Internal Audits & Controls


Internal Audits & Controls

Deloitte offers a full spectrum of internal audit services that can enhance your capabilities. These services can help your management better understand and monitor the performance of critical operations and key support functions and help achieve a suitable level of controls.

Internal Controls

Our array of internal audit services includes:


  • Outsourced and cosourced internal audit
  • Technological reviews
  • Quality assessment of the internal audit function
  • Internal audit function transformation
  • Internal audit training
  • Third-party contract compliance advisory services and inspections


Internal Audits / outsourcing and co-sourcing

Deloitte's professionals around the world bring their support to their clients' internal control mechanisms. Clients have full access to the wide range of our expertise.

Contract risk compliance 

In today's business world, organizations increasingly rely on outsourcing, licensing, alliances, and other business partnerships to meet their objectives. These complex relationships are governed by financial and legal agreements that are often poorly monitored. A lack of controls around these relationships creates risks, either reporting or operational in nature, and can lead to brand or reputation damage and the loss of significant revenue through uncollected royalties, misreported claims, and inadequate inventory controls.


A well-conceived Contract Risk & Compliance program, however, can help organizations better identify and mitigate the risks, while enhancing the benefits of business arrangements. Contract Risk & Compliance is a service area focusing on risk management that can help organizations optimize relationships with other entities to improve business processes, maximize revenue, manage costs, address risks, strengthen relationships, and boost performance.

ISAE 3402 / SSAE 16 examinations

Outsourcing companies are looking for third-party assurance to provide their clients with comfort about their internal control environment. In order to meet heightened expectations and to fit the modern frameworks of assurance standards, the IAASB (International Auditing and Assurance Standards Board) and the AICPA (American Institute of Certified Public Accountants) issued new standards, namely the ISAE 3402 and SSAE 16, replacing the former SAS 70. The new standards have become effective for assurance reports covering periods ending on or after 15 June 2011.


Deloitte will put experienced industry professionals at your disposal, recognised as experts in their field, together with qualified auditors with in-depth experience in control reviews. We are convinced that the availability of industry experts is a key differentiating factor in our approach as it enables us to advise you in a proactive manner on how to align with leading market practices.


Our ISAE 3402/SSAE 16 services can bring an organisation value through improved third-party risk management and performance, and include:

Determining the spectrum of ISAE 3402/SSAE 16 coverage required

Executing ISAE 3402/SSAE 16 examinations for outsourcers and service providers

Expanding the scope of ISAE 3402/SSAE 16 reporting based on assessment

Auditing of projects

Do you wish to make sure that your projects are secured? That decisions are made by the right persons? That key issues are being reported if need be?

Deloitte's professionals are divided into multidisciplinary teams specializing in project management and auditing.