chili peppers


Operational Risk Services

Deloitte helps organisations transform the ways they leverage people, third-party relationships, technology, business processes and controls to manage operational risks. Developing integrated operational risk management solutions allow organisations to make optimised business decisions.

Our services


Internal Audit (IA) 

We help transform internal audit functions by teaming with, or serving as, the internal audit function to make improvements in internal control and process efficiency and contribute to effective regulatory compliance. We provide input to established internal audit functions on their strategy and purpose, resourcing models and technology.



Increasing transparency, relevance and value of information disclosed to the market, investors and regulators around business performance are essential to enable sustainable growth. We offer specialised information technology audit services to deliver risk and controls, audit analytics to extract insights from data, as well as third-party assurance to manage risks from the extended enterprise.


Conduct Risk 

Conduct and culture is top of mind of Boards and Senior Management. We help organisations assess and evolve the values, beliefs, tone, conduct and understanding of risk culture to align with their strategy and business practices. Our team provides advice to help organisations shift from a reactive to a proactive management of their business practices and employees’ behaviors.


Extended Enterprise Risk Management 

Extended enterprise risk management (EERM) is the practice of anticipating and managing exposures associated with third parties across the organisation’s full range of operations, as well as optimising the value delivered by the third-party ecosystem. We evaluate and manage third-party risks related to outsourcing, licencing, alliances and other business partnerships across the organisation to maximise business performance, streamline information technology and licensing costs and optimise supply chains.


Operational Risk and Transformation 

In many organisations, risk is an important, but largely supportive, function focused on well-defined risks, such as financial, operational and cyber risk, yet rarely integrated with the core business. We help clients transform the ways in which they leverage people, technology, data, business processes and controls to address their operational risks and drive business performance.  


Technology and Data Risk 

Organisations depend on reliable data. Well managed data drives revenue, reduces costs and mitigates risk. Managed poorly, it can inflate costs and expose business to different levels of risks. We help clients transform their enterprise-wide technology and data management frameworks to improve decision-making at the senior stakeholder level.

Meet our leader

Siah Weng Yew

Siah Weng Yew

IT, Data & Analytics Leader, Controls Assurance Leader, Southeast Asia

Weng Yew leads both the IT, Data & Analytics, and Controls Assurance practice in Southeast Asia. He has more than 28 years of audit and advisory experience, and has worked on projects across a broad r... More