The Compliance Week 2014 conference happens this week, and as usual we'll have more than 500 compliance officers, audit executives, regulators, and other leading thinkers talking shop on all things ethics & compliance. Check our website frequently for the latest updates, since we'll be posting lots of them. Meanwhile, as always, here are my personal picks for what should be the most interesting or most important sessions we have. (Given how strong our agenda is, choosing only a handful is not easy.)

Corporate Culture as a Top-Level Control. Almost every compliance officer I encounter these days tells me that the biggest challenge you all face—the thing that's most important to master but also hardest to master—is culture. If you have good corporate culture and a workforce that thinks about ethics, your compliance and regulatory obligations become much easier to fulfill. Defining and achieving a strong corporate culture, however, especially at large organizations, can drive a CCO crazy.

Hence we've put this topic on the CW 2014 agenda for Monday morning (prime time at our conference), with a superb group of compliance thinkers. Panelists will include the heads of ethics & compliance at the University of Miami, MITRE Corp., and the Apollo Group, and the moderator will be Wayne Brody of LRN—a former compliance officer himself, who now devotes his time to exploring the importance of corporate culture. Just last week I wrote about yet more academic research that values lead to good conduct far more than intricate compliance systems. This panel will do a deep dive into how modern organizations can get there.

Digging for Conflict Minerals Compliance. This session could not be more timely. Just last week a federal appeals court ruled that, no, it will not overturn the most substantive parts of the Conflict Minerals Rule, which means companies must indeed start filing conflict mineral reports to the Securities and Exchange Commission in exactly two weeks. I suspect more than a few companies were hoping the rule would be overturned, and many compliance officers out there are now thinking, “Um, what do we do now?”

Compliance Week 2014 has you covered. We have a great cross-industry panel of executives from Terex, ITT Corp., and Johnson & Johnson ready to share how they've tackled conflict-minerals compliance so far. Success at this task is going to be a team effort that involves compliance, procurement, and legal departments, and our panelists have deep expertise in all three. Regardless of whether you agree with the idea of social policy via corporate disclosure rules—which is all the Conflict Minerals Rule is—efforts like this are only going to increase, and the hammer will fall heavily on compliance departments. So this session on Tuesday afternoon should be well worth the time.

Future of the Audit Committee. You might remember that the SEC held a roundtable in March to discuss cyber-security risk. One point of discussion was that responsibility for cyber-security risk should ultimately rest with the audit committee—immediately followed by another point that audit committees probably aren't suited to handle that duty, but nobody has any better ideas of what to do, and, well, we gotta stick it somewhere.

That trend, that mantra of “ultimately, this resides with the audit committee,” is growing more and more common in Corporate America. And since audit committees are the bosses of chief compliance officers, we wanted to ask the obvious: can audit committees handle all this work?

On Tuesday morning we'll try to answer that question with a keynote discussion of three people: Margaret Smyth, audit committee member at both Martha Stewart Omnimedia and Vonage; Alan Siegfried, on the audit committee at UNICEF and Bon Secours Health; and Jay Hanson, member of the Public Company Accounting Oversight Committee. Smyth and Siegfried have fantastic perspective because both have spent many years working in corporate finance, audit, and legal departments. Hanson is superb because the PCAOB is in a campaign these days to get audit committees to pay more attention to audits and internal control over financial reporting (you know, the things that audit committees used to worry about before the moon and stars landed on their plates too).

This might be the most important issue in compliance today that nobody talks about, because nobody has any good answers. Cyber-security risk, for example: it's ridiculous to give that to already over-burdened audit committees, but Congress and the SEC are not going to modernize securities law to require boards that boards have cyber-security risk. So it falls to the audit committee, along with everything else (corruption risks, financial reporting, relations with the external auditor, and so much more). As long as audit committees are over-taxed, they will not give good instructions to their point-person at the corporation—which would be you, the CCO. I'm hoping for a great debate here on Tuesday.

I could list many more sessions on the Compliance Week 2014 agenda as top notch. We haven't even mentioned Peter Swire, speaking Wednesday about reforms to prevent NSA eavesdropping; or the back-to-back keynote panels following him about whistleblower activity in corporations today; or the dozens of Conversation sessions we have, where compliance officers can talk in private about the issues you face. The secret in the sauce for Compliance Week conferences is the compliance officers themselves, attending and talking. We have a great group this year so by definition it will be a great event.

And for those of you in the Washington area—we still have some seats available! Drop by the Mayflower Hotel, get registered, and enjoy the show.