Kuwait 4th Enterprise Risk Management Conference


27 - 29 March 2017 | Hilton Kuwait Resort

Conference Speakers


Rogier Rolink

Vice President - Head of Governance, Risk and Assurance at Shell

Panel Discussion

Read More

John J. Brown

Manager, AERS Advisory at Deloitte & Touche LLP

Cyber Security Risk Mitigation

Read More

Carolyn Williams

Director of Corporate Relations at Institute of Risk Management

Global Trends Local Risks

Read More

Kapil Kumra

Asst. General Manager & Head of Project Finance at Foreign Corporate Group, National Bank of Kuwait

Panel Discussion

Read More

Raghunandan (Raghu) S Menon

Chief Risk Officer and General Manager, Risk Management Department, Gulf Bank of Kuwait

Panel Discussion

Read More

Dr. Andrew Gillam

Risk & Stakeholder Manager Oil, Gas & Chemicals, Middle East, Amec Foster Wheeler

Effective EHS Risk Governance – What Auditors Look For

Read More

ATIF AL-JEMAILI AL-HARBI

International Relations Senior Advisor, The former Head of Kuwait Negotiating Delegation at UNFCCC

Oil companies and climate change: are they at risk?? NOC Perspective

Read More

Eduard Gracia

Principal A.T. Kearney Middle East LLC

Mapping the Unknown: Mitigating Disruptive Innovation Risk in the Oil & Gas Sector

Read More

Stephen Watson

Principal Arthur D. Little UK - Cambridge

Embracing complexity and uncertainty with value-based risk management

Read More

Graham Griffiths

Analyst, Middle East and North Africa, Control Risks

Risk Map

Read More

Gus Schellekens

Partner, Clean Energy & Sustainability Services, Ernst & Young

Climate Change

Read More

SAJI SAM

Partner, OLIVER WYMAN World Energy Trilemma

World Energy Trilemma

Read More

Andrey Zolotavin

Sr. Real Time Systems Enginee, KOC

Industrial cybersecurity as key for sustainable production

Read More

Abhishek Upadhayay

Senior Risk Consulting Manager, AXA Insurance (Gulf) B.S.C. (c)

Role of heuristics in Risk Management

Read More

Omar Al-Bastaki

Chief Internal Auditor Gulf Petrochemical Industries Co. (GPIC)

The Emerging Role of Internal Audit in Risk Governance

Read More

Waheed Alkahtani

IA Advisory Services Group, Saudi Aramco

Global Expectations for Addressing Fraud Risk & the Investigative Process

Read More

Amit Ray

Managing Director, Protiviti

Risk of Disruptive Technologies

Read More

Sourabh Sharma

Director at EY

Cyber Security and IT Risk and Assurance

Read More

Adnan Zakariya

Managing Director, Protiviti

Managing the biggest risk for better Governance

Read More

Ayman Al Issa

Chief Technologist, Industrial Cyber Security Middle East & North Africa Booz Allen Hamilton Inc.

The engineering art of injecting cyber security within the industrial critical infrastructures - Workshop

Read More

Asif Lakdawala

Principal Industry Consultant - Process, Sensor and IoT Global Practice, SAS

Managing Operational and Resources Risk leveraging IOT and Predictive Analytics

Read More

Mark Gilligan

Business Development at AuditComply

Organizational risk management made simple with AuditComply.

Download


Monday, March 27, 2017

Disruptive  Innovation


Carolyn Williams

Director of Corporate Relations  at Institute  of Risk Management

Global Trends Local Risks

Download


Eduard Gracia

Principal A.T. Kearney Middle  East LLC

Mapping the Unknown: Mitigating  Disruptive  Innovation Risk in the Oil  & Gas Sector

Download


Amit Ray

Managing Director, Protiviti

Risk of Disruptive Technologies

Download


GeoPloitics  & Climate Change


Graham  Griffiths

Analyst, Middle East and  North Africa,  Control Risks

Geopolitical risks for the  Middle East  region: Risk Map

Download


SAJI SAM

Partner, OLIVER WYMAN

World Energy Trilemma

Download


Gus Schellekens

Partner, Clean Energy & Sustainability  Services, Ernst & Young

Climate Change Poses Threat to  Oil, Gas  Industry

Download


Atif Al-Jemaili Al-Harbi

International Relations Senior Advisor,

The former Head of Kuwait Negotiating Delegation at UNFCCC

Oil companies and climate change: are they at risk??NOC Perspective

Download



Read More

Tuesday, March 28, 2017

General


Dr. Andrew Gillam

Risk & Stakeholder Manager  Oil, Gas &  Chemicals, Middle East,  

Amec Foster Wheeler

Effective EHS Risk Governance – What Auditors Look for

Download


Stephen Watson

Principal Arthur D. Little UK -  Cambridge

Embracing complexity and  uncertainty with  value-based risk management

Download


Abhishek Upadhayay

Senior Risk Consulting Manager, AXA Insurance (Gulf) B.S.C. (c)

