GRC as a Service 

Deloitte’s long-standing and recognized status in the deployment of GRC tools together with our services are paving the way on how we shape and deliver GRC services. We are constantly seek-ing out innovative methods into helping organizations to unlock the reward associated with an in-tegrated GRC solution.

Deloitte’s GRC Service Delivery Centre (SDC) provides a formal structure for our managed services and for unlocking key benefits and efficiency, consistency and repeatable execution across the entire value chain. 

Our proposed approach for Managed Services provides a hybrid-resource model adjusted for on-site and remote, leveraging the experience, tools and methodologies of Deloitte for incident service and resolution. Efficient service methodologies and procedures are applied to ensure consistent delivery across the Managed Services model.


Examples of our support levels include following services:

Level 1 Services:

• Receives incoming requests from end user

• Delegates to Level 2 for specialised GRC support

• QA over received responses / resolution

• Formalises response to client

• Authorises ticket resolution based on time/cost analysis from Level 2/Level 3


Level 2 Services:

• Request prioritisation

• Time/cost analysis of time & effort for resolution

• Performs GRC enquiries / resolution (refer to next slide)

• Provides monthly report of “worked-on” requests for approval (billing purposes)

• Follow-up status to Level 1 on outstanding requests

• Creates / maintains a knowledgebase


Level 3 Services:

• Advanced GRC support

• Resolution of escalated requests and incidents

• Incident investigation and resolution

• Problem management

• Bug fixing

• Change request management

• Level 2 training and support

• Custom reports


Anh Nguyen

Anh Nguyen


Anh is part of the technology enabled GRC team focusing on business driven transformations from an Internal Controls and Compliance perspective. He has extensive experience designing and optimizing Ri... Mere

Daniel Jørgensen

Daniel Jørgensen


Daniel Jørgensen, Director Risk Advisory, is working with Risk Technology focusing on business driven transformation projects with a Governance, Risk & Compliance focus. He helps his clients with ever... Mere

$(document.head).append(''); $(document.head).append('