1 - 2 May, 2018 | QT Hotel Canberra, Canberra, ACT

Conference Day One: Tuesday, 1st May 2018

8:30 am - 9:00 am Conference Registration and Welcome Coffee

9:00 am - 9:10 am Opening Remarks by IQPC and the Conference Chair

Pierre Skorich - Director Governance and Risk, Australian Transaction Reports and Analysis Centre

Pierre Skorich

Director Governance and Risk
Australian Transaction Reports and Analysis Centre

9:10 am - 9:50 am CASE STUDY: How icare is Encouraging Risk Transparency within Senior Management to Boost Risk Culture

Gavin Pearce - Chief Risk Officer, icare, New South Wales
Risk Transparency within the board level is only possible when there is an effective risk reporting process. One of the common challenges amongst organisations is that Risk Management does not receive the level of priority it deserves, thus obscuring risk transparency. By engaging in open conversations with senior executives the opportunity to enable transparency can occur. In this session, Gavin will examine:

  • How to simplify focus and objectives by reframing the approaches to risk thus engaging senior executives
  • How to implement effective risk reporting process to encourage transparency within the organisation
  • How to encourage a positive change within senior management to enhance agility and anticipation for future risks

Gavin Pearce

Chief Risk Officer
icare, New South Wales

9:50 am - 10:30 am Risk Management will be Fundamentally and Inevitably Different in Only 5 Years’ Time, So What do we Need to be Doing Now?

With a focus on a rapidly modernising Government, digital disruption, exponentially changing customer and stakeholder expectations, and an increasing VUCA (volatile, uncertain, complex, and ambiguous) operating environment, Justin will present and predict trends impacting the way Risk Leadership and Risk Management will need to accelerate and rapidly evolve in order to become and remain a pivotal contributor to organisational strategy and performance.

Join this session to hear strategies on how you can:
  • Understanding: Global Digitisation and VUCA contributing to faster onset of risk impacts
  • The inevitable automation and digitisation of risk management activities via robotics and AI for more accurate analysis, more comprehensive coverage, and near-instant risk responses.
  • Exponentially modernising organisational risk culture 
  • Human augmentation via better risk information; for better decisions
  • What is possible now, and what we need to be doing now.
  • Risk objectives being a primary contributor to better strategies; better execution on strategies; better decisions; better organisational performance

10:30 am - 11:00 am Speed Networking Session

An effective structured interactive session designed to help expand your network through one-to-one focused conversations. Bring your business cards!


11:30 am - 12:30 pm Interactive Discussion Groups (IDGs)

This is your chance to make your conference experience truly interactive and collaborative. Each IDG is set in a roundtable format and will be facilitated by an expert practitioner in the space. In two rotations, each IDG will last for 40 minutes, allowing you to pick the two top mind topics you wish to discuss and solve.

Topic One

11:30 am - 12:30 pm Equipping organisations to respond to future risk by enhancing capability and knowledge
Amyn Nathwani - Manager, Risk, NSW Department of Finance, Service and Innovation
  • Identifying what constitutes as a future risk and how it can affect you
  • How to establish a culture where risk awareness is consistent and constant
  • How to implement innovative strategies to anticipate future risks internally and externally
  • Understanding the different approaches for how organisations might seek to equip themselves to deal with future risks


Amyn Nathwani

Manager, Risk
NSW Department of Finance, Service and Innovation

Topic Two

11:30 am - 12:30 pm Embedding a Proactive Risk Culture by embracing innovative strategies to risk management
  • How to establish a culture of risk awareness and reinforce a common risk language amongst all levels of management
  • How to enable consistent risk analysis to evaluate and monitor risks internally and externally to constantly remain aware
  • How to embed simple strategies to achieve the best possible outcome that drive value and growth

Thought Leadership Session

Topic Three

11:30 am - 12:30 pm Becoming Cyber Resilient to Optimise Operational Efficiency
Stuart Mort - Director Cyber Security, Optus
  • How to improve and evolutionalise your traditional methods of cyber resilience to meet the emerging standards
  • Understanding the methodology for building cyber resiliency
  • How to implement innovative strategies to become aware of cyber risks internally and externally


Stuart Mort

Director Cyber Security

12:30 pm - 1:30 pm NETWORKING LUNCH

1:30 pm - 2:10 pm CASE STUDY: Implementing Strategies with Department of Justice and Regulation to Develop Effective Risk Appetite Statements

Kirsten Lacey - Assistant Director, Risk and Resilience Risk Audit and Integrity Directorate, Department of Justice and Regulation Victoria
The Department of Justice and Regulation Victoria has recently had its Executive approve a detailed risk appetite statement. Across the Public Sector departments, approximately 50% have recently approved their risk appetite statements and the other 50% are considering the benefits of pursuing this level of maturity. Risk Appetite Statements should be clearly communicated in order for the organisation to pursue risk management objectives. In this session Kirsten will discuss:

  • How Risk Appetite Statements can help organisations to enhance risk culture and governance
  • How to develop Risk Appetite Statements to drive better decision-making processes
  • Understanding the Victorian Public Sector’s approach to Risk Appetite policy development.

