Format: Online
This Governance, Risk, and Compliance (GRC) event is a three-part webinar series designed to help internal auditors, audit leaders, risk professionals, and governance stakeholders respond to today’s most consequential challenges as risks escalate faster, regulatory expectations intensify, and boards demand clearer, more actionable insight into how governance, risk, and compliance function in practice.
Traditional GRC models, built for stable environments and cyclical reporting, are increasingly out of sync with the speed and complexity of modern risk. This program moves beyond foundational concepts to focus on:
• Where GRC breakdowns are occurring now
• Why governance structures struggle to keep pace with emerging risk
• How board and audit committee expectations are reshaping assurance and reporting
Each session delivers practical, experience-driven insight aligned with current issues such as AI governance, cyber resilience, third party risk, regulatory volatility, and board-level oversight. Participants will gain a clearer understanding of how internal audit and risk functions can elevate their role from assurance providers to strategic governance partners.
Each webinar in the series qualifies for 1 NASBA CPE credit, for a total of 3 CPEs, and is designed to provide timely, actionable guidance that participants can apply within their organizations.
Note: CPE credit will be awarded per webinar. For each webinar, please remain logged in for a minimum of 50 minutes and engage on at least three poll questions.
Event Structure & Timing
Time (in ET) Session
12:00–1:00 PM From Risk Reports to Decisions – Closing the Gap
1:00–1:15 PM Break
1:15–2:15 PM AI, Cyber, and Third Parties: The New Front Lines of GRC
2:15–2:30 PM Break
2:30–3:30 PM What the Board Expects Now: Reframing GRC Reporting, Assurance, and Insight
Webinar Program
Webinar 1 – From Risk Reports to Decisions – Closing the Gap
Most organizations have risk frameworks. Dashboards, registers, reports, you name it. But the thing is:
- None of it is linked to the company’s strategic objectives.
- Leaders cannot use it to decide where to invest, what to stop, or what to accelerate.
- The entire exercise hardly creates any impact on real-world decisions.
That is a commonality we see in the most traditional risk programs. They create lists, not value. They give activity, not clarity. They give false comfort without improving decision-making.
Risk management should be the bloodstream of decision-making, not a side-office function producing reports that nobody reads. This session looks at the gaps between doing risk management activities and actually managing risks. Because risk management is not all about having the process in place; it is about how decisions get made when it matters.
We will challenge some of the assumptions with which we have all grown comfortable. Is risk management helping us see clearly, or reinforcing blind spots? Are we moving at the speed of risk, or getting better at explaining it after the fact? Through real examples and case studies, we will explore how risk works in real life, across leadership, culture, and systems.
What We Will Explore
- Why risk processes often look strong, but fail under pressure
- How bias and blind spots creep into risk assessments
- The difference between proactive risk thinking and reactive firefighting
- How leadership influences risk outcomes (often more than frameworks do)
- Why some risk practices provide false sense of assurance
By the end of this webinar, attendees will be able to:
- Understand why traditional risk management approaches often fall short in building true resilience.
- Identify common biases and blind spots that undermine risk management and decision-making.
- Examine the limitations of conventional risk frameworks and determine how to evolve them to meet emerging challenges.
- Connect risk more directly to strategy and decision-making.
Webinar 2 – AI, Cyber, and Third Parties: The New Front Lines of GRC
As organizations adopt AI, cloud platforms, and third-party services, risk is no longer contained within organizational boundaries. AI, cyber, and third-party dependencies are now interconnected, yet most governance and risk frameworks were not designed for this level of interdependence. For internal audit, this creates a fundamental challenge: how to provide assurance over risks that span AI systems, cybersecurity exposures, and third- and fourth-party relationships, often without clear ownership or visibility. Failures are increasingly driven not by a single control breakdown, but by how risks aggregate across interconnected systems, providers, and decision-making processes. This session explores how the convergence of AI, cyber, and third-party risk is reshaping the GRC landscape. Participants will leave with approaches to identifying hidden dependencies, assessing concentration risk, and evolving audit practices beyond control-based testing toward evaluating outcome reliability, resilience, and accountability.
By the end of this webinar, attendees will be able to:
- Explain systemic risk convergence: how AI, cybersecurity, and third-party dependencies combine to create new GRC exposures
- Analyze ecosystem dependencies: Identify third- and fourth-party relationships and shared points of failure
- Assess interconnected risk impacts: How cyber incidents and vendor failures expose gaps in resilience and enterprise risk ownership
- Apply audit-focused practices: Incorporate ecosystem and outcome-based considerations into audit planning, testing, and reporting
- Strengthen audit insight: Link technology risks to business impact, resilience, and decision-making
Webinar 3 – What the Board Expects Now: Reframing GRC Reporting, Assurance, and Insight
In today’s fast-moving and increasingly complex risk environment, boards and audit committees are expecting more than traditional reporting and assurance approaches. They want sharper insight, clearer connections between risk, ethics, culture, and strategy, and more meaningful intelligence that supports timely oversight and decision-making. This session will explore how governance, risk, and compliance reporting must evolve to meet these rising expectations, with particular attention to reputational risk, organizational culture, ethical leadership, and the board’s growing demand for forward-looking, actionable insight.
By the end of this webinar, attendees will be able to:
- Identify how board and audit committee expectations of GRC reporting and assurance are evolving in response to today’s risk environment.
- Explain why governance, ethics, culture, and reputational risk must be more clearly integrated into reporting and oversight discussions.
