Agenda & Registration

Continuous GRC Summit 2026

THEME

From estimated risk to computed intelligence. How boards and CISOs are changing the governance conversation.

Boards and regulators now expect real-time accountability and structurally assured data quality. Point-in-time compliance is no longer sufficient. The question is not whether to make the shift — it is how.


This summit explores four transitions that define the next generation of governance:

  • From point-in-time compliance to continuous, real-time compliance automation
  • From static dashboards to live board-level risk assurance
  • From manual audit preparation to decisions based on 99%+ data quality and full traceability
  • From monitoring and reporting to quantified financial risk computation (FAIR) and active decision-making


Who should attend? 

This is a strategic event for CISOs, CROs and board members responsible for risk, compliance and governance. If your organization runs complex digital infrastructure — Splunk, modern security platforms, cloud — this conversation is for you.


This is not a public event. Attendance is by invitation only.


Hosted by Methodino

Thursday, June 25, 2026
Nyenrode Business University

Nyenrode Koetshuis · Straatweg 25 · 3621 BG Breukelen


CLIENT EVENT · INVITATION ONLY

Register your interest — we will send you the confirmation and programme details directly.

Executive Summary

Enterprise compliance has reached a crisis point. Organizations face mounting obligations from NIS2, DORA, GDPR, ISO 27001, and the EU AI Act — while relying on fragmented tools, manual processes, and siloed reporting. The result: audit preparation consuming six weeks or more, compliance costs eating 13% of budgets, and blind spots that invite regulatory fines in the tens of millions.

The Continuous GRC Summit at Nyenrode Koetshuis brings together CISOs, CROs, risk leaders, and compliance professionals to explore how organizations can move from fragmented monitoring and periodic compliance toward continuous control of digital risk. The program addresses data quality and SOC maturity as foundational enablers, alongside risk quantification and real-world case studies.


The event focuses on four fundamental questions:

  • Why and how do we move from static compliance to continuous control?
  • Why and how do we translate technical signals into meaningful governance and risk insights?
  • How do data quality and SOC maturity enable or block this transition?
  • How does Continuous GRC improve decision-making at the executive level?


Proven at scale:

  • Audit preparation: from 6 weeks → 2 days
  • Compliance costs reduced by up to 80%
  • €1.6M+ measurable ROI in enterprise deployments
  • 99%+ data quality accuracy enabling reliable automation
  • Audit trail readiness on demand


The future of compliance isn't more tools. It's continuous compliance.

Event knowledge partners

EVENT PROGRAM

Registration, coffee/tea and networking 

9:00 - 9:30

meer
Welcome 
Erik Witte, CEO Methodino

9:30 - 9:45

The influence of ​GRC on board level decision making
A Research and knowledge overview

09:45

Continuous GRC @ Justice department: Continuous GRC in practice & the essence of data quality

​A practical approach to Continous GRC

Peter Rooimans – Head of Infrastructure, Platforms, and Workplace Services at the Judicial ICT Organization

10:15

Continuous GRC Starts with Truth: The Critical Role of Data Quality & Governance

Compliance & Data Governance - Financial Industry Example

​Francien Begass - Accenture - Lead Risk Netherlands - Principal Director

11:45

Lunch

12:30

From AI Noise to Risk Intelligence: Why Your Cyber Risk Reports May Be Failing You [FAIR]

How to Implement Cyber Risk Quantification models in practice
Laura Cristiana Voicu - FAIR Institute

13:15 - 14:00

The Integrated IT Controls Framework & client case

Understanding the need to have, the core of it, real client insights, and tooling for adoption enablement. 

Cynthia Yuen - EY

14:10 - 15:00

NIS2 & Continuous GRC 
​[PRE] - Audit Insights & learnings 

'How to Pre audit' - Questions & insights on real time data by Auditors

15:00 - 15:45

IAM & The Continuous GRC Businesscase

The influence of IAM in combination with continuous compliance on the total cost of compliance.