Kirsten Lacey

Assistant Director, Risk and Resilience Risk Audit and Integrity Directorate
Department of Justice and Regulation Victoria

2:10 pm - 2:50 pm Embedding Strategies to Measure Cyber Risk at Fire & Rescue NSW to Build Cyber Resilience

Asaf Ahmad - Chief Information Security Officer, Fire & Rescue NSW
Cyber attacks will continuously be seen as a challenge for Government entities. The Australian Cyber Security Centre responded to more than 1400 cyber attacks on Government departments in the last financial year. With a 15% rise from the previous year in ‘cyber incidents’ in the last financial year there has never been a better time to consider approaches to mitigate such risks. Cyber security at Fire & Rescue NSW is unique in the sense that staff may be required to access technology services from a remote location due to the mobility of their work. In this session, Asaf will discuss:

  • How to review your internal controls and digital profiles to identify internal vulnerabilities and external threats
  • How to incorporate quantitative data into your risk management to improve decision-making processes
  • How to build a proactive cyber risk plan that can drive regular monitoring

Asaf Ahmad

Chief Information Security Officer
Fire & Rescue NSW


3:20 pm - 4:00 pm CASE STUDY: Using the Right Risk Management Tools to Drive Effective Risk Maturity with the Department of Education and Training, Victoria

Michael Kral - Chief Risk Officer, Department of Education and Training Victoria
The Department of Education and Training have recently undertaken assessments of risk maturity and tailored tools to advance risk management across the department. Committed to proactive risk management, the Department of Education and Training employs effective tools to create a systematic and integrated approach to manage threats and opportunities (risks) to improve decisions and outcomes across the department. In this session Michael will explore:

  • Understanding the Risk Maturity Landscape within Government Departments
  • Realising smarter and efficient ways to integrate risk management frameworks within the organisation to better assess your risk maturity
  • How to access and implement the right risk management tools that are tailored for your organisations to achieve effective and efficient results

Michael Kral

Chief Risk Officer
Department of Education and Training Victoria

4:00 pm - 4:40 pm CASE STUDY: Engaging in a Risk Conversation at Western Sydney University to build a Proactive Risk Culture

Aman Chand - Director Audit and Risk, Western Sydney University
Organisations focus on to improve risk management activities by raising staff awareness and integrating responses to risk in their day-to-day business. To avoid a long journey to achieve a solid risk culture, simplifying risk language is the first step. This allows everyone to share a common understanding of the concepts and challenges of Enterprise Risk Management within the organisation and as such shifts the negative risk management mindset to a positive one.
At Western Sydney University 65% of the Audit and Risk team’s efforts are dedicated to Risk Management activities and strategic risks of the organisation. In this session Aman will discuss:

  • How to encourage the openness of risk talk to develop a risk culture that understands your organisations appetite and tolerance
  • Understanding the challenges faced when having conversations about Risk and strategies to overcome them
  • How to shift the negative mindset about risk to a positive one giving the opportunity to support growth and drive innovation
  • Simplifying risk language thereby engaging the board and executive members to make relevant valuable decisions

Aman Chand

Director Audit and Risk
Western Sydney University

4:40 pm - 5:20 pm CASE STUDY: Risk Ownership at Property NSW: Insights into Managing Shared Risk to Boost Capability

Kim DiLeva - Director Governance, Risk and Compliance, Property NSW, Department of Finance, Services and Innovation
`Risk Ownership is the responsibility of the whole organisation. The proportion of Government entities that have not proactively identified inter-entity shared risks increased from 6% in 2016 to 13% in 2017. This has been a focus for Property NSW, where the organisation is developing a robust risk culture to ultimately drive risk maturity. With the effective implementation of Risk Ownership organisations can develop a robust risk culture ultimately driving risk maturity. In this session Kim will look into:

  • Encouraging a proactive risk culture within the organisation to effectively manage Risk
  • Establishing a monitoring system to ensure the processes of Risk is operating efficiently
  • How to implement Risk Ownership and Shared Risk within the organisation to achieve the level of priority it deserves

Kim DiLeva

Director Governance, Risk and Compliance
Property NSW, Department of Finance, Services and Innovation

5:20 pm - 5:20 pm End of Day One and Networking Drinks