Role of heuristics in Risk Management

Download


Cyber  Security


John J Brown

Manager, AERS Advisory at Deloitte & Touche LLP

Cyber Security Risk Mitigation

Download


Andrey Zolotavin

Sr. Real Time Systems Engineer,  KOC

Industrial cybersecurity as key  for  sustainable production

Download


Sourabh Sharma

Director at EY

Cyber Security and IT Risk and Assurance

Download


Risk  Based Audit


Waheed Alkahtani

IA Advisory Services Group,  Saudi Aramco

Global Expectations for Addressing Fraud Risk &  the Investigative  Process

Download


Omar Al-Bastaki

Chief Internal Auditor Gulf  Petrochemical  Industries Co. (GPIC)

The Emerging Role of Internal  Audit in Risk  Governance

Download


Adnan Zakariya

Managing Director,  Protiviti

Towards that Best Governance through a Collaborative approach to Risk

Download


Mark Gilligan

Business Development at AuditComply

Organizational risk management made simple with AuditComply.

Download


Read More

Wednesday, March 29, 2017

Post Conference Workshops

08:30 - 14:00

Workshop A: Approaching the Industrial Control System Security dilemma through setting up practical mechanisms for effective protection, threat detection and incident response  

Ayman Al Issa

    Chief Technologist, Industrial Cyber Security Middle East & North Africa Booz Allen Hamilton Inc.

08:30 - 10:30

Workshop B1: Organizational risk management made simple with AuditComply.

Mark Gilligan

    Business Development at AuditComply

11:00 - 12:00

Workshop B2: Managing Operational and Resources Risk leveraging IOT and Predictive Analytics.

Asif Lakdawala

    Principal Industry Consultant - Process, Sensor and IoT Global Practice, SAS Middle East

12:30 - 14:30

Workshop B3: Setting the Risk Agenda to 2025

Carolyn Williams

    Director of Corporate Relations, Institute of Risk Management

Read More

Conference overview


HOW WELL PLACED IS THE OIL SECTOR TO MANAGE THE RISK OF DISRUPTIVE TECHNOLOGIES?

Kuwait ERM conference in its fourth year is a must-attend for ERM professionals from Kuwait and the Gulf region from a variety of industries to share best practices, strategies and tools on empowering ERM efforts in order to inform the enterprise-wide decision-making process. The ERM conference will build a strong cross-disciplinary framework for senior management to create systematic value and competitive advantage through effective managing of risk and capital.

The wave of disruptive technologies such as electric vehicles, solar, and energy storage batteries will initiate a series of dramatic changes to oil & gas sector. This wave will bring new challenges for risk professionals as it is heading toward hitting the demand, the most vulnerable variable for determining the prices and hence, crashing the prices to the lowest levels in decades. Kuwait ERM Conference will be organized on 27 – 29 March 2017 under the patronage of Mr. Nizar Al Adsani, CEO of the Kuwait Petroleum Corporation KPC. The conference in its fourth edition will bring oil and gas professionals from Kuwait and GCC together to exchange fresh ideas, embrace innovative solutions, and learn about best-in-class risk management strategies designed to improve overall business performance.

This year›s conference will focus on five key topics:

Risk of Disruptive Technology:

Horizontal drilling and hydraulic fracturing: The disruptive technological advances in drilling and fracturing have reshaped the oil and gas supply-and-demand balance with worldwide implications.
Electric Vehicle: The widespread adoption of battery-powered vehicles is a serious threat to the oil industry. Whilst petrochemicals will likely still be required for manufacturing and heavy industry, 40% of the US’ annual oil consumption is from personal car use. As such, the widespread adoption of electric vehicles would dramatically reduce demand for conventional fuels and completely reshape the way the industry operates.

Cybersecurity: an emerging risk on the Board agenda

Most companies are increasingly using cyber technologies and are not aware of the cyber risks which result from the integration of such technologies into their existing infrastructures. This topic will focus on how organizations can prepare for future cybersecurity risk while taking appropriate action today.

