Information & technology risk

Challenges

To succeed in the future, businesses need to be aware of all risks that threaten their operations. Technology is a critical component of any operation and a key enabler for realising business objectives. Awareness of technology risks and impacts is vital to making informed decisions and mitigating risk appropriately. Getting controls right enables organisations to effectively manage risks and drive performance. It also keeps costs down, grows revenue, secures assets, and meets legal and regulatory compliance, as well as the expectations of customers, partners and shareholders.

Deloitte services offering

Deloitte provides companies with a broad range of services to respond to a fast and ever-changing environment:

Accounting software

• Assistance in accounting software implementations and migrations (e.g. GP2-GP3, Multifonds, Dimension, etc.)
• Assistance in connection with new accounting software releases (e.g. test cases, checklists)
• Test assistance for any specific or complex projects (e.g. pooling, multi-class, tax figure calculation, securities lending, etc.)
• Expertise in implementing globalisation techniques or anti-dilution mechanisms
• Drafting procedures or specification documents

Tax figures

• Implementation of the GP3 tax figures calculation module
• Controls of daily tax figures, independent recalculation of inaccurate tax figures

Information & technology risk

Deloitte's information & technology risk professionals help organisations deal with issues related to business process, technology, operational and financial risk. Our aim is to enable clients to measure, manage and control risk thereby enhancing the reliability of processes and systems across the board

• Security management
  We can help you improve the security of a single component or develop comprehensive security programs that address areas such as governance and strategy, international and industry standards, risk management and compliance, cyber security, training and awareness, effective assurance and metrics.
• Information leakage
  Our professionals have a wealth of knowledge and experience of performing customer information flow analysis and controls reviews. Our experience covers the breadth of issues faced by organisations including understanding where their customer information is, performing detailed security assessments, reviewing third party controls, understanding the regulatory environment and getting to the bottom of cultural issues that could impact business processes. This enables us to understand both the detail of the issues an organisation faces, and step back and provide realistic recommendations for improvement.
• Intrusion testing
  Deloitte ethical hackers can perform or assist with the assessment of IT infrastructure, networks and business applications to identify attack vectors, vulnerabilities and control weaknesses. Our team also has experience in developing and deploying the technical and architectural improvements necessary to reduce exposure to both internal and external threats.
• Application integrity
  Meet the evolving needs of your stakeholders while improving efficiency, automation and compliance by designing, building and implementing ERP application security and segregation of duties, business process controls, and data quality and interface controls.
• Identity and access management
  By combining business process, security and controls, enterprise resource planning (ERP), project management and technology skills with in-depth vendor software knowledge, we can help you maintain authorised access to information at any time, from anywhere, by employees, business partners and customers.
• Business continuity management and pandemic planning
  Strengthen your resiliency with a business continuity and disaster recovery program. Prepare your organisation to respond to emergencies, maintain processes and technologies in the event of a disaster, and respond to a crisis, such as a technology disruption or pandemic.
• IT regulatory compliance
  Deloitte can assist in evaluating and analysing regulatory compliance impacts of your banking software outsourcing projects. Our IT regulatory compliance specialists can also help develop outsourcing models to overcome and comply with local regulations (CSSF circulars 05/178, 06/240 and 08/350) and assist in the preparation of outsourcing project application file sent to the financial regulator.
• System conversion and data migration assessments
  Our information & technology risk specialists can assess your overall project plan, assess risk management throughout all phases of your project, ensure that the target environment will work as planned, which includes both the target application and its upstream/downstream applications, and provide assurance on the quality and correctness of the new environment's data output.