A lot of excellent information was presented. Great resource material to follow up on. - Associate Vice-President, Financial Services
University of Saskatchewan

Operational Risk Management West

April 30 - May 1, 2019 · Vancouver, BC
2019 Conference Program: Day One - Tuesday April 30, 2019
8:00 - 9:00        Registration and Continental Breakfast
9:00 - 9:10
Welcome and Opening Remarks from the Chair
Andrew Richardson, Principal, Simplified Risk Management Inc.
9:10 - 10:00
Tips of the Trade
Katherine Macpherson, Senior Manager & Operational Risk National Leader, Financial Services Advisory, Ernst & Young LLP
  • Evolution of ORM from quantitative to qualitative
  • Maximizing ORM stakeholder value
  • Practical advice, lessons learned, and strategic insights
  • Risk and opportunities associated with emerging trends
10:00 - 10:15        Networking Break
10:15 - 11:15
Cybersecurity Emerging Trends
Manish Khera, Associate Partner, Forensic and Integrity Services, Ernst & Young LLP
  • Evolution of cyber security risks
  • Common investigation pitfalls
  • Lessons learned: traditional attacks
  • Lessons learned: sophisticated attacks
  • Digital forensic and cyber incident response considerations
11:15 - 12:00
Establishing a Robust Governance Framework
Saad Ali, Director, Governance, Controls and Operational Risk, CIBC

  • Critical elements of a Governance Framework
  • Regulatory requirements for Corporate Governance (including OSFI and SOX)
  • How business changes impact the risk assessments
  • Reviewing industry events for risk incidents and assessing impact on the business
  • Creating a Risk Profile for each Line of Business to Identify areas requiring enhancements
12:00 - 1:00        Luncheon Break
1:00 - 2:00
Managing Cyber Risk within the Non-Financial Risk Framework
Clement King, Chief Control Officer, HSBC Canada
  • How does the ORMF align with managing Cyber Risk?
  • What are the roles & responsibilities of the 1st and 2nd line of defence?
  • How to provide transparency to the Accountable Senior Executives, including Board?
  • What are the challenges and opportunities?
2:00 - 3:00
Regulation of Emerging Technologies and Non-Financial Risks
Mehrdad Rastan, Executive Director, Regulation Financial Institutions Commission, Ministry of Finance
  • Mutually reinforcing emerging technologies
  • Data privacy and security, and open banking
  • Regulatory concerns
  • Quality of risk management vs resiliency
“Good” Data, “Good” Risk Management
Dan Oprescu, Managing Director, BC Financial Institutions Commission (FICOM)
  • Perspectives on “good” risk management
  • How much data would be needed for good risk management?
  • What does “good” data look like?
  • The operational cost and risk to “good” data
3:00 - 3:15        Networking Break
3:15 - 4:00
Setting the Right Expectations for Cyber and Operational Resilience
Andrew Richardson, Principal, Simplified Risk Management Inc.
Katherine Macpherson, Senior Manager & Operational Risk National Leader, Financial Services Advisory, Ernst & Young LLP
  • Overcome cyber attack vulnerability that are designed to destroy IT systems
  • Understand how a cyber resilience strategy can help your business combat troublesome cyber incidents
  • Learn how to protect critical data and recover from breach in a controlled, measurable way
  • Detect data corruption and configuration anomalies
  • Step-by-step guide to respond to a breach and recover your IT as quickly as possible
4:00 - 4:45
RIsk Based Approach to Supply Chain Information Security Assessments
Michael Leung, Principal & Management Consultant, Canadian Cybersecurity Inc.
  • Assessing the supply chain for cybersecurity risks, including the suppliers’ external parties
  • Overview of different cyber/information security frameworks commonly used
  • Understand the challenges and pitfalls with assessing and in the use of questionnaires
  • Leverage the use of Enterprise Risk Management concepts, criteria and categories of risk
  • Learn about industry certifications, independent reports, shared assessments, and emerging trends
4:45        End of Day One



Platinum Sponsor



Operational and compliance risks have become complex and entwined, increasing the potential for failed processes that govern control breakdowns. A holistic governance approach, that brings the entire risk portfolio of an organization together, is now followed by today’s OpRisk leaders.

You need to mitigate risks with an eye on the big picture. Cybersecurity ranks as the #1 priority for financial institutions today, affecting all functions within your organization. Many risk leaders without technical skills are overwhelmed by the scale of the potential threat.

Infonex's Operational Risk event, now in its 14th year, will provide you with strategies to focus your efforts on mitigating risk in the current regulatory environment. Learn how you can improve conduct, culture, and customer experience; not in isolation, but combined to truly seize a competitive advantage.

As a leader with risk oversight you are in a constant need to strengthen your systems against dynamic, ever-changing risks. Get guidance on your most pressing operational risk challenges.

Telephone: 1.800.474.4829  |   360 Bay Street, Suite 900, Toronto, ON  M5H 2V6   |   Fax: 1.800.558.6520  |  Contact Us
© 2000-2018 INFONEX Inc.