full screen background image
The largest and the most awaited GRC Summit in the Middle East is here!     

Integrated GRC for Business Value

The MetricStream GRC Summit | Middle East 2013 will be taking place in Dubai on the 29th and 30th of October 2013. This invite only, free to attend event will witness the largest gathering of thought leaders, analysts, partners and customers from across the Middle East & Africa and the rest of the world sharing real world perspectives, industry trends, and actionable insights on building and managing successful, well-governed, compliant, and risk-aware organizations, today and into the future.

From GRC Summit 2013 - Las Vegas Attendees

  • MetricStream put on a great user conference. For a first time conference I was amazed at how well run and thought out the agenda, delivery, and management of the event was. It centered on customers. Customers were speaking, presenting, and on panels everywhere you turned. It also centered on partners - from many from the Big 4 down into software partners. It was very well done.

  • The Summit was very well planned, organized, and executed. The speaker and panel participants talked not just theory but provided practical examples of benefits and challenges of using GRC technologies to improve their risk management and compliance programs.

  • Overall Excellent Summit!! Very valuable and extremely useful to our GRC journey! I look forward to next year's event.

  • Well organized with many leaders in the industry present.

  • Very well done, especially for the first event of this size for Metric Stream.

  • Colin Powell was amazing. I would attend another summit.

  • One of the best events I have ever attended. Great venue, excellent content, great network opportunities.

Michael Rasmussen

JD, GRCP, OCEG Fellow,
and Chief GRC Pundit, GRC 20/20 Research

Mr. Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of corporate compliance, business ethics, policy management, and corporate culture. With 18+ years of experience in this space, Mr. Rasmussen helps organizations improve GRC processes and choose technologies that are effective, efficient, and agile. He is a sough-after keynote speaker, author and advisor, and is noted as the "father of GRC" – being the first to define and model the GRC market in 2002 while at Forrester.

Michael has contributed to many U.S. Congressional reports and committees, & currently serves on the Leadership Council of OCEG, and chairs the OCEG Technology Council. Before Corporate Integrity, Michal was the Vice President & 'Top Analyst' at Forrester Research, Inc. Before Forrester, he led the Risk and Compliance Consulting Practice at a Professional Services firm, and has specific experience managing compliance & risk within organizations.

Shellye Archambeau


Ms. Archambeau is the CEO of MetricStream, a Silicon Valley-based, Governance, Risk, Compliance (GRC) and Quality Management software company that helps companies around the world improve their business performance. Under Ms. Archambeau's leadership, MetricStream has grown into a recognized global market leader with over 1000 employees around the world. The company has been recognized for growth and innovation, and has been consistently named a leader in GRC by leading independent analyst firms.

Ms. Archambeau has proven global business expertise combined with public policy passion. As a member of the board of directors for the Silicon Valley Leadership Group, a nationally recognized organization focused on fostering a cooperative effort between business and government officials to address major public policy issues affecting Silicon Valley, Ms. Archambeau has led initiatives and Washington, DC delegations to address regulatory compliance and improve governance. She served on the Board of Directors, and the Audit and Technology committees for media research company, Arbitron, Inc. [NYSE: ARB] from 2005 until acquired by Nielsen in 2013. She currently serves on the board of directors of Verizon Communications Inc. [NYSE, NASDAQ: VZ], a global leader in delivering broadband and other wireless and wireline communications services.

Ms. Archambeau is a sought after speaker who has presented on GRC issues around the world to Fortune 500 corporations, members of Congress, and associations including IIA, ISACA, and NASDAQ. Ms. Archambeau is frequently quoted in top-tier media including the Wall Street Journal, New York Times, Compliance Week, Silicon Valley Business Journal, and currently pens a column on leadership and entrepreneurship for Xconomy. In April 2013, Ms. Archambeau was named the “#2 Most Influential African American in Technology” by Business Insider.

Ahmed Qurram Baig

Head of information security and compliance
Dubai World Trade Center

Ahmed Baig is Head of information security and compliance at Dubai World Trade Center (U.A.E Government Entity) and prominent speaker and cyber security expert in the MENA region;

Ahmed previously was a CISO at an Abu Dhabi Government Entity and Head - Business Management and Advisory Services at TECOM (A Member of Dubai Holding). He brings to his current role more than 14 years of experience in Risk Management & Compliance, and Information Security Advisory Services; He has previously worked on projects for Major Airlines, Banks, Defense and Federal Agencies across the Middle East.