The Emerging Role of Internal Audit in Risk Governance

Collaboration between the disciplines of internal audit and risk management, can lead to stronger risk practices in meeting stakeholder expectations. The two functions make a powerful team when they collaborate and leverage one another’s resources, skill sets and experiences to build risk capabilities within their organizations. This topic explores roles internal auditors can play to help enhance that value proposition of risk management.

Geopolitical risks for the Middle East region?

This session will focus on the impact of events that come as a surprise, statistically unlikely, rationalized only in hindsight and carrying an impact that could be off the known charts, such as the US election results.

Climate Change Poses Threat to Oil, Gas Industry

About three-fourths of global oil and gas firms say they believe that climate change could cause business downtime, system failures and safety risks, yet just 19 percent say they are taking action.

Post Conference Workshops


Workshop A: Approaching the Industrial Control System Security dilemma through setting up practical mechanisms for effective protection, threat detection and incident response

March 29, 2017| 08:30 - 14:00 Ayman AL-Issa, Chief Technologist – Industrial Cyber Security, Booz Allen Hamilton

Cyber war is no more a depiction of a science fiction movie, it is certainly a reality.  Ultimately, protecting the industrial control systems that are at the heart of the critical industrial infrastructures is no more an option.  More than six years have passed after Stuxnet, the Ukraine dark night was not a result of an electrical system incident, it was indeed a cyber-attack on an electricity control system.  Joel Brenner’s Book “America the Vulnerable” is not a story, it is a book that we must read to understand the digital threats facing our nations.  We have to accept the fact that the cyber threat story is not “and will not be” having a near end.  The protection of industrial control systems is at the agenda of world leaders and definitely it is a responsibility of industrial cyber security experts to turn out from a dream to a reality.  Regulations have been developed by so many nations to enforce the necessity of protecting the critical infrastructures.  The reality is that effective industrial cyber security is still very much far away from maturity.  We need to admit that there is a lot to do for achieving a robust industrial cyber security, we need to move beyond compliance to real security.  We need to improve the mechanisms to detecting threats within the industrial platforms.  It is important to realize that Security Operation Centers are as important as implementing other security controls.  Incident response and preserving continuity of operations within the industrial complexes is as vital as the water that we drink every day to stay alive.  

The speaker will focus on covering how to conduct proper risk assessments that enable organizations to design effective cyber security solutions and enables them to mitigate the risks.  Bringing the IT (Information Technology) and OT (Operational Technology) teams to understand each other and to work with each other is very vital to achieving protection.  The workshop will highlight how teams can work together and the discussion will also focus on the importance of understanding the combination of the industrial cyber security, automation, and understanding plant production models by both IT and OT teams in order to design the right cyber secure infrastructure and solutions.  The session will also demonstrate a demo of threat detection and how a well-defined incidence response plan reduces the potential of disruption of plant operations/production as a result of successful cyber-attack.

Why you should attend

  • Why do we need to protect IT and OT environments much more than ever? And what are the emerging threats on both environments?
  • Discuss the integration between IT and OT infrastructures, threat detection, incidence response
  • Develop ideas on how to move into cyber security by design for the new control systems.
  • Learn how to embed industrial cyber security during the engineering project lifecycle
  • understand how to build a security Operations Center that can serve both IT and OT infrastructures
  • What IT and OT teams need to know about automation project lifecycle?

 

Workshop main bullets

  • Understanding the emerging cyber threats in different critical infrastructure environments
  • Discuss the latest cyber-attacks, reports and incidents including the lessons that shall be learned
  • Executing proper risk assessments that materialize implementation of practical industrial cyber security solutions
  • Improving threat detection through implementing effective solutions at the industrial control networks
  • Developing an incident response and continuity of operation plans
  • Bringing the IT (Information Technology) and (Operational Technology) teams to work together by developing mutual understanding of the O&G critical infrastructure environment
  • Applying the 3Cs (Collaboration, Coordination and Commitment) for effective industrial cyber security program?
  • What IT/OT teams need to understand about plant operation when planning to secure the plants from cyber threats?
  • The integration between IT and OT environments and how to exchange information in a secure way;  Building robust cyber security infrastructure to support O&G operations
  • Implementing Industrial Cyber Security by Design for the new plant or new automation system upgrades
  • If you have no vision, you have no security.  Building an integrated (IT/OT) Security Operations Center?
  • What IT and OT teams need to know about the automation system/project life cycle; and briefly understanding the system’s testing requirements including FAT (Factory Acceptance Testing), iFAT (integrated FAT), and SAT (Site Acceptance Testing)


Read More

Workshop B1: Organizational risk management made simple with AuditComply.

