November 14, 2017 Grand HyattSeattle, Washington

The Pacific Northwest Enterprise Risk Forum (ERF) is a one day summit tailored to the needs of audit, finance, and risk professionals. This year’s event will have a strong focus on governance, risk, compliance and ethics with the overall goal of elevating the conversation and practice of GRCE principles within our organizations and communities.

Organizations understand that risk is not just managed through a single function, but is managed through a combina-tion of ideas and resources, by sharing information, and by taking a global view of issues. The forum is positioned to create a collaborative approach and is uniquely designed to provide thought provoking learning sessions, networking opportunities, and roundtable discussions. Attendees will gain insights and perspectives on how collaboration and infor-mation play in the organization, as well as practical recommendations for improving their organization’s governance, risk and compliance processes. Presenters will discuss leading edge techniques to identify risks and approaches used to successfully manage risk in today’s corporate environment. The goal is to ensure everyone leaves the Pacific Northwest Enterprise Risk Forum better prepared to address risk in their organization and everyday life.

THREE LOCAL ORGANIZATIONS ARE COLLABORATING TO HOST THIS POWERFUL EVENT:

7:00 AM BALLROOM FOYER

8:00 AM LEONESA

9:15 AM BALLROOM FOYER

9:30 AM PRINCESSA IIBALLROOM

REGISTRATION, NETWORKING & CONTINENTAL BREAKFAST

ERM - MAKING IT REAL

Mr. Connors will discuss the challenges and opportunities of Enterprise Risk Management from an investor and board member perspective.

NETWORKING BREAK

A PHYSICS PROBLEM FOR ENTERPRISE RISK MANAGEMENT William Barr – Chief Operating Office - SAIF Corporation Great news, our enterprise risk management programs have grown to be more sophisticated. Programs have become increasingly inclusive and forward looking while also gaining endorsement from executive leadership and Boards of Directors. Not so great news, as our ERM programs have attracted requisite attention so have our short-term, mid-term, and long-term strategic plans, our corpo-rate scorecards, our internal and external audit activities, customer road maps, and our succession planning efforts. Our meeting agendas are littered with any number of important ways of segmenting our risks and our opportunities. Key programs compete for space, spotlight, and budget. This session will look at the struggle to get 10 pounds of corporate opportunity into a 5-pound bag.

JOHN CONNORSMANAGING PARTNER

© 2017 Protiviti Inc. An EOE M/F/D/V. PRO-1017

protiviti.com

They ask Protiviti.Protiviti is a global consulting firm that helps companies solve problems in finance, technology, operations, governance, risk and internal audit.

To learn more go to protiviti.com or contact Managing Director, Joel Hammer at 206.262.2935 or seattle@protiviti.com.

How do more than 35 percent of Fortune Global 500� Companies solve their critical business and technology problems?

Internal Audit, Risk, Business & Technology Consulti ng

© 2

017

EYGM

Lim

ited.

All

Righ

ts R

eser

ved.

ED

0418

.

Is the most valuable perspective the one you don’t have?Navigate the Transformative Age with the better-connected consultants.

ey.com/consulting

9:30 AMELIZA ANDERSONAMPHITHEATER

9:30 AMPRINCESA IBALLROOM

S TAT U S Q U O R E M I N I S C ES .

Status Go™

R E - E N V I S I O N S.

Ready to see today’s challengesthrough the lens of tomorrow?

Welcome to Status Go.

gt.com/statusgo

“Grant Thornton” refers to Grant Thornton LLP, the U.S. member fi rm of Grant Thornton International Ltd (GTIL), and/or refers to the brand under which the independent network of GTIL member fi rms provide services to their clients,as the context requires. GTIL and each of its member fi rms are not a worldwide partnership and are not liable for one another’s acts or omissions. In the United States, visit grantthornton.com for details. © 2017 Grant Thornton LLP | All rights reserved | U.S. member fi rm of Grant Thornton International Ltd

COMPLIANCE AUTOMATION, COGNITIVE ANALYTICS, & EMERGING TECHNOLOGIESAlan Gibson – Assistant General Counsel - Microsoft, Ethan Rojhani – Managing Director, Business Risk Services - Grant Thornton, Townsend Wolfe – Director - Grant Thornton The 4th Industrial Revolution (4IR) is bringing new and exciting technologies, including Machine Learning, Artificial Intelligence, Robotic Process Automation, and the Internet of Things (IoT). This session will help demystify some of the technologies being de-veloped, and provide real world examples of how they are being applied to enable compliance and control automation. Benefits, risks, and leading practices will be shared. You will also see demos from Grant Thornton and Microsoft of how it can be done leveraging existing tools on the Microsoft platform.

