Deloitte's Risk Advisory provides guidance on risks inherent to cutting-edge technologies and business automation, enabling companies to improve the efficiency of their processes and make the most of the technologies they implement. Our goal is to support companies in achieving their operational and financial objectives by helping them assess, manage and mitigate cyber risks
Implementing an Enterprise Resource Planning (ERP) system is a complex undertaking for any company. Successful ERP implementation usually requires considerable business process redesign, resulting in changes to the internal control environment.
Our internal control services cover the entire lifecycle of an ERP system: from identifying risks, designing control procedures and establishing segregation of duties rulesets at the implementation stage, to ongoing monitoring and assessment or one-off post launch reviews. This will give you a comprehensive understanding of the key risks affecting your business along with the control procedures needed to address them; ensuring that your processes work as required and helping you avoid costly reconfigurations after implementation.
Segregation of duties in ERP systems
Many organisations are using or planning to implement ERP systems to automate their business processes, which calls for appropriate segregation of duties. To reduce the risk of fraud and unauthorised transactions, no single individual should have control over two or more parts of a process. From experience, most segregation of duties issues occur because an organisation has not taken a risk-managed approach to designing processes or failed to devote enough attention to the segregation of duties.
Financial incident response
An efficient financial incident response system enables companies to communicate uninterruptedly on new issues and risks, providing tools for the continuous development of business processes and controls. This allows organisations to enhance their financial performance.
Deloitte’s financial incident response services comprise the following:
- implementation of financial incident response systems;
- diagnostics of financial incident response systems;
- development of financial incident response systems.