He is the Chief Architect for CGMS (Corporate Governance Management System) and ITGMS (IT Governance Management System) frameworks covering Risk Management, IT Governance, Information Security, and Business Continuity in service providers and government entities. He has been a key member of eSecurity domain within Interstandards (Web Security Standard) developed regionally and also been part of OISSG.

Ahmed's key assignments as principal consultant for various ISMS projects to help clients comply with required standards and regulations mainly ADSIC, ISO 27001, ISO 20000, ITIL, ISF and CobIT. Experience also includes auditing of security solutions, architecture & Policy Compliance. Ahmed Baig has a Master's in IT (UK) and PgD in Strategic Business IT (UK) and has several professional certifications to his credit some of which are CRISC, CBCP, CISM, CISA, CISSP, ITIL, ISO 27001 / 20000, BS 25999 and others. More info available @ Linkedin Profile: http://ae.linkedin.com/in/qurram

Piyush Pant

Vice President of Strategic Markets

Mr. Pant is the Vice President of Strategic Markets at MetricStream based in London. He joined the organization last year as part of a focus to bring the benefits of the MetricStream platform to customers in the European Region. He is also a part of MetricStream labs where he helps shape the next generation of innovation for MetricStream clients.

Mr. Pant has a rich background as a Technologist, Management consultant and Strategist. Before MetricStream, Mr. Pant was a Chief Strategist for Services at Hewlett Packard for Europe, Middle East and Africa. He led and shaped a number of high value relationships with key customers combining technology, research and innovation to create tangible business benefits particularly in business analytics and social intelligence areas.

Before HP, Mr. Pant has an extensive background and more than 20 years' experience in working with blue chip global corporate organizations like Citigroup, KPMG, Cognizant and the Serco Group in a variety of technology leadership roles.

Subharun Mukherjee

Sr Manager - Product Marketing

Mr. Mukherjee leads the marketing efforts for the banking and financial services vertical offerings within MetricStream. Mr. Mukherjee has over 8 years of experience primarily in strategic consulting, sales and marketing. He was associated with the strategy and risk consulting practice for one of the big 4 consulting firms and have been engaged with multiple Fortune 500 organizations in the BFS industry in this capacity. Over the years he have also held management positions driving sales and marketing efforts for enterprise software and services companies like SAP and Wipro. Mr. Mukherjee holds a Master's in Business Administration majoring in Finance and Marketing from the Indian School of Business in Hyderabad.

Mohammed Shihadeh

Chief Audit Executive
Capital Guidance

Mohammed Shihadeh –is the Chief Audit Executive with Capital Guidance. He has over 19 years of experience in external audit, internal audit, and investment companies. Throughout his career, he led substantial engagements as an auditor, worked on major mergers and acquisitions, established internal audit departments and Risk Management functions for large companies, created time saving programs, and managed due diligence assignments, for different companies.

Since Mr. Shihadeh joined Capital Guidance, he has been managing the internal audit and risk management processes of all CG’s core businesses in different industries (Mortgage, investment, distribution, Chemical, and real state) in United States, Africa, and Asia. Prior to Capital Guidance, he has worked for multinational companies including Rashid Al-Rashed, Zurich, Deutsche Bank, State Street Bank, and Deloitte & Touche. While at Deloitte & Touche, he managed the following engagements: JP Morgan, Fidelity Investment, Boston Globe, Fannie Mae, Muni Mae and helped in different tax seasons. Mr. Shihadeh is a CPA, CRMA, with a Bachelor of Accounting and Administration.

Rafael Cavestany

Managing Partner

Rafael has more than 15 years of experience in risk management and analytical consulting in financial institutions and large corporations in USA, LatAm, Europe and South Africa. Project experience expands in capital adequacy evaluation process, operational risk management and quantification, risk based pricing, leasing residual value modelling, credit risk management and economic capital. Also, he has defined RAROC frameworks including its integration into marketing decisions. Partculartly, Rafael has recently focused on implementing operational risk capital models and helping the institutions to obtain their regulatory approval in Africa, USA, Europe, and LatAm.