THE EUROPEAN GENERAL DATA PROTECTION REGULATION (GDPR) – ADDRESSING THE RISK AND EMBRACING THE OPPORTUNITYDerek Care – Director, Legal Privacy and Legal GDPR Lead - Uber TechnologiesAileen Cronin – VP Business Integrity - F5 NetworksShirin Ebrahimi – Privacy Manager – EYKim Howell – Privacy Director - MicrosoftReese Solberg – West Coast Privacy Lead - EYAaron Weller – Senior Privacy Program Lead GDPRIn the race to compete in today’s digital world, organizations are increasingly using social, mobile, big data and ana-lytics, and the Internet of Things (IoT) to gather and leverage as much information as possible about their customers and employees. With the European Union’s General Data Protection Regulation, organizations will now have to take ownership of their information practices, be accountable for all associated privacy risks across the enterprise in the course of doing business, and be able to prove the veracity of their programs. Organizations that don’t will risk signif-icant reputational and financial damage. This session will address how forward leaning organizations are establishing efficient privacy controls, effective data and organizational governance, targeted use of technology and the monitoring of their implementation – moving beyond the fear of GDPR to drive efficiencies and new opportunities.

10:30 AM BALLROOM FOYER

10:45 AM ELIZA ANDERSONAMPHITHEATER

10:45 AM PRINCESSA IBALLROOM

NETWORKING BREAK & EXHIBIT HALLSponsored by KPMG

CYBERSECURITY EXAMINATION: PROVIDING ASSURANCE TO MANAGE CYBER RISK AND ENHANCE VISIBILITYGaurav (GK) Kumar – Principal - DeloitteRay Kyan – Head of IT Risk and Controls - New York Life Insurance CompanyJeff Schaeffer – Managing Director - DeloitteWith the proliferation of cybercrime and recently proposed legislation related to cyber risk reporting and disclosures, or-ganizations are under intense pressure from both internal and external stakeholders to respond to inquiries about the effectiveness of their cybersecurity risk management program. Furthermore, stakeholders are calling for greater visibility into an organization’s cybersecurity preparedness. On April 24, 2017, the AICPA released their cybersecurity risk management attestation reporting framework which is intended to expand cyber risk reporting to address the marketplace need for greater stakeholder transparency. This reporting framework establishes a standardized reporting mechanism to provide a broad range of users with useful information about an entity’s cybersecurity risk management program to support informed and strategic decision making. This session will focus on the current cyber landscape, the components of the AICPA’s reporting framework, and how organizations can prepare and ready management for a future independent third-party cybersecurity risk management examination engagement by undertaking a comprehensive readiness assessment.

MANAGING RISK IN A WORLD OF ELEPHANTS, ART, AND PROFESSIONAL FOOTBALLRoy van Duivenbode – Senior Director, Risk Management - Vulcan Inc.Hear from an experienced risk manager about managing risk across a broad portfolio including an NFL and NBA team, real estate development, aerospace, fine art, film production, a music festival, museums, and diverse philanthropic initiatives to make the world a better place. The conversation will include learnings from working with numerous clients, and introduce ideas of looking “beyond” risk management. What’s the value beyond the value? Are we counting what truly matters? What’s the purpose behind what we do? Is the language of risk adequate to capture what really counts?

How will you face the future of cyber risk?Lead.Navigate.Disrupt.Investments in security are at an all-time high. Yet, cyberattacks are still on the rise—both in number and sophistication. Technology innovation can vastly accelerate performance but also open new doors for cyber criminals. We can help you lead, navigate, and disrupt in a complex cyber landscape to emerge stronger and more secure than ever.

www.deloitte.com/us/cyberCopyright © 2017 Deloitte Development LLC. All rights reserved.

RSM US LLP is the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. Visit rsmus.com /aboutus for more information regarding RSM US LLP and RSM International.

RSM and our global network of risk advisory consultants specialize in working with dynamic, growing companies. This focus leads to custom insights designed to meet your specific challenges. Our experience, combined with yours, helps you move forward with confidence to reach even higher goals.

rsmus.com

Meet your challenges when they’re still opportunities.

10:45 AM PRINCESSA IIBALLROOM

11:45 AM LEONESA BALLROOM

12:15 PM LEONESA BALLROOM

MANAGING SECURITY RISKS AROUND THIRD PARTIESTorin Larsen – Director, Seattle, ProtivitiIgnacio Martinez – Vice President of Risk Management and Compliance - SmartsheetJeff Sanchez – Managing Director, Los Angeles, ProtivitiWhile companies have been increasing their investments in cybersecurity for many years now, the risks posed by vendors, business partners, and associates are not always front-of-mind. In this session we will discuss the key elements of an effective Vendor Risk Management program, the models that different companies are using, the Vendor Risk Management Maturity Model, and benchmarks that are available to help evaluate your existing programs.

