Security, privacy & resiliency

Bussiness continuity management

Resiliency is a critical component of successful business management. Experience shows that typically more than 50 percent of businesses without an effective resiliency plan will ultimately fail following a major disruption. The need to ensure continuity of service has never been greater due to more organizations operating 24/7 and an increasing dependence on technology to conduct business. Increasing stakeholder and regulatory expectations demand an approach that ensures equal consideration is given to managing the immediate and longer term outcomes from incidents affecting people, processes, systems or events external to the organization.

•Occupational Health & Safety audits

•Current state assessments

•Business Impact Analysis

•Operational Risk Assessments

•IT Service Continuity strategies

•Business Continuity Plans

•IT Continuity Plans

•Emergency Response Plans

•Crisis Management Plans

•Testing and Exercising

Deloitte's experience combined with the use of a robust operational resiliency framework methodology help our member firm clients create organizational resiliency, a state in which issues are identified and prevented before they arise, and prepare the client to manage the unexpected.

Our BCM Methodology is based on a BETP (Buildings, Equipment, Technology, Human Resources and Third parties) approach and is aligned to the international standard for BCM, BS25999, as well as the Business Continuity Institute's Good Practice Guidelines.

 

Enterprise Application Integrity

The scope and breadth of Enterprise Applications has grown to support new processes, businesses and technologies. With this progression, SAP and Oracle have developed functionality and increased integration as information is shared between parts of the organization using web-enabled solutions, portals and exchanges. This functionality has brought new business risks to information integrity. In addition, regulators and auditors are raising their expectations and now require evidence that companies have addressed these risks and that programs are in place to actively identify and resolve controls issues in an ongoing manner.

Leveraging our know-how and tools, we can help our clients meet the requirements of their regulators, auditors and internal stakeholders by addressing the following areas:

• Access Management and ERP Security (SAP, JDE, Oracle, Navision etc.) - design and implementation of the application security structure and establish access rights which support the requirements of the business. Security accelerator templates provide guidance related to role definition and applicable Segregation of Duties. This process includes security set-up, maintenance, administration and operations for all environments, as well as development, quality assurance, training and production.
• ERP-enabled business controls - design and implementation of an internal control framework that leverages a cost-effective mix of automated and manual controls embedded in the automated business processes. These controls may include internal controls over financial reporting as required by Sarbanes-Oxley and other similar regulations and potentially other operational, compliance and privacy-related controls, depending on management's requirements.

Others

Data Privacy

It is estimated that more than half of any company's intellectual capital, financial and employee data, is in digital format. We at Deloitte can assist our clients in creating a comprehensive approach to data privacy in conjunction with rules and regulations of leading countries while using our global framework to deliver our services. 

IT Risk Assessment

IT Risk Assessment encompasses the identification of current risks and controls as well as enhancement of current controls with the help of best practices. In delivering this service, we make use of Deloitte's global best practices database and our proven methodologies and tools, this service helps to enhance current processes and mitigate major IT risks.