Governance, Risk and Compliance Services

Our Governance, Risk and Compliance (GRC) practice is dedicated to helping our clients transform their enterprise-wide technology and data management frameworks to improve decision-making, enhance automation, integrate to emerging digital technologies and address common industry challenges including:

  • Increased operating costs of 1st, 2nd and 3rd lines of defense
  • Misaligned methodologies, frameworks and taxonomies
  • Overlapping of redundant risk and control activities
  • Keeping pace with today’s compliance requirements
  • Aligning cyber and information security with the enterprise risk framework
  • Enhancing centralized, meaningful, value driven data analysis and reporting
  • Integrating or replacing siloed systems and information sources to source an accurate overall risk position

Our partnerships with best-of-breed GRC technology vendors, allow us to help our clients to transform traditional practices, breakdown silos and achieve operational scalability, alignment, transparency and standardization of practices by leveraging integrated GRC technology solutions.

At Deloitte, our team of professionals brings value through years of GRC experience and in-depth knowledge of comprehensive tools and techniques and implementation methodologies. Our GRC service offerings include:

  • eGRC program design and development
  • eGRC advice and selection
  • eGRC design and blueprint
  • eGRC solution implementation
  • eGRC application managed services

Key contacts

Nathan Spitse
Partner, Canadian GRC Leader

Luiz Dias

Nishad Paul

Wafa Al Masri
Director & GRC Leader

James Chung

Key contacts

Nathan Spitse

Nathan Spitse

Nathan is a partner in Deloitte’s Risk Advisory practice. He leads Deloitte’s global cyber and strategic risk offering portfolio, as well as the global crisis and resilience program. Based in Toronto,... More