Mastering the Challenge: Making Access Governance a Part of IT GRC and IT GRC a part of Enterprise GRC

  • TYPE: Roundtable DATE: Thursday, May 16, 2013 TIME: 14:00-16:00 LOCATION: WALCHENSEE

Many organizations are facing sort of a “GRC sprawl”. There are many disparate initiatives for GRC (Governance, Risk Management, Compliance) at various levels of the organization and in different divisions. On the other hand, it is all about enforcing governance, meeting regulatory compliance requirements, and managing and mitigating risks. Access Governance, for instance, is about Access Risk. The only reason to do Access Governance is that Access Risks might result in operational risks, reputational risks, and even strategic risks. Failure in managing access risks even might drive an organization out of business.

Thus, moving forward towards a more integrated view on GRC and cooperation and integration between the various levels and elements of GRC – such as Operational Risk Management, Business GRC, Continuous Controls Monitoring, IT GRC, Security Event Monitoring, or Access Governance – is a mandatory step. This is not about having only one team and solution in place, but it is about defining the interfaces between the various elements of GRC, both from an organizational and technical perspective. One approach on GRC, one approach on managing risk, etc.: Alignment is key to success in real Enterprise GRC.

The panelists will talk about their view on the need for such integration, the approaches to make progress on this, and their overall experience in mastering the challenge of moving forward from GRC sprawl to an enterprise-wide GRC concept.


Heinz-Dieter Schmelling is Chief Security Officer at Portigon AG (legal successor of WestLB), a finanical service provider in particular with regard to the management of banking portfolios. His area of accountability as a CSO encompasses all functional arrays of corporate security globally...

Academic Studies of economics at Helmut Schmidt University of the Federal Armed Forces in Hamburg (Dipl.-Volkswirt) and of business management at distance university Hagen (Dipl.-Kaufmann). Officer of carrer at the Federal Armed Forces of Germany, in the last position as S6-Officer responsible...



European Identity & Cloud Conference 2013

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
  • May 14 - 17, 2013 Munich/Germany