Extended Enterprise Risk Management


Extended Enterprise Risk Management

Operational Risk

Effectively managed third party relationships can be a significant source of rising organisational value. We believe that organisations with a good handle on their third party business partners can avoid punitive costs and reputational damage and on top of that they can also gain competitive advantage over their peers. When managed properly, good third party management can add 2-3% of shareholder value.

Your challenge

For many businesses, their global third party ecosystem, also known as the extended enterprise, has recently become important sources of strategic advantage and business value. These organisations see their business partners as their second-most valuable organisational asset. As reliance on third parties continues to grow, so does concern at the number of headline stories depicting regulatory action and reputational damage arising from third party actions. This is driving many organisations to reconsider how they approach the identification and management of the risks posed by third party actions.

Our solution

Deloitte’s Extended Enterprise Risk Management (EERM) professionals can help you identify, evaluate and mitigate key risks of doing business with third parties. We provide consultative and compliance services to help you to ensure that the contract partners in your extended enterprise adhere to the contractual arrangements.

We can advise on how to manage third party risks and supply chain risks across the globe, how to design and implement third party governance frameworks. We can also advise you on structuring your contracts with third parties.

Our services include:

  • Third Party Governance & Risk Management
    We assist in developing a tailored Third Party Risk Management (TPGRM) framework to enable organisations to identify, mitigate and govern third party risks in a holistic and coordinated manner. To help Board and Senior Management in the area of TPGRM, we have developed a framework approach for third party risk management at an enterprise-wide level. This approach includes aspects of the business objectives for using third parties and the associated risks and the required operating model components and detailed management processes for enabling a sustainable, effective program.
  • Business Partner Assurance 
    We can help by independently assessing your partner’s compliance to contractual terms by performing reviews at the third parties. With respect to outsourcing, supply arrangements and joint ventures, we can establish whether third parties are compliant and whether they are delivering expected benefits. In the distribution channel, rebates, special pricing, discounts and other complexities we can assist reducing overcharges from third parties and implement appropriate controls. In licensing and royalty bearing arrangements, certainty over the accuracy of reporting is crucial; we have the tools and knowledge to perform reviews that provide direct monetary results and also add further value.
  • Software Asset Management
    Preventative investment in Software Asset Management (SAM) will help organisations reduce risk and gain financial control of its software assets. We offer a range of services, from targeted point efforts all the way up to fully outsourced SAM. We can help you prepare for software vendor audits, advise you on how to evaluate and design a control framework to manage this risk; we can assist you with designing and implementing an ongoing SAM program and with optimising the full lifecycle of your software assets. Our skilled practitioners can help you manage the multilayered complexity of SAM programs, from focused diagnostics and vendor baselines to full implementations. We offer an integrated approach that includes not just tools, but people and processes as well.

Why Deloitte?

With years of global experience, our multidisciplinary teams can help you manage your third party risks. Our breadth of experience covers all industries and all types of third party relationships: from outsourced providers to advertising agencies, licensees and materials suppliers. We combine in-depth industry knowledge with specialised technological skills and global presence to deliver you the best in class and fit for purpose solutions when it comes to Third Party Governance & Risk Management, Business Partner Reviews, Software Asset Management and Software license compliance.

When it comes to improving the performance of the extended enterprise of your organisation, trust the EERM team to offer you a broad perspective. Our approach focuses on protecting and enhancing the relationships with your partners. We seek to better both sides of the equation. Our approach is technology-driven, our specialists use advanced data analysis to produce specific and measurable results.


Wim Eysink

Wim Eysink


As Senior Partner at Deloitte Risk Advisory, I lead the market offering of Corporate Governance within the Strategic & Reputation practice. In addition, I am responsible for the boardroom program in T... More