David Paris

Global Solutions Partner - Risk, Compliance and Data, BFSI,

David Paris has 30 years of broad exposure across banking and securities sectors in Europe, Asia and the U.S. in management and advisory roles for risk, operations and technology design and transformation.

He oversees risk, compliance and data management solution development & distribution globally for HCL. He spent 11 years in commercial banking credit risk, project finance and trade finance sectors with Wells Fargo Bank, First Interstate Bank of California and First City-Texas. In 1991, he established a regional financial services and direct investment advisory business in Hong Kong, acquired by Ernst & Young in 1995, where he became head of their East Asian financial services consulting practice. In 1999, he moved to London as global credit and market risk director for Instinet. In 2002, he joined Deutsche Bank as Global Head of Information Management Services. He moved to IBM in 2007 as an Associate Partner, Risk Solutions in their Global Business Services unit, subsequently transferring into IBM's Information Management Software division to establish their Information Agenda pre-sales consulting capability for financial services in Northeast

Illyas Kooliyankal

Head/Manager – Information Security (CISO),
ADS Holding/ADS Securities, Abu Dhabi, UAE

Mr. Kooliyankal is an exuberant Information Security professional with more than 17 years of experience in the Information Technology and Cyber Security arena. In the role of Information Security Head/Chief Information Security Officer (CISO), he drives the Information security and business continuity programs at ADS Holding/ADS Securities, one of the most prestigious organizations in the region. Before joining ADS Holding, he was serving Abu Dhabi Securities Exchange (ADX) for 5 years and Emirates Telecommunication Corporation (ETISALAT) for more than 10 years in Information Security, Business Continuity, IT Infrastructure, and network domains.

Mr. Kooliyankal is one of the champions of Cyber Security with in depth knowledge on technology and business domains. He professionally grown up with deep level technical experience, which helped in driving and managing organization wide information security program aligned with business strategy. Being one of the best and foremost experts in the region with demonstrable ISO 27001/27002 (International Standard for Cyber/Information Security) experience, he successfully implemented the framework in live and complicated environments. His practical expertise includes Cyber Security, Information Security, IT Management, Business Continuity, ITIL (IT Infrastructure Library) Framework and COBIT (IT Governance).

He was the Co Chair and Speaker at the Chief Information Security Officer Summit 2011 in USA. Considering his passion and inventive approaches, EC Council, USA nominated Mr. Illyas to the Board of Directors of their Global Chief Information Security Program, in order to develop and drive skill sets and knowledge requirements for the Chief Information Security Officers across the world. Recently he has been elected as one of the few from UAE, to become the Member of Business Continuity Institute (MBCI) based on his expertise and experience in the field.

He is a reputed speaker who was a major contributor in various international conferences across the world, including GITEX Dubai, CIO Event UK, Secure Asia Malaysia, CISO Summit USA, Internet Show ME, CIO SHOW Singapore etc. Mr. Kooliyankal won many awards for his excellent professional career, which includes the prestigious Crystal Award from Emirates Airlines-ISACA, KERA Outstanding Achiever and World Excellency Award in Information Security. He won outstanding employee award from Etisalat & ADX on multiple occasions.

Jamal Saleh

Head of Risk Management
Commercial Bank of Dubai

Jamal Saleh is an Arab-American banker with 25 years of banking experience (10 in New York and 15 in the UAE). Before moving to Risk Management 13 years ago, he held various senior positions in Credit, Corporate Banking, Private Banking, and Asset Management.

Jamal is presently heading the Risk Management Group at Commercial Bank of Dubai (UAE) and is responsible for Corporate & Consumer Credit Risk, Market and Operational Risk, IT Risk & GRC, and Basel 2 & 3.

Jamal graduated valedictorian (summa cum laude) from the United States, and is the holder of 5 professional certifications in risk management, finance, and financial engineering.

Jamal is the Regional Director for PRMIA-UAE Chapter, and is a frequent speaker at local, regional and international risk management forums (including Ri$kMinds-Geneva). He is also a regular TV and newspapers guest on issues pertaining to banking, risk management, Basel, local/regional Islamic and conventional banking, and GCC markets.

