Security, Privacy, Resiliency
A Risk Intelligent Enterprise™ focuses not solely on risk avoidance, but also on risk-taking as a means to value creation. This approach recognizes the need for an integrated risk management program that embeds capabilities throughout all levels of the organization.
- Enterprise Risk Management
- IT Forensic Services
- IT Audit
- ERP Implementation Аdvisory
- Penetration Testing Services
Enterprise Risk Management
Our Service Offering
- Risk identification based on the Deloitte Risk Intelligence Map
- Risk assessment methodology encompassing inherent and residual risks
- Facilitated risk assessment workshops for Board members, executive and operational management using Resolver Ballot risk assessment software
- Assistance in determining risk response
- Development of risk management strategy
- Design and implementation of internal controls
- Internal audit support
- Risk committee support (development of risk policy, methodology, action plans, and reporting requirements)
- Risk management trainings
- Risk consulting (regulatory, legal, financial, health and safety, environment, information technology)
IT Forensic Services
How to cope with fraud?
The good news is that companies can do a lot to reduce the risk of fraud to a very large degree by establishing a proper ethical environment, ensuring open communication, and establishing preventive antifraud controls. Deloitte offers a wide array of forensic and antifraud services using specialized software for data mining and analysis.
What can we do to help you cope with fraud?
We offer decisions about:
- Control Environment
- Fraud Risk Assessment
- Anti-Fraud Control Activities
- Information and Communication
According to statistics, fraudulent activities by employees, business partners or clients may cost an organization a significant percentage of its revenues.
How we can help?
Deloitte has the breadth of resources, skills and experience to meet the most fundamental IT Audit requirements including:
- IT Governance
- Information Security
- Technology Change Management
- Application, Database and Infrastructure audits
- Business Continuity Management
- Disaster recovery
- Network and Systems Management
- Regulatory Compliance e.g. MiFID, Basel II and Sarbanes Oxley
We also have the capability to meet more unique and challenging service needs, such as:
- Data Analysis
- Information Security audits and vulnerability assessments
- Outsourcing Risk Management
- Privacy and Data Protection
- Application controls review and effectiveness assessment of major ERP installations such as SAP, Oracle, etc.
- Project Risk Management
We have designed our services to offer flexibility for you to retain both control and confidence. The range of our solutions includes:
- “Outsourcing” whereby we can provide an entire IT Internal Audit function that provides assurance over IT risks across the organisation
- “Co-sourcing” which allows you to tap into our resources for specialised skills and experience, or to expand your existing staff with experienced IT Audit professionals.
- Discrete Projects whereby you assign specific projects to us and we carry them out as an extension of your Internal Audit organisation.
- Assisting you in developing full IT Audit risk assessment, audit plan development and plan execution.
The role of the Internal Audit department has expanded, both in scope and the requirement to deliver tangible value to the business. The IT environment is growing more complex by the day. Rapidly changing technologies, increasing demand for IT services among business units, and the continual expansion of the “extended enterprise” all translate into greater IT risks for most organisations. The IT Audit and Compliance functions are tasked with keeping tabs on these risks.
ERP Implementation Аdvisory
We offer services focused on our extensive experience and knowledge of best practices in your industry and use up-to-date project management methodology and tools for effective management of project risk and scope. We have in-depth and extensive experience in business solutions and projects related to IT transformations. Our approach is based on maximizing return on investment and increasing shareholder value.
Our approach in 7 steps:
1.Current state analysis
5.ERP vendor selection support
ERP integrates departments’ activities, processes and management information across the organization into one single computer system, achieves better performance and increases effectiveness of the company.
Penetration Testing Services
Threat agents didn’t change, but the attack methods continuously evolved
You still need to worry about:
- External threats (customers & suppliers)
- Internal threats (employees & contractors)
To determine your security level, you need a complex audit. We can offer you:
- Infrastructure level penetration tests (internal / external)
- Application level penetration tests (internal / external)
- Security awareness tests
- Security audits
To meet your objectives we have established a Security Laboratory at Budapest, which has:
- Extensive experience in application penetration tests and network infrastructure vulnerability assessments performed in the region
- Diverse selection of clients including financial institutions, government agencies and industry clients
- Centre of Excellence for Security & Privacy Services in Central Europe
- Collaborative approach with Deloitte member firms
The consequence of operating in a connected world and relying upon IT to store and process information is that security attacks are inevitable. Generally these attacks are rudimentary and not particularly focused however it is generally accepted that the intelligence of attacks is increasing as is the frequency of attacks.