NETWORKING LUNCHKale Apple Salad with Beeches Cheddar cheese, Hazelnuts, and Jalapeno Honey VinaigretteCajun Blackened Local Cod with Cheddar Grits, Roasted Summer Squash, Peach and Savoy Cabbage Slaw

ECONOMIC UPDATEJoe Brusuelas – Chief Economist - RSM US LLPAs 2017 comes to a close, we turn ahead to focus on what 2018 will bring for the Enterprise Risk Management commu-nity. RSM’s Chief Economist, Joe Brusuelas, will bring his 20 plus years' experience in finance and economics to provide a forward-looking commentary on the economic outlook for 2018, including:

• Policy outlook: normalization amidst low-rate structure and the potential effects of spending, tax reform, deregulation, and the risks therein;• A look at global economic relations, NAFTA modernization, trade friction, and the Korean crisis;• The future of the Trump White House and its impact on political risk across the United States and Europe;• US Employment outlook as well as a thorough analysis of economic trends in production and manufacturing;• An overall look at the current and expected financial conditions; and key risk areas for 2018

1:15 PM BALLROOM FOYER

1:30 PM LEONESA BALLROOM

2:30 PM BALLROOM FOYER

2:45 PM PRINCESSA IBALLROOM

NETWORKING BREAK & EXHIBIT HALL

FUTURE CLIMATE CHANGE RISK IN THE PACIFIC NORTHWEST: WHAT DO WE REALLY KNOW?

This talk will describe the science regarding human-caused global warming and the implications for changing risks of extreme weath-er over the Pacific Northwest. The tendency for hype and exaggeration on both sides of the issue will also be examined.

NETWORKING BREAK & EXHIBIT HALLSponsored by West Monroe Partners

BLOCKCHAIN: A PRIMER ON RISK AND INSURANCE IMPLICATIONSRobert Jacobs – Partner - Perkins Coie LLPEric Long – SVP and Founding Principal – ABD Insurance & Financial ServicesLaurie Rosini – Associate - Perkins Coie LLPNick Vainisi – Manager – The Claro GroupMost commonly known as the technology behind crypto-currencies, blockchain is emerging as a tool that will facilitate coordina-tion and achieve efficiencies across numerous industries. Blockchain is a digital ledger that allows parties to a business transac-tion to interact directly without the need for middlemen. Given that everyone can see the blockchain, one of its most distinctive features is transparency. It also is considered highly accurate and secure, given its encryption protocols, among other things. But, as an emerging technology, questions about the risks of blockchain remain. Most obvious are cybersecurity threats from

CLIFF MASSPROFESSOR OF ATMOSPHERIC

SCIENCES, UNIVERSITY OF

WASHINGTON & CLIMATE

CHANGE JOURNALIST FOR NPR

2:45 PM PRINCESSA IIBALLROOM

hackers, which could have profound consequences. Concerns have been raised about data privacy and regulatory uncertainty, among other things. This panel will provide a comprehensive overview the emerging benefits and risks of blockchain technology and how any company using or considering using blockchain technology can mitigate or control those risks through an appropriate insurance program.

CYBERSECURITY & THE BOARD: EVOLUTION OF THE BOARD’S ROLE ON CYBERSECURITYMike Corey – Partner – PwCDeb Huntting – Senior Director, Information Security - NordstromLiane Pelletier – Corporate Board Director – EXPD, ATNI and Chairman – NACD NW ChapterLisa Reshaur – Senior Director, Governance, Risk, Continuity and Compliance Program - Microsoft The assets of companies, large and small, are facing an increased risk of losing or compromising their IP, confidential personnel and customer information, and diminished market brand to name a few. If unprepared, the consequences of a breach could result in a loss of public and investor confidence, disruption to vital infrastructure, and legal and regulatory sanctions. It is no surprise, then, that the level of board engagement in this area is also increasing. Yet overseeing a compa-ny's IT initiatives, particularly the adequacy of cybersecurity, can be a challenging task for directors.During this presentation, we will dive into the primary questions a board member should be asking its leadership to under-stand the threat landscape and the risk mitigation measures being performed to protect the company’s interest. Some key questions addressed during this presentation, from a board member’s point of view, include:

• What is our cyber risk?• What are we doing about our cyber risk?• Are we doing enough?

