AI agents don't just respond — they decide, act, and execute. Autonomously. And most organisations have no idea what their agents are doing, on whose behalf, or whether they could explain a single decision within 24 hours.
This session delivers a practitioner-grade framework for Governance, Risk, and Compliance in agentic AI environments. Attendees will learn how to inventory deployed agents, implement least-privilege architectures, enforce policy-as-code, and build the observability infrastructure that regulators, auditors, and courts increasingly demand.
With real-world case studies — Air Canada, Samsung, Microsoft Copilot — this is a candid briefing for CISOs and CIOs who govern AI at scale.

Agentic AI is operational in your enterprise. The question is whether it is controlled. This session examines the three pillars — Governance, Risk, and Compliance — through the lens of autonomous AI systems that browse, transact, and execute without step-by-step human approval. Delegates leave with a concrete 90-day roadmap, a GRC maturity model, and eight implementable improvement levers mapped to the EU AI Act, GDPR, SOC 2, and sector-specific frameworks. If you cannot reconstruct and defend a specific AI decision within 24 hours, this session is for you. Practical, evidence-based, and built for security and technology leadership.