Feroz Noorani

Chief Risk Officer
Warba Bank, Kuwait

Feroz Noorani has a Banking and Financial Services career spanning over three decades in the GCC/Middle East and India, having worked in several senior positions within Commercial & Investment Banking including Shariah-compliant Banking; culminating in core competency as a subject-matter-expert in Enterprise-wide Risk Management, Governance and Compliance.

Feroz is currently the Chief Risk Officer / Group Head of Risk Management at Warba Bank, a green-field Shariah-compliant financial institution set up by the State of Kuwait under its Sovereign Wealth Fund, the Kuwait Investment Authority (KIA). In the immediate past he was the Group Chief Risk Officer / Group Head of Risk Management & Compliance at Al Hilal Bank, another start-up Islamic Bank set up by the Emirate of Abu Dhabi by its Sovereign Wealth Fund, the Abu Dhabi Investment Council (ADIC). As CRO at both the institutions, Feroz was tasked to set-up an industry best-practice-led robust Risk Management, Governance & Compliance Framework and to imbed the same in Business strategy, management and decision-making.

Previously, Feroz as Head of Group Risk & Capital Strategy and Basel Program Director at Samba Financial Group, Saudi Arabia, was responsible for leading change in Risk Management Framework with the mandate to accomplish Basel II compliance under Internal Ratings Based (IRB) Approach demonstrating use-test. Samba is the only IRB-certified financial institution in the MENA region, achieved under the Basel Program management by Feroz.

Feroz Noorani possesses academic and professional excellence with Masters in Business & Finance; Degrees in Law and Accounting; and professional training in Risk Management from INSEAD and other Banking & Corporate Governance accreditations.

Horst Simon

Director of Operational Risk
Horwath MAK
DIFC, Dubai, UAE

Horst is currently the Director of Operational Risk at Horwath MAK; a member firm of Crowe Horwath International. He is based in the Dubai International Financial Centre (DIFC)

He worked with a number of renowned Global firms in Professional Services, Training and Business Process Outsourcing. He has been in the banking and consulting industries for over 32 years and he developed and launched an on-line assessment tool that accurately measures the level of maturity of an organisation's risk culture. Supported by the UK-based consultancy, Genius Methods, the Risk Culture Maturity Monitor is set to revolutionise the monitoring of risk management implementation processes in all industries and even improve Central Bank Supervision activities.

Horst held previous senior positions with Mashreq Bank, Emirates NBD, Barclays Bank plc and with the Standard Bank Group of South-Africa Ltd. He lived in four countries and worked in more than twenty. His special interest is in the field of People Risk and he has delivered presentations at international conferences on the Mitigation of People Risk and other risk management topics. He has also facilitated Operational Risk Management and Executive Risk Think Tank training workshops for banks and banking Supervisors in Africa, Pakistan and the Middle-East.

Horst actively supports the capacity building program of the Macroeconomic and Financial Management Institute of Eastern and Southern Africa (MEFMI) and he is the Co-Regional Director of the Global Association of Risk Professionals (GARP), Dubai, UAE Chapter and a member of the Professional Risk Managers' International Association (PRMIA).

Nita Mehta

Senior Manager, Operational Risk
United Arab Bank (UAB)

Nita Mehta has vast experience of over 19 years in Financial Services Sector. Nita has worked across a number of investment banking businesses including merchant banking, share broking, mutual funds, fee and funds based businesses where she had held a range of senior roles in compliance, company secretary, risks, audit and governance. She is in Dubai for last 8 years.

Nita is Senior Manager, Operational Risk for United Arab Bank (UAB), fastest growing bank in UAE, covering Corporate, Retail, Treasury businesses; Operations and all infrastructure functions , namely, Technology, Finance, Human Resources, Compliance, Legal, Credit, Corporate Affairs and Change Management. Nita has joined UAB in April 2012. Before taking her current role, Nita was with Barclays since 2008 based in UAE as VP - Operational Risk & Controls. Previously, she worked in Standard Chartered Bank and was based in UAE as the Regional Head of Operational Risk, managing operational risk for Treasury and Corporate Business of MENA region for over 3 years. Immediately prior to that she had spent almost five years as the Head of Risk and Compliance to one of India’s country’s leading mutual funds of Standard Chartered. Prior to this Nita spent six years at India’s biggest corporate house managing compliance function for their investment banking business.