This discussion will also cover when and how the Board gets involved and explore what worked and what didn’t in a candid dialogue with and amongst directors and executive management. The session will be moderated by Mike Corey, who leads PwC’s West Coast Cybersecurity and Privacy and is responsible for the firm’s US Internal Technology Audit Solutions practice. Panelists to be announced shortly.

Finding opportunity in every challenge

© 2017 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details. This content is for general information purposes only, and should not be used as a substitute for consultation with professional advisors.

In today’s business environment, it’s essential to navigate risk and regulatory complexity. Your governance, risk and compliance activities need to focus not only on value protection but become an enabler of business performance.

John Clements Partner, Risk Assurance john.clements@pwc.com

Sean Torcasi Partner, Risk Assurance sean.m.torcasi@pwc.com

www.pwc.com

381213-2018-Enterprise Risk Forum 2017 Ad.indd 1 9/28/2017 11:15:07 AM

2:45 PM ELIZA ANDERSONAMPHITHEATER

4:00 PM LEONESA BALLROOM

5:00 PM BALLROOM FOYER

SOLVING FOR THE CORPORATE RISK TRIFECTA: ENTERPRISE RISK FRAMEWORK, A RISK INTELLIGENT CULTURE, AND INTERNAL DYNAMICSDiane Camenisch – Sr. Officer, Assurance and Risk - Bill & Melinda Gates FoundationYvette Connor – Chief Risk Officer - Focal Point Data RiskAlan Kubitz – Global Risk & Insurance - eBayKelli Santia – Strategic Risk Management - General MotorsHow might Risk Governance, Enterprise Risk Management and Compliance frameworks work together to help achieve a “Risk Intelligent” culture, and what do organizations gain as a result? What does a risk intelligent culture within a complex global organi-zation, such as eBay, General Motors and the Gates Foundation look like? The panelists will share ideas and tactics on how their organizations drive their global businesses forward by creating a cohesive dialogue for Risk Governance, ERM, and Compliance and emboldening a global perspective that calls a risk intelligent culture into action.

TAKING THE RIGHT RISKS AT THE RIGHT TIME: ENTERPRISE RISK MANAGEMENT AT THE BILL & MELINDA GATES FOUNDATION

In service of impact and the belief that all lives have equal value, the Bill & Melinda Gates foundation seeks to take risks others can’t or won’t. Jim Bromley, Chief Financial Officer of the Bill & Melinda Gates foundation, will introduce you to how the foundation identifies, prioritizes and manages risk in context of its missions, history, structure and culture.

NETWORKING RECEPTION

© 2017 Robert Half International Inc. An Equal Opportunity Employer M/F/Disability/Veterans. 0917-9019

1.844.402.7785roberthalf.com/wa-seattle-tacoma

Your salary decisions are critical to hiring and retaining the best accounting and fi nance professionals. Stay competitive with our 2018 Salary Guide, which provides the industry’s most respected data on compensation.

Job seekers know what they’re worth. Make sure you do too, with the 2018 Salary Guide.

2018 SALARY

2018SALARYGUIDEfor Accounting and FinanceProfessionals

Brilliant professionals want salaries to match.

Download yours today at roberthalf.com/salary-center.

Key Center 601 108th Ave. N.E., Suite 1400 Bellevue, WA 98004

fmglobal.com

Proud to support the Pacific Northwest Enterprise Risk Forum

COMPLIANCE IS NOT THE OBJECTIVE. IT’S THE RESULT.We help you create cybersecurity strategies that address your business goals as well as your technical ones.

westmonroepartners.com

JIM BROMLEYCHIEF FINANCIAL OFFICER

NOTES

Perkins Coie LLP Attorney Advertising

Your Blockchain Risk CounselPerkinsCoie.com

THANK YOU TO OUR SPONSORS:

Focal Point Data Risk Yvette Connor 201 E. Kennedy Blvd., Suite 1750Tampa, FL 33602 (813) 402-1208 yconnor@focal-point.com focal-point.com

FM Global Mike Mueller 601 108th Ave NE, Suite 1400 Bellevue, WA 98004 (425) 455-5333 michael.mueller@fmglobal.com fmglobal.com

EY Scot Studebaker 999 Third Avenue, Suite 3500 Seattle, WA 98104 (206) 654- 6301 scot.studebaker@ey.com ey.com/advisory

Deloitte Tim Davis925 Fourth Avenue, Suite 3300Seattle, WA 98104(206) 716-7000timdavis@deloitte.comdeloitte.com/us/rfadvisory

BlackLine Adam Moore 21300 Victory Blvd Woodland Hills, CA 91367 (818) 657-1290 adam.moore@blackline.com blackline.com

