Skip to main content

Risk Excellence – Connect. Modernise. Digitise.

Take Command of Risk

October 2020




Organisations who can CMD their approach to assurance, compliance and risk, can embrace digital technologies and new ways of working. In this publication, Deloitte outlines the core components of CMD detailing how a CMD initiative is not just a technology solution but also a combination of a new mind-set, skill-set and tool-set for organisations.

Building resilient companies by aligning and modernising risk management and using digital technology applied to new operating models for risk - Connect, Modernise and Digitise (CMD) is a strategic, creative, agile and adaptive way, of bringing our existing innovative offerings to rapidly enable what is needed for organisations to drive impact and value through risk.

In this latest global Internal Audit point of view publication, we consider a more holistic discussion on risk, compliance and assurance transformation across an organisation.

Key findings


CMD is an opportunity arising from the leading thinkers across the three lines of defence. The convergence of digital technology, automation and analytics provides CMD the foundation on which to build a more resilient organisation, one capable of taking on the right risks and withstanding the shocks of an ever-changing risk universe.

Looking ahead


Now more than ever, digital is woven into everything we do. Technology is poised to enable a digitally connected risk enterprise, giving the CEO a clear line of sight on risk across all three lines of defence. Supporting a more agile enterprise, CMD can drive real time controllership and assurance, meaning the organisation is more prepared for Volatility, Uncertainty, Complexity and Ambiguity (VUCA).

The cost and accessibility of cognitive, analytical and automation technologies are no longer the limiting factors they were even a few years ago. By incorporating assurance by design into business processes, leveraging automation for control functions and innovating assurance activities, organisations are able to generate greater visibility into risk and faster response to remediation. Those organisations who achieve the CMD paradigm shift in assurance, compliance and risk are realising benefits.

CMD is an opportunity for Internal Audit to lead. CMD conversations are strategic and forward looking and go beyond control rationalisation, GRC implementation and control automation, to drive risk transformation.

This is Risk Redefined. This is taking Command of Risk.

Key contacts


Geoffrey Kovesdy

Deloitte & Touche LLP

Stuart Rubin

Deloitte & Touche LLP


Did you find this useful?

Thanks for your feedback

If you would like to help improve further, please complete a 3-minute survey