​Erik Olaf Brinkers & gert Martijn Kwak - IND

15:45

“AI as Threat Multiplier: How Continuous Cyber Compliance Risk Calculation Transforms Cyber Risk Management”
Column with drinks& networking


16:30

A unique program for boards, CISOs and risk leaders navigating the shift from periodic compliance to continuous governance.

Would you like your organization to move from fragmented, point-in-time compliance to continuous, data-driven risk and governance? This program shows you how — with practical sessions on NIS2, DORA, ISO 27001, the AI Act, and GDPR.


Key takeaways:

  • Continuous GRC starts with data quality — without it, governance cannot be trusted
  • SOC maturity determines true visibility into your risk posture
  • Meaning, not alerts, enables governance
  • IAM provides the foundation for provable, auditable control
  • Risk quantification translates technical exposure into financial impact
  • Value emerges when data, SOC, IAM and GRC are connected

Invitation only — attendance is by personal invitation.


Book your place →

From compliance to computed risk insight

Continuous GRC Summit – Towards Quantifiable Digital Risk Governance

The digital transformation of organizations has fundamentally changed the nature of risk. Cyber threats, AI-driven technologies and an expanding regulatory landscape — NIS2, DORA, NIST and the EU AI Act — require a new approach to governance, risk and compliance.


Traditional GRC frameworks rely on periodic assessments and qualitative evaluations. In a digital ecosystem where risks evolve continuously, organizations need a data-driven, quantitative approach to risk governance.


The Continuous GRC Summit 2026 brings together executives, academics and practitioners to explore how organizations can:

  • Quantify cyber risk and translate it into financial impact
  • Convert compliance requirements into continuously measurable controls
  • Use security and operational data for real-time risk monitoring
  • Support board-level decision-making through risk analytics


The summit aims to accelerate the transition from compliance management to continuous digital risk governance.


We look forward to welcoming you — by invitation only.


Drs. Ing. R.P. Hoogland, CRO — Methodino

Cyber risk quantification & Management
  • Quantify cyber risk and translate it into financial impact; 
  • convert compliance requirements into continuously measurable controls; 
  • use security and operational data for real-time risk monitoring


NIS 2 Pre Audit insights - what to expect?

A NIS2 audit will not only assess whether security measures are in place, but also whether organizations can demonstrate effective risk management, monitoring and incident response. Learn from the auditors!

From Compliance to Board-Level Decision Making

Support board-level decision making through (Cyber) risk analytics based on the FAIR Risk model. A research, a vision an overview and a scorecard.

Total Cost of Compliance — Building the Business Case

Using practical examples, it becomes clear how a continuous compliance approach can reduce operational costs, increase audit readiness and provide management with clearer insight into both risk exposure and compliance spending.

NIS2 - How to?

Using practical examples, it becomes clear: What you need to report about; How you know if you've got everything covered;  and how you can verify the data before you even can audit. Real examples!

Speakers

Cynthia Yuen

EY -  IT Consultant | Digital Risk & Resilience



Check Profile

Francien Begass

Accenture - Lead Risk Netherlands - Principal Director



Check Profile

Michel Bernsen

EY - Partner | Digital Risk NL | Enterprise Resilience Europe West @ EY



Check Profile

Laura Cristiana Voicu

Fair institute - Cybersecurity Data Science and Decision Science | CRQ | AI Security | AI Risk | Core Author, CSA AI Controls Matrix

Check Profile

Gert Martijn Kwak

Senior coordinator now focusing on Woo, IV change - IAM programs & implementations - IND, MINJUS


Check Profile

Eric Olaf Brinkers

Programmamanager programma IAM bij de IND



Check Profile

Roy Patrick Hoogland

Methodino & Research on Valuing Cyber Risk: The influence of continuous compliance on enterprise valuation


Check Profile

Erik Witte

CEO Methodino - Coherent Governance Infrastructure | Computed Governance | Computed Security Intelligence


Check Profile

Copyrights  2026, Methodino, Created by European Publishers for Methodino.ai

All information is subject to change without notice

Thank You!

Thank you ! Your form has been submitted