Faisal Hameed

Chief Audit Executive,
United Arab Bank,
MA (Cantab), FCA, CFSI, QAR, IFQ

Faisal has over 20 years of global internal and external audit leadership exposure, working closely with Executive and Board teams to deliver sustainable advantage by driving corporate governance enhancements.

Faisal qualified as a Chartered Accountant with Ernst and Young, London and worked in external audit for 8 years, before moving into Financial Services internal audit roles with Deutsche Bank and then ABN AMRO Bank in London.

For 6 years he was responsible for leading the audit strategy and delivery for ABN AMRO wholesale financial markets and corporate banking units across a global footprint of around 50 countries, which gave him rich exposure to multiple regulatory and cultural settings.

In 2006 he was selected from 1000 auditors at ABN AMRO to relocate to Dubai to take up the challenge of resolving a major regulatory issue, which was impacting the bank at group level. Having achieved that objective, Faisal decided to stay in the region and he has now been based in Dubai for the last 7 years and has held Chief Audit Executive positions for ABN AMRO/ RBS, Dubai Islamic Bank, and now United Arab Bank. These roles have provided wide exposure to the GCC and South Asia regions.

In his current role he enjoys the immense Internal Audit challenge of supporting the fastest growing bank in the Middle East.

Faisal is a Fellow of the Institute of Chartered Accountants, England and Wales, a Chartered Fellow of the Securities and Investments Institute, an IIA Certified Quality Assurance Reviewer, and a MA Graduate of the University of Cambridge, UK and holds the Islamic Finance Qualification.

Kiran Kumar PG

Lead – Information Security & GRC
Zener IT solutions and Systems

Kiran is Lead – Information Security & GRC professional at Zener IT Solutions and Systems, one of the most prestigious organizations in the region. He worked on information security implementation, Risk Management, Audit, Compliance and Consulting in an intellectually stimulating environment that demands technical, analytical and management skills.

He perceived certifications like CISA, CEH, CCSA, CCNA, ITILF, DBSec, and ISO 27001 LA. Before Joining Zener, he worked with Aditya Birla Group, HP, MphasiS. He is a member of ISACA Bangalore Chapter, Bangalore Cyber Security Committee, Data Security Council of India (DSCI), International Journal of Network Security and Application (IJNSA). His research paper is published in International journal of Network Security & Applications (IJNSA) – “RPC DCOM INTERFACE ATTACK AND DEFENSE SCHEME IN LOCAL AREA NETWORKS” He had participated and has taken part as a speaker in many seminars and conferences.

Kiran played a crucial role as HP compliance officer in SAS70, PCI, SOX, ISO 27001 audits for many of the customers. He has designed implemented, evaluated reasonable Security controls and procedures to mitigate prioritized threats. In Aditya Birla Group (global conglomerate) he led Risk Based IT Audits across multiple companies such as Telecom, Retail, IT/ITeS, Finance and Manufacturing sectors. He successfully participated in the implementation of telecom device controls as per DOT/3GPP/ITU-T standards. He created framework for auditing telecom/network configuration review in telecom sector. In Zener, he Support the delivery of security offerings related to information security including security governance (security policies and procedures), security strategy (security planning), risk management, Security frameworks and compliance (ADSIC/ ISO 27001/ PCI) requirements.

Dr. Abdulaziz Al-Terki

Head of Operational Risk
Risk Management Group
Burgan Bank – Kuwait

Dr. Abdulaziz Al-Terki, is a General Manager at Burgan Bank in Kuwait, currently heading the Operational Risk Department (OPRD). He holds multiple Academic degrees (PHD, Master, Bachelor) in the field of Business Administration, Management, Information studies beside several professional certifications in the field of Risk Management, Audit, Governance, Information Security, IT, Financial Analysis, Project and Quality Management. He thrived as a faculty member at the American University in Kuwait (AUK) and at The Public Authority for Applied Education & Training (PAAET)

Throughout his professional career he created and implemented a stable and manageable framework for ORM in order to minimize losses resulting from inadequate or failed internal processes, people and systems or from external events. He always promoted ORM as an integral part of the overall enterprise risk profile (Business Operations, IT, Projects ...etc.) since it has an impact on the whole organization. Therefore; having a vigorous ORM framework in place extracted from the ERM, will ensure a strong link between organizational strategic goals and its operational activities and decisions made within the upper management

