chili peppers


Operational Risk Services

Deloitte helps organizations transform the ways they leverage people, third-party relationships, technology, data, business processes, and controls to manage operational risks and elevate business performance. Developing integrated, strategically-aligned operational risk management solutions allow organizations to make optimized business decisions.

Our services

  • Internal Audit (IA)– We help transform internal audit functions by teaming with, or serving as, the internal audit function to make improvements in internal control and process efficiency and contribute to effective regulatory compliance. We provide input to established internal audit functions on their strategy and purpose, resourcing models, and technology.
  • Assurance– We offer specialized information technology audit services to deliver risk and controls, audit analytics to extract insights from data, as well as third-party assurance to manage risks from the extended enterprise.
    • Third Party Assurance (TPA) – We help companies design and execute risk based supplier evaluation programs. We also help suppliers develop and issue independent attestation reports under many different standards (e.g., ISAE3402 / SOC1, SOC 2 and ISAE3000 including GDPR Attestation services). Follow the link for more information.
  • Conduct Risk– We help organizations assess and evolve the values, beliefs, tone, conduct, and understanding of risk culture to align with their strategy and business practices.
  • Extended Enterprise Risk Management– We evaluate and manage third-party risk related to outsourcing, licensing, alliances, and other business partnerships across the organization to maximize business performance, streamline information technology and licensing costs, and optimize supply chains.
  • Operational Risk & Transformation– We help clients transform the ways in which they leverage people, technology, data, business processes, and controls to address their operational risks and drive business performance.  
  • Technology & Data Risk– We help clients transform their enterprise-wide technology and data management frameworks to improve decision-making at the senior stakeholder level.

Download the report: Internal audit insights

High-impact areas of focus

This year’s edition of our Internal Audit Insights series identifies eleven areas of high impact for Internal Audit in the year ahead. It also explains why these areas are important to stakeholders and how Internal Audit might approach the area in upcoming audit plans.

PDF (30,2MB)

Key contact

Endre Fosen

Endre Fosen

Leder Risk Advisory

Endre er leder for Risk Advisory i Norge, og har arbeidet med risikostyring og etablering av risiko- og internkontrollsystemer for en rekke av Norges ledende virksomheter. Han er sertifisert IT-reviso... Mer