Meet Thelma Gombedza, Risk Advisory Senior Manager at Deloitte Bermuda. Thelma is an IT and Cyber expert with extensive experience performing IT Sarbanes Oxley testing for SEC registrants working as an extension of the Internal Audit teams. The client issues relevant to Thelma and her team are:

• Under-utilization of technology, automation, and data
• Resources focus on executing just-in-time versus strategic activities
• Exposure to material weaknesses due to ineffective use of a risk-based approach
• Inadequate sample-based testing given an exponential amount of data
• Excessive testing due to many controls and inefficient testing approaches
• Increasing costs forecasted as a result of the changes in the regulatory environment
• Lack of coordination across compliance functions

With the support of her team, Thelma assists clients with navigating  these challenges by modernizing their SOX programs by challenging the SOX risk assessment to refresh the risk-based approach and establishing monitoring programs aligned with risk assessment. She also drives the automation of control testing, control operation and eligible processes that are highly manual, occur frequently, and are defined by a standard set of tasks to redeploy resources. By working with clients to provide real-time status updates with visualizations and transforming testing strategies, Thelma effectively navigates and reduces the impact of cyber threats.

Join Thelma in leading the way in cyber security.

We need more like Thelma.

We need more like you. 

Meet Lise Corbin, Risk Advisory Partner at Deloitte Cayman Islands. Lise is an expert in identifying risks that exist in complex and interconnected financial and economic systems where the pressure to tackle fiscal risk has never been greater. Lise is at the forefront of assisting financial institutions and other exposed sectors in developing, implementing and remediating all aspects of robust Financial Crime Risk Management programs.

Lise leverages her deep industry knowledge to identify potential client issues which may include:

• Rapidly evolving Financial Crime regulatory expectations and emerging risks
• Increasing cost of compliance, and crippling impact of non-compliance leading to Reputational risk
• Disparate technology and disparate data
• Limited leverage on innovative solutions & new technologies

Lise’s expertise in risk management and mitigation best positions her to work collaboratively with clients to:

• Assess their future landscape and define strategic objectives through a robust regulatory strategy and target operating model
• Develop an approach to managing regulatory change
• Perform compliance assessments to identify and remediate gaps and assess how new rules should be implemented
• Re-design compliance activities to better embed technologies to optimize efficiency
• Address key challenges in demonstrating sound risk management to regulators
• Conduct focused assessments using indicators and influencers to fully understand the organization’s current risk culture and specific target areas to help strengthen it

Join Lise in charting the path for organizations to navigate financial crime risks.

We need more like Lise.

We need more like you. 

Meet Blaire Evans, Risk Advisory Assistant Manager at Deloitte Bahamas. Blaire uses her expertise to develop effective risk monitoring systems, capital and liquidity frameworks, business continuity frameworks, and recovery frameworks to preserve organizational value.

As world events like pandemics, hurricanes and poor financial risk management practices continue to threaten the safety of the financial system, regulatory guidelines are becoming more extensive and requiring banks to develop more robust risk management processes to build resilience. Organizations must therefore act quicky to close gaps in their regulatory compliance processes and/or systems which may include:

• A lack of internal resources and subject matter expertise to respond to regulation
• A lack of optimized risk measurement and management
• A need to proactively design and implement regulatory response
• Internal and external weaknesses identified within existing compliance programs

Blaire, supported by our local team and subject matter experts throughout the Deloitte global network, assists local clients in the financial industry respond to regulation around capital adequacy (ICAAP), capital management, business continuity planning and recovery planning. She also performs gap analyses between existing processes and regulatory/business expectations also allows clients to identify weaknesses and implement recommendations.

For newer regulations such as capital adequacy and recovery planning, Blaire assist clients in building regulatory reports and other deliverables to evidence compliance and commitment to sound risk management. For clients with more established risk programs such as business continuity, she facilitates testing exercises to provide assurance on the effectiveness of the programs as they look to us for guidance on aligning their operational procedures to best practices as well as training for key staff members.

Most recently, with regulations requiring banks to perform quantitative stress testing, we partnered with SMEs to deliver a webinar to financial institutions on stress testing approaches and are now working with clients to implement our stress testing engine into their business.

Join Blaire in leading the way in risk management.

We need more like Blaire.

We need more like you. 

Meet Dr. Alexandra Forssell, Risk Advisory Director at Deloitte Cayman Islands. Alexandra is a Director in the Deloitte Cayman Islands Risk Advisory and Consulting practice, where she leverages her 20 years of technology experience and 13 years of Deloitte advisory and consulting expertise to help clients across various industries address their cyber and strategic risks. She has successfully led and delivered complex and high-impact projects in areas such as cybersecurity strategy and governance, data protection, cyber incident response, system implementation, data analytics, and crisis management.

She is also a frequent speaker and thought leader on cyber and digital risk topics in Cayman and the Caribbean. Alexandra is passionate about empowering organisations to establish proper governance, improve efficiency, stay secure, and protect their data and assets in the digital era.

