Cyber security services

Services

Cyber security services

Learn more

Deloitte's Information & Technology Risk practice helps organizations to deal with issues related to business processes, technology, operational and financial risks. Our aim is to enable clients to measure, manage and control risk and thereby to enhance the reliability of processes and systems across the board. We understand business and industry issues coupled with technology, audit and security expertise. This allows us to determine the real business impact of risks and to frame our findings and recommendations in a business context. A number of our professionals possess CISA and CISSP certifications.

To reduce the risk of fraud and unauthorized transactions, no single individual should have control over two or more parts of a process. This is a segregation (or separation) of duties. A simple example would be of an assistant in the accounts department who has been assigned access to amend supplier master file details and to make payments, which could lead to fraud as individuals create a supplier and process fraudulent payments to themselves. From experience, most segregation of duties issues occur because an organization has not taken a risk-managed approach to designing processes. There is frequently a lack of focus and attention given to the design, operation and monitoring of segregation of duties with organisations.

Our services: 

  • SAP health check to gain clarity on your organization’s Segregation of Duties violations and identify the possible implications.
  • Implementation or optimization of SAP controls through automation and rationalization to streamline existing controls or implement automated control solutions.
  • Implementation support for SAP GRP Access Control.

Segregation of duties in ERP systems

Organizations must implement and maintain a security management framework, aligning people, process and technology, to survive in today’s competitive market and comply with external requirements.

Our services:

  • Assessment of the current state of information security against the requirements of the Central Bank of Azerbaijan's security standard and Law of the Republic of Azerbaijan “On Personal Data”, PCI DSS, ISO27000 and others.
  • Risk assessment, development of information security strategies, business cases and implementation roadmaps.

Information security compliance

The need to provide continuity of service has never been greater due to more and more organizations operating 24/7 and there being an increasing dependence on technology in order to conduct business.

ncreasing stakeholder and regulatory expectations demand an approach that gives equal consideration to managing the immediate and longer term outcomes from incidents affecting people, processes, systems or events external to the organization.

Our services:

  • Business impact and current state analysis
  • Management of your business continuity program
  • Development of business continuity plans
  • Business continuity testing and training

Business continuity & resilience

All organizations hold sensitive data that customers, business partners, regulators, shareholders and the board expect them to protect. Despite this, high profile security breaches involving personal and corporate data continue.

The impact of regulatory intervention combined with negative publicity and public perception is prompting organizations to take immediate measures to understand the sensitive information they hold, how it is controlled and how to prevent it from being leaked.

Our services:

  • Information flow analysis to understand how the organization currently manages sensitive information, where that information is stored, who is using it and how it is processed
  • Assessment of the likelihood and impact of information loss
  • Review of how the information is handled and the controls in place
  • Development of remediation plans
  • Assistance with the selection and implementation of automated DLP solution

Information leakage prevention

Contacts

Tural Hajiyev

Tural Hajiyev

Partner, Risk Advisory

Tural is Risk Advisory Partner at Deloitte Azerbaijan. He joined Deloitte in 2003, specializing in corporate governance and risk management as well as organizational and operational efficiency engagem... More

Back to Risk