Day One: Tuesday, February 1, 2022

11:45 EST

60 min
Karen M. Zarrouki

Communicating Risk in the Public Sector

Karen M. Zarrouki, Manager, Audit Operations, Office of the Comptroller General, Manager, Treasury Board of Canada Secretariat

What do we need to consider when communicating risk in the public sector?  In this presentation, we’ll talk about risk communication from various aspects, such as the language we use, the sender-receiver model of communication, the context in which we discuss risk, and, of course, the public sector environment.  We’ll draw on some previous presentations to highlight successful communication techniques and settings, and finally, we’ll propose some indicators of good risk communication.

12:45 EST

45 min


13:30 EST

60 min
Marc Bélanger

The Great Resignation

Marc Bélanger, Senior Manager, Practice Management Unit, Audit and Evaluation, Office of Audit and Evaluation, Agriculture and Agri-Food Canada, Government of Canada

We have all heard about “The Great Resignation” and its possible implications on the economy.  But what is it? What risks does it hold for you and your organization?  This session will examine its impacts and implications, but also provide helpful tools and discussion to assist you both now and in the future.

14:30 EST

60 min
Anna Maria Campbell Jeff Milne

Striving for ERM Excellence Using a Risk Maturity Lens - Presentation and Workshop

Anna Maria Campbell, ERM Manager, Ministry of Finance, Government of British Columbia

Jeff Milne, ERM Manager, Ministry of Finance, Government of British Columbia

The Government of British Columbia’s ERM Program has been in place since 2002 and includes formal risk reporting from over 20 provincial ministries who oversee an additional 100+ public sector organizations (PSOs) including crown corporations, public school districts, postsecondary institutions and health care agencies.

Establishing a risk maturity baseline and identifying areas of strength and improvement assist in driving risk management practices within the BC Government and PSOs. From working with clients to develop risk management frameworks, program level risk assessments, to cross government initiatives, integrating the risk conversation into senior decision making is key to an effective risk management program.

In this session, Anna Maria and Jeff will:

  • Introduce the risk maturity model used by the Government of British Columbia
  • Explore the model’s five pillars of risk management excellence
  • Outline strategies to encourage “optimized” risk management performance
  • Demonstrate how this model aligns with the ISO 31000 standard
  • Facilitate discussion and breakout activities

Day Two: Wednesday, February 2, 2022

10:30 EST

60 min
Melanie Rousseau

Business Continuity: It’s about Risk (not Emergency) Management!

Melanie Rousseau, Chief Risk Officer & Director, Risk & Business Continuity Management, Alberta Environment & Parks

Traditionally business continuity has been strongly linked to disaster and emergency management.  While there is a case to be made that they have similar origins and shared goals, continuing to view Business Continuity within the emergency management framework tends to lead to an overemphasis on emergency response.  By creating a stronger link to enterprise risk management and re-organizing business continuity within the corporate services envelope, the emphasis shifts towards mitigation and planning, which ultimately can create stronger organizational resilience and the achievement of the organization’s mandate.

  • Discuss and contemplate the distinction (i.e. differences and similarities) between Business Continuity Management and Disaster Management and why this distinction is important
  • Discuss Business Continuity Management as a corporate function and how to integrate risk management practices
  • Explore a case study on applying a risk management lens to business continuity
  • Consider possible changes to one’s own business continuity program by strengthening the application of risk management

11:30 EST

45 min
Amanda Elliot Julie Bastarache Rodrigo Rosales-List Tricia Goulbourne
Panel Discussion

From Seed to Apple Pie: Growing the Risk Management Advantage

Moderator: Amanda Elliot, Senior Risk Analyst, Office of the Chief Audit, Evaluation and Risk Executive, Public Service and Procurement Canada

Julie Bastarache, Director General, Evaluation and Integrated Risk Management, Public Services and Procurement Canada

Rodrigo Rosales-List, Director, Results, Risks and Resources, Indigenous Services Canada

Tricia Goulbourne, Senior Director, Enterprise RIsk Management, Internal Audit and Enterprise Risk Management Branch, Employment and Social Development Canada

Panel discussion on maturing the organisation along the risk management maturity model and how this could be a game change for an organization. Session will include a panel of public sector leaders who will share their perspectives and experiences, whilst discussing both challenges and opportunities.

12:15 EST

45 min


13:00 EST

60 min
Bill Danielsen

The Critical Need for Predictive Insider Threat Prevention Programs

Bill Danielsen, Doctoral Candidate, Royal Roads University

  • What exactly is an insider threat and why does it matter to you?
    • Definition of an insider threat
    • Role of dark triad personality traits
    • Role of social bonds and life-course theory
  • Is your business providing protection against Insider Threats?
    • Insider threats in the government of Canada
    • Impact of Insider threats in business
  • Current reactive approach to insider threat programs
  • Defining the critical need for preventative insider threat programs
  • How will this be done?
    • What are the ethics
  • What it might look like

15:00 EST

60 min
Kayode Alawonde

Risk Management in Cybersecurity

Kayode Alawonde, Cybersecurity Lead, City of Saskatoon

  • What is Risk Management
  • Definition of terms : Risks, threats, vulnerabilities
  • Risk Management in Cybersecurity (relates to CIA triad – confidentiality, Integrity & Availability)
  • Approaches to treating Risks related to cybersecurity – Basis . Consideration for costs and likelihood
  • A look at the NIST Risk Management Framework as a basis to addressing cybersecurity risks