Northwestern Mutual Dan Rosales 601 Union Street, Suite 2500 Seattle, WA 98101 (253) 680-7807 dan.rosales@nm.com danrosales.nm.com

MCM – Insurance | Benefits | Consulting Katrina Johnson 1325 4th Avenue, Suite 2100 Seattle, WA 98101 (206) 343-2323 info@mcmnw.com mcmnw.com

Marsh Inc Marilyn Boss 1301 Fifth Avenue Suite 1900 Seattle WA 98101 (206) 214-3000 marilyn.boss@marsh.com marsh.com

Parker, Smith & Feek Todd Miller 2233 112th Avenue NE Bellevue, WA 98004 (425) 709-3600 info@psfinc.com psfinc.com

Grant Thornton LLC Eric Van Valkenburg 2010 156th Ave. NE, Suite 300 Bellevue, WA 98007 (206) 398-2461 eric.vanvalkenburg@us.gt.com grantthornton.com

Healthcare Management Administrators David Lechner 220 120th Ave NE Seattle WA 98005 (503) 927-1406 - Phone David.Lechner@accesstpa.com accesshma.com

KPMG George Graves 1918 Eighth Avenue., Suite 2900 Seattle, WA 98101 (503) 820-6630 ggraves@kpmg.com kpmg.com

Perkins Coie LLP Dax Hansen 1201 Third Avenue Seattle, WA 98101 dhansen@perkinscoie.com perkinscoie.com

Propel Insurance Brad Scott 925 4th Ave, Suite 3200 Seattle, WA 98104 (206) 676-4208 brad.scott@propelinsurance.com propelinsurance.com

Protiviti Russ Collins 601 Union Street, Suite 4300 Seattle, WA 98101 russ.collins@protiviti.com protiviti.com

PwC LLP John Clements 1420 5th Ave #2800 Seattle, WA 98101 (206) 398-3312 john.clements@pwc.com pwc.com

NOTES

THANK YOU TO OUR SPONSORS:

Robert Half Josh Warborg 601 Union Street, Suite 4300 Seattle, WA 98101 (206) 749-0960 roberthalf.com/seattle-tacoma

RSM US LLP Corey Saunders One Union Square600 University Street, Suite 1100 Seattle, WA 98101 (206) 341-8052 corey.saunders@rsmus.com rsmus.com

Smartsheet Ignacio Martinez 10500 NE 8th St, Ste 1300 Bellevue, WA 98004 (844) 324-2360 ignacio.martinez@smartsheet.com smartsheet.com

USI Seth Shapiro601 Union Street, Suite 1000Seattle, WA 98101(206) 441-6300 seth.shapiro@usi.comusi.com

West Monroe Partners Jerin May 1501 4th Ave #2300 Seattle, WA 98101 (206) 905-0200 jmay@westmonroepartners.com westmonroepartners.com

GRAND HYATT ROOM LOCATIONSThank you to our Enterprise Risk Forum Board & Committees:

Board of Directors Co-Presidents:Eric Van Valkenburg, Grant Thornton LLP (NACD) Karen Gottschalk, PwC (IIA & NACD) Board Members:Anne Etter (IIA) Anthony Spacciante, Starbucks Coffee Company (RIMS) Carol Morgan, World Vision US (IIA)Cory Stewart, Washington Federal Bank (FEI) Cynthia Behnen-Gillison, PwC (IIA)Dean Granholm, AAA (FEI)John Plaisted, Marsh USA, Inc. Juliane Parsons, MicrosoftLarry Breitbarth, CFO Selections (FEI)Russell Paquette, Vulcan, Inc.Tom Taylor, Mutual of Enumclaw Insurance (IIA)Van Vong, Marsh USA, Inc. (RIMS) Committee Members:Alpa Parikh, Puget Sound Energy Amy Olsen-Veatch, Premera (IIA & RIMS) Brandon Ely, Seattle Met Credit UnionFritz King, Premera Blue CrossHoward Mannella, Alternative ResiliencyJohn Gevaert, Cascade Designs, Inc. Lindsay Cunningham, Willis Towers WatsonRobiel Isaac, Ernst & Young LLP (IIA)Seth Shapiro, Kibble & Prentice, Inc. / USI Strategic conference planning was provided by Jennifer Saliba, Rhino Consulting. For more information visit consultrhino.com.

NOTES

REGISTRATION

PRINCESSA I

PRINCESSA II

PIKE STREET

ELIZA ANDERSONAMPHITHEATER

RESTROOMS

FAVORITA

RETAIL

STARBUCKSCAFE

PREFUNCTION

RESTROOMS

LEONESABALLROOM