Please register to watch video.
Register HereMichael Rasmussen, the GRC Analyst and Pundit, GRC 20/20 Research LLC., delivered his keynote on ‘Risk is Our Business: Charting your Course in Modern Risk Management’ at the fourth annual G[P]RC Summit 2026 in Riyadh.
In this keynote presentation, Michael Rasmussen reframes the role of risk in modern organizations, emphasizing that risk is not an enemy to eliminate but a fundamental part of achieving objectives. Set against the backdrop of global instability and large-scale transformation initiatives like Saudi Arabia’s Vision 2030, he highlights the urgent need for organizations to move beyond backward-looking, compliance-driven approaches to risk management.
He advocates for a shift toward objective-centric and decision-driven GPRC (Governance, Performance, Risk, and Compliance), where risk management becomes a real-time, forward-looking capability embedded in strategy and execution. He underscores the importance of navigating uncertainty through orchestration, 360-degree visibility, and integrated systems that connect governance, performance, risk, compliance, and resilience.
Highlights from the keynote –
| 00:00 | Introduction |
| 04:31 | Risk management is too often looking in the rearview mirror |
| 06:34 | OCEG’s definition of GRC |
| 14:12 | The baseline is instability |
| 16:33 | GRC is risk management that performs |
| 18:07 | The goal is to reliably achieve objectives |
| 20:09 | Navigating uncertainty to objectives |
| 23:31 | Risk management orchestration |
| 25:14 | Three levels of risk and resilience management |
| 26:52 | Risk management technology that provides 360° visibility |
| 27:58 | AI is reshaping risk management |
| 28:46 | The role of the Digital Twin in risk management |
| 28:59 | Risk management value: It’s more than just ROI |
| 29:23 | Conclusion |