- Recognize the importance of moving from static compliance reporting toward more strategic, forward-looking insight.
- Explore practical ways internal auditors, governance professionals, and risk leaders can better support board oversight and decision-making.
- Strengthen understanding of how GRC functions can help boards navigate complexity, uncertainty, and emerging risk with greater confidence.
DATE: Jun 11, 2026
TIME: 12:00 PM–3:30 PM ET
One (1) NASBA CPE will only be awarded to participants on the live broadcast who are logged in for a minimum of 50 minutes and engage on at least three poll questions per each hour of the event.
Keep scrolling to register.
By the end of this webinar, attendees will be able to:
Learning Objective(s):
- Assess how accelerating risk dynamics are exposing weaknesses in traditional governance, risk, and compliance (GRC) models.
- Explain how evolving board and audit committee expectations are reshaping the role of internal audit and risk functions, requiring more timely, integrated, and forward-looking insight.
- Apply practical governance and reporting approaches to elevate GRC and internal audit from periodic assurance activities to strategic partners in enterprise risk oversight and decision-making.
SPEAKERS
Marc Y. Tassé, MBA, FCPA, FCA, FCG, CD.G, CFF
Director, MBA Program, University of Ottawa
Marc Y. Tassé is a globally recognized authority on governance, ethics, and strategic leadership. A Fellow Chartered Professional Accountant (FCPA, FCA) and Fellow Chartered Governance Professional (FCG), he advises boards, regulators, and senior executives in Canada and internationally on integrity, risk, and fiduciary oversight. His work has included strategic collaboration with the International Monetary Fund, World Bank Group, and OECD, and he was twice selected to participate in the Annual Meetings of the Boards of Governors of the IMF and World Bank Group.
Mr. Tassé has held senior governance roles across the public sector, including Chair of the Governance, Ethics & Nominating Committee at Reporting and Assurance Standards Canada, member of the Governing Council of the Standards Council of Canada, and appointee to Ontario’s Education Sector Audit Committee. He has provided expert testimony before Canada’s House of Commons and Senate committees and served as a trusted advisor to federal departments on enhanced due diligence, procurement integrity, and anti corruption, holding both Secret and Top Secret security clearances.
An experienced independent director and trustee, Mr. Tassé has served on more than twenty private and not for profit boards and committees. He is a National Board member of the Chartered Governance Institute of Canada and helped advance boardroom practice through the creation of the TASSE Score, a forward looking diagnostic that enables boards to identify reputational risk early, strengthen decision making, and prevent foreseeable harm before crises emerge.
An award winning academic and practitioner, Professor Tassé teaches in the Executive MBA Program and Faculty of Law at the University of Ottawa, where he also serves as Director of the Telfer MBA Program and Senior Fellow for the Directors Education Certificate (CD.G). He is Associate Chair of the MBA Program at the Royal Military College of Canada, mentors emerging leaders through King’s Trust Canada, and is a frequent speaker at leading international forums. His contributions to ethics and public trust have been recognized with His Majesty King Charles III Coronation Medal and Her Majesty Queen Elizabeth II’s Platinum Jubilee Commemorative Pin.
Mary Carmichael, CPA, CFE, CISA, CISM, CRISC
Director, Risk Advisory, Momentum Technology
Mary Carmichael is a cybersecurity, risk, and governance leader with 15+ years of experience helping organizations strengthen controls, modernize risk management, and adopt emerging technologies responsibly. A CPA and CFE, she combines financial acumen with technology risk expertise, bringing a practical, audit-minded approach to cybersecurity, digital transformation, and AI assurance.
She is a Catalyst Fellow at Toronto Metropolitan University’s Rogers Cybersecure Catalyst, where her research focuses on AI governance, third-party AI risk, procurement controls, and public-sector transparency. Her work helps organizations build accountable, evidence-based processes for AI adoption. A frequent writer and speaker, Mary has presented at RSA Conference, ISACA North America, and IIA GRC. In 2025, she was named one of Security Magazine’s Women in Security for her industry leadership.
Imran Zia - MSc, CPA, FCA, FCCA, CIA, CISA, CFE, CRMA, CRMP
Director, Internal Audit, Abu Dhabi Ports Group
Imran Zia is a globally recognized thought leader, educator, and catalyst for change in internal audit, risk management, and corporate governance. With a career spanning decades across multinational corporations, Big Four firms, and national and international enterprises, he has played a pivotal role in shaping resilient organizations through strategic risk insights and governance transformations.
Currently serving as Director, Internal Audit at Abu Dhabi Ports Group, Imran brings a wealth of expertise from his leadership roles at Port of Vancouver, Government of British Columbia, and other global institutions. His contributions have earned him prestigious accolades, including the Internal Audit Beacon Award and the Internal Audit Excellence Award, underscoring his influence in advancing best practices in governance, risk, and control. He has been instrumental in elevating corporate governance frameworks across diverse industries, ensuring organizations are not just compliant, but resilient and future-ready.
Imran is not just a practitioner; he is a sought-after expert and global speaker, regularly engaging with professionals across continents. From Las Vegas to Singapore, Vancouver to Sydney, and London to Dubai, he has shared his insights at leading industry conferences, shaping the discourse on risk intelligence, internal audit innovation, and governance excellence. His influence extends into key professional bodies, where he actively contributes to the evolution of the profession. As a speaker, trainer, and mentor, Imran doesn’t just share knowledge: he challenges perspectives, ignites conversations, and equips professionals with the tools to drive real change.