Governance, Risk & Compliance Technology Services
Governance, Risk & Compliance Strategy and Planning
The challenge
Aligning technology to governance, risk & compliance is proving to be difficult. Vendors often have divergent opinions on the role technology should play with regard to GRC. This leads to lack of consistent and clear message on how enterprises should deal with GRC matters while incorporating technology. Most of the companies are not in a position of coming up with an integrated strategy in solving GRC issues which will return their investments.
How we can help you
- Definition of a GRC roadmap
- GRC process and control monitoring
Access and authorisation controls
The challenge
Managing access and segregation of duties requirements is a time consuming and cost intensive process that requires constant attention and is often overlooked or avoided. Many organisations do not even have a clear understanding of the extent of their access management issues, beyond those their internal and external auditors tell them about, year on year.
How we can help you
- GRC access controls tool installation and configuration.
- Designing and defining segregation of duty rule set.
- Benchmarking the maturity level of your IT and business GRC access controls.
- Solving segregation of duties violations.
- Coaching IT and business on how to address segregation of duties problems.
Business process controls
The challenge
A key challenge facing the management is to reduce the cost of executing monitoring business process controls whilst increasing their effectiveness. Management needs to efficiently meet their compliance and business objectives by verifying that the controls are addressing the risks and operating effectively.
How we can help you
- GRC process controls tool installation and configuration.
- Workflow configurations to enhance internal controls automation, business process optimisation and continuous controls improvement.
- Implementation of key controls to monitor and mitigate both IT and business risks.
- Guidance throughout process controls implementation and deployment phase.
- Integration of GRC access control and GRC process controls.
Key contact
© 2013 Deloitte AG. All rights reserved. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity.
Please see About Deloitte for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its Member Firms.