Cyber Risk Services

Representing some of the most complex areas of risk management

With security and privacy breaches on the rise, and with a corresponding increase in regulation, the threats to an organization extend well beyond the particulars of any one incident. Executive and boards have a compelling need to understand and reduce their security and privacy exposures. To help organizations avoid being the next victim of a security breach, we provide the following cyber risk services:

Application Integrity

Leveraging Deloitte's know-how and tools, we can help clients meet the requirements of their regulators, auditors and internal stakeholders by addressing the following areas:

  • Application security and controls
  • Business controls and process improvements
  • Segregation of duties
  • Interfaces and integration
  • Implementation and configuration of VIRSA and SAPs GRC suite of modules

Identity and Access Management

The Identity and Access Management framework developed and used by Enterprise Risk Services (ERS) combines business process, security and controls, enterprise resource planning (ERP), project management and technology skills with in-depth vendor software knowledge to address areas including:

  • Current state analysis
  • Development of a strategy
  • Business case and roadmap
  • Solution design
  • Product selection
  • Identity Management program implementation and integration

Privacy & Information Protection

Helps clients understand the key factors for reducing exposure to critical risk associated with the handling of personal information and sensitive data, and potential damage to brand.

  • Privacy and data protection strategy
  • Building an organization-wide inventory and classification map of personal data
  • Policies and procedures
  • Training and awareness
  • Cross-border data transfers
  • Data retention
  • Compliance with law enforcement requests
  • Building privacy controls into IT projects
  • Managing varied international compliance requirements
  • Audit and monitoring programs for ongoing data protection compliance


Deloitte’s experience combined with the use of a robust operational resiliency framework methodology help our member firm clients create organizational resiliency, a state in which issues are identified and prevented before they arise, and prepare the client to manage the unexpected.

Secure eBusiness

Help organizations address a wide range of security requirements, using proven methodologies to design and implement programs and solutions around policies and standards, governance and strategy, metrics, automated dashboards and automated risk and compliance solutions.

Security Analytics

New technology such as big data, mobile application and cloud technology have changed the traditional industries and there is no doubt that traditional professional services will also face the challenges arisen from these technologies.