Manmohan Singh

Senior GRC Consultant
HCL Technologies

Manmohan has over 13 years of experience in Information security, IT Security & Governance Risk & Compliance environment. He has worked on progressive & diversified projects in the area of Regulatory Compliance, BCP/DR, Operational Risk Management, IT Risk Management, Application Development Controls, GRC Tool Implementation and carries rich experience in IT Audits, documenting Policy, Procedure & Process flows, Narratives, Control Testing, GRC Framework, Process Maturity, etc. He has performed multiple consulting engagements around the regulatory compliance requirements of SOX, FFIEC, GLBA, ISO 27001, ISMS, CoBIT, HIPAA, FFIEC, EU Privacy Directives & MAS Guidelines.

He has attained Industry certifications of ISO27001 LA, CISA, CGEIT, CISM, ITIL V3 Foundation, COBIT Foundation, Six Sigma Green Belt & CCNA.

Dr. Lutz Baumgarten

Partner and the Chairman
True North Partners

Dr. Lutz Baumgarten is a Partner and the Chairman of True North Partners

He has more than 15 years of experience in consulting in the financial services industry, two of which he acquired as a Partner at KPMG’s global risk management practice and two further years as Managing Director at KDB. Previously, he was with Oliver Wyman in London and Frankfurt for nine years

He has worked with senior management of leading financial institutions and regulators around the world, including the UK, Germany, Austria, Benelux, Spain, Portugal, South Africa, Turkey, the Gulf region, Singapore, Korea, the US and Mexico

His project experience focuses around themes in finance, risk and strategy:

  - Topics at the interface of finance, risk and strategy such as planning and budgeting, capital and risk profile management, group-wide economic value management

  - Risk modelling, risk management infrastructure, processes and organisational design

  - Regulatory compliance, especially Basel II/III and its business applications

  - Broad range of work with different businesses such as optimising credit processes, tactical decision-taking in credit businesses or business strategy design

He holds an M.Eng in Engineering Science and an M.Phil and D.Phil in Economics, all from Oxford University

Sherif Fakhry Younes

Chief of internal Audit & Risk Management
Telecom Regulatory Authority (TRA) - U.A.E Gov.

Mr. Fakhry comes with +28 years of work experience in Audit including Corporate Governance, Risk management and Compliance. Currently he is Director of Internal Audit and Risk management at Telecommunications Regulatory Authority .He has set audit function in many government, semi- government and private organizations in U.A.E & Egypt. Hs is also a member of CTA higher committee to transit Dubai Government accounts from Cash basis to Accrual basis. He is also a member of executive committee for Oracle Financials implementation - Gov. Resources Planning (GRP).He also trains and l lecturer on Final Account preparation and budgeting process at Dubai Gov. Dept and on Audit, Financial Control and financial crimes at Dubai State Security. He is a certified Accounting expert in front of Dubai Courts and Dubai Public Prosecution

Featured Summit Speakers




GRC Convergence - Integrating Assurance Functions to Improve Business Performance
A Case Study on Enterprise Risk Management Program in the Middle East
Aligning IT, Security and Risk Management Programs

Designing a Future Ready GRC Program
Corporate Governance Challenges and Best Practices for the Middle East
Implementing Programs that Comply with Regulatory Requirements

Business Risk Modeling Methods and Practices
Implementing Business Continuity and Disaster Recovery Management Programs

GRC 3.0 by Michael Rasmussen
GRC Fundamentals - Connected Roles of Audit, Risk and Compliance
- Michael Rasmussen
GRC Fundamentals - Connected Roles of Audit, Risk and Compliance
- Vinay Bapna
From Audit to Risk: A Business Case Study
- Mohammed Shihadeh
From Audit to Risk: A Business Case Study
- Vinay Bapna
The Role of Operational Risk in an Enterprise Risk Management Framework

Best Practices in Adopting HSE Programs
Unlocking the Potential of Integrated GRC – IT Security and Business Risks in a Digital World

Operational Risk Modeling for Regulatory Compliance

The Future of
Pervasive GRC
Relive The Experience GRC Summit 2013