Alexandra’s deep industry knowledge allows her to identify industry and cyber threats that are growing in number and complexity including:

• •Shifting organizational priorities – moving beyond compliance and examining the fundamental business risks of cyber
• •Technology leaders worry that cyber incidents could surprise them at any time, and face increased scrutiny from senior executives, despite significant investment in security technologies
• •Organizations are experiencing integration or business innovation including new applications, products, services and business models
• •Organizations may face a complex array of compliance mandates and lacks cohesive visibility or means of managing the related activities
  

When faced with complex client issues, Alexandra leverages the local Deloitte teams and Global Deloitte centers to offer a depth of technical knowledge and industry experience, resulting in the development of a comprehensive suite of solutions - from advisory to managed security services.

She works with clients to determine their risk tolerance and to identify their key business risks and cyber threat exposures. Thus, delivering value through her ability to develop cyber risk programs in line with the organization's strategic objectives and risk appetite.

Alexandra works with her team to further enable executives to recognize, analyze, and address third-party and regulatory compliance risks. Finally, she helps organizations to develop and implement a well-defined cyber risk culture that educates employees about threat awareness, to help accelerate behavioral change.

Join Alexandra in leading the way in cyber detection and protection.

We need more like Alexandra.

We need more like you. 

Meet Zamiwe Mwape, a Risk Advisory Manager at Deloitte Bermuda with over 12 years of experience providing internal audit, risk management and compliance services. She is a Fellow of the Association of Certified Chartered Accountants (FCCA), a Certified Internal Auditor (CIA), and also holds a Certificate in Risk Management in Financial Services.

Zamiwe has added value to clients to both private and public sector clients ranging from insurance, banking, mining, not-for-profit, manufacturing and FMCG. She has also served in an internal support services capacity as a Systems of Quality Management Manager in the Deloitte Africa firm. Her role involved the implementation of the International Standard on Quality Management (ISQM) mandated for all audit firms by the International Federation of Accountants (IFAC). Her governance experience includes previously holding the role of Non–Executive Director of the Board Finance and Administration Committee for the Zambian Civil Aviation Authority.

In her role, Zamiwe is able to utilize Deloitte’s cutting-edge tools, methodologies and pool of deeply experienced Risk Advisory professionals to help improve clients’ effectiveness, efficiency, performance and the strategic flexibility of Internal Audit functions. With the support of her team, she add value to our clients through co-sourced or outsourced engagements, where they provide “on-demand” industry-oriented technical subject matter specialists to help clients build on existing strengths and improve the overall value of their IA function. Some of the benefits that clients accrue from our suite of services include, but are not limited to, improved stakeholder satisfaction and engagement, knowledge transfer and cost reduction.

Join Zamiwe in leading the way in risk and compliance management.

We need more like Zamiwe.

We need more like you. 

Meet Christine Nabbanja, Risk Advisory Senior Consultant at Deloitte Cayman Islands. Christine’s expertise lies in performing fieldwork for Cyber and Strategic Risk programmes. This entails establishment and review of proper governance, regulatory body and industry standard compliance, data security and asset protection and overall process efficiency improvement for clients in the Public Sector and Financial
services space.

Christine also undertakes projects within the Accounting & Internal Controls offering, including internal audits for various operational Internal Controls, e.g., accounting and financial reporting, General IT Controls (“GITCs”), Human Resource management, expenditure management, office operations, asset management, etc.

Christine’s industry knowledge allows her to assist clients with their cyber and strategic risk, and accounting & internal controls in these areas:

Cyber and Strategic Risk

• Inability to adequately monitor situations that cause crises, including internal incidents or deliberate cyber-attacks
• Lack of a comprehensive crisis managementand resiliency plans

Accounting & Internal Controls

• Extended Enterprise/Third Party Risks
• Identify and respond to IT Control Risks
• Lack of Subject Matter Expertise
• Performance Effectiveness
• Identification of risks and mitigating controls 

When faced with complex client issues, Christine leverages the local Deloitte teams and Global Deloitte centers to offer a depth of technical knowledge and industry knowledge – which spans across all areas of her focus.

Cyber and Strategic Risk

• Prepare enterprise crisis plans and programs to help clients respond, recover and thrive from an incident
• Test crisis readiness using crisis simulations or scenario planning
• Build effective crisis communication plans and templates

Accounting & Internal Controls

• Internal Control Over Financial Reporting
• (ICOFR) compliance
• Assurance on system implementation and
  migration
• Assurance on emerging technologies
• Assurance on outsourced activities
• Improved efficiency in IT controls
  compliance
• Regulatory certification
• Assurance on IT Governance

Christine is able to provide on-demand, business, analytical and internal audit capabilities to help clients identify and build on existing strengths, and improve on their value of their internal audit function. The full suite of internal audit services Christine, along with her team provides, can offer higher quality, flexibility, efficiency, and effectiveness at a greater value than an existing in-house function as an outsourced or co-sourced service provider.

Join Christine in leading the way in cyber risk and internal audit.

We need more like Christine.

We need more like you.