsibly at scale.
Focus Areas:
- AI governance
- regulatory expectations
- risk & control design
View full workshop details in the program | Register for workshop
Workshop 2: Demystifying Cyber Risk: Integrating Cybersecurity into Enterprise GRC
Presented by ISACA
Sunday, August 16 | 9:00 a.m.-5:00 p.m. | 8 CPE | US$650
Cybersecurity risk is no longer just a technical issue—it’s an enterprise-wide business risk. This workshop helps GRC and IT audit professionals translate complex cyber inputs into clear, business-relevant risk insights that resonate with leadership.
View full workshop details in the program | Register for workshop
Workshop 3: Resiliency by Design: Stress-Testing Your GRC Framework for the Next Decade
Presented jointly by ISACA and The IIA
Wednesday, August 19 | 1:00-5:00 p.m. | 4 CPE | US$350
Cap off the conference by pressure-testing your GRC framework against real-world disruption scenarios. Through simulations and playbook design, this interactive workshop helps you identify vulnerabilities and build a practical resilience roadmap for the next 12–24 months.
Focus Areas:
- resilience
- scenario testing
- adaptive response planning
GRC conference registration and pricing
Save $180* on In-Person registration when you register by June 22, 2026.
Check back soon for registration details on the half-day Workshop 3 - Resiliency by Design: Stress-Testing Your GRC Framework for the Next Decade.
GRC Conference Location
The 2026 GRC Conference will be held at Gaylord Pacific Resort & Convention Center. ISACA and The IIA have secured a special rate for GRC conference attendees when booked by Tuesday, July 21, 2026*.
$319 plus $40 resort fee, plus tax for single/double occupancy*
Gaylord Pacific Resort & Convention Center | 1000 H Street | Chula Vista, CA 91910 |
(619) 310-9800
-
*Cutoff date for room reservations: Tuesday, July 21, 2026
-
- Extra guest fees are: 3rd guest = $20, 4th guest = $20
- Children twelve (12) years and under are free when occupying the same room as their parents.
-
- Minimum Age to Check In: 18
- Hotel Check-in Time: 4:00 pm
- Hotel Check-out Time: 11:00 am
All reservations must be accompanied by one night's deposit plus tax and guaranteed by a major credit card. The hotel will process a one-night room and tax deposit at the time of booking to the credit card provided when making a reservation.
-
You must cancel within 5 days prior to your arrival date to avoid a one-night room and tax penalty to your credit card on file.