March 29, 2017| 08:30 - 10:30

Mark Gilligan

Business Development at AuditComply


A discussion of the key issues faced by Risk Managers in the Oil and Gas industry. What is needed is clear, how best to deliver is not.

Followed by a live demonstration of the AuditComply assessment platform with audience participation.

The Issue:

With ever changing regulations the expectations on managers to assess and manage risk is relentless.

The Problem:

How can a company comply with internal quality requirements, third party certification, statutory regulations and manage their supply chain in an efficient and cost effective manner?

The Pain:

Many rely on inadequate tools - pen / paper, Excel / Word. Or have siloed IT systems which do not include the ability to track and manage risk issues or give any oversight across the organisation.

The Solution:

A flexible platform that allows real time assessments to be carried out across the organisations' departments and locations. Instant reporting with detailed analytics plus the ability to track and manage issues.

Interactive demonstration:

An overview of the AuditComply platform followed by an interactive session with audience participation. Volunteers will carry out an assessment, identify an issue and report it, live - the audience will be able to see the data set grow as the assessments are completed and then see what insights can be gained as it is analyzed in front of them.

Read More

Workshop B2: Managing Operational and Resources Risk leveraging IOT and Predictive Analytics.

March 29, 2017| 11:00 - 12:00

Asif Lakdawala
Principal Industry Consultant - Process, Sensor and IoT Global Practice, SAS Middle East 


WHATS IS HAPPENNING?

Each year, oil and gas companies lose 10 percent of their assets worldwide. Replenishing supply means buying other companies, increasing production or finding new fields. Given that it takes years to bring a new field online, companies must balance near- and long-term asset development.. In addition, companies must optimize production equipment to extract assets at an expected pace.

WHAT DOES IT MEAN FOR OIL & GAS COMPANIES?

This requires risk re-evaluations, improved risk controls and new risk management scenarios, all of which demand improved modeling capabilities. Data integration, risk assessment and quantification of uncertainty are key issues in petroleum exploration and development.

WHAT WILL WE FOCUS ON ?

While all risks are important and need careful attention we will highlight operational and resource risks in this session. We shall discuss them in terms of risk mitigation measures taking advantage of disruptive technologies like Internet of Things & digitization of operations.

Operational Risk: 

Operations are continuously seeing technology advancements with newer sensors & systems & processes. These require better connectivity, monitoring & control. The industrial internet of things (The digital oil field) is a disruptive technology providing the biggest opportunity for organizations to transform their infrastructure to greatly ease field operations. The massive data flow call for innovative solutions to manage and create value.

Resource Risk:

The level of production from a given field is an estimated value and may not materialise as originally estimated. This risk is specific to the geological factors involved in estimation and projection of the expected capacity of the new projects. The estimation techniques and forecasting future capacities of current wells & new projects need a robust and proven technology

WHAT WE WILL DEMONSTRATE 

There needs to be a fundamental shift in the approach to data driven strategies that allows for a more holistic view of operations and greater transparency regarding the impact of decisions across the value chain

Read More

Workshop B3: Setting the Risk Agenda to 2025

March 29, 2017| 12:30 - 14:30

Carolyn Williams
Director of Corporate Relations, Institute of Risk Management


This workshop is part of the global ‘Setting the Risk Agenda’ project currently being undertaking by the Institute of Risk Management. It will explore the current and future challenges facing risk professionals and ask how individuals and organisations need to change to be fit for the future.

All professions need to ensure that their competencies, tools and techniques are not just working today, but will continue to add value in the future. The risk management profession is faced with a rapidly changing world. This is true both externally, with fast moving trends in technology, the environment, geo-politics and finance affecting how organisations operate, and also internally as firms develop and apply new methods of assessing and mitigating risk as part of their strategies, tactics and operations. As the leading professional body in the risk management field, the Institute of Risk Management  is undertaking a major international research project to identify changes already underway and seek views as to what's going to happen over the ten year time horizon and how risk professionals should prepare themselves. We are gathering the views of risk professionals at workshop sessions around the world. This will be supplemented by interviews with key stakeholders in the risk management process (e.g. CEOs, regulators, NEDs) to identify what demands they see will be made of the profession in future, and also by survey research to test the emerging trends. The outputs will be a series of reports highlighting the key findings which will guide the development of future professionals. We are delighted to have the opportunity to hold one of these workshop sessions at the Kuwait Enterprise Risk Management Conference.


Read More

Contact


hilton kuwait resort