Extended Enterprise Risk Management


Extended Enterprise Risk Management

Turning third-party risk into opportunity

Extended Enterprise Risk Management (EERM) Services can help you better understand your risks and take a more strategic approach to third-party risk management.

Existing approaches allow you to choose the best solution: supplier audit, contract terms audit, monitoring of contractors customization.

Use of third parties is growing 15 percent annually in part due to these factors:
  • Only one percent of organizations surveyed in Deloitte’s 2019 extended enterprise risk management (EERM) survey consider themselves "optimized," addressing all-important ecosystem issues.
  • Efforts to contain cost and to focus the business on core capabilities and solutions that drive revenue.
  • A growing number of specialized business services and automated solutions offered by third parties.
  • Expansion of IoT, cloud computing, and other technology advances in business and consumer practices.
  • Need for globalization and business presence in a greater number of markets and geographies.
  • Augmenting and scaling existing resources to meet changing and seasonal consumer demand.
While managing third-party relationships can be complex, approaching them strategically can reduce risk and cost, and also present new opportunities for growth. EERM can help organizations understand and mitigate third-party risks while improving the bottom line—shifting the focus from cost to overall value and delivering key benefits:
  • Reduced compliance and operational risk
  • Lower cost of third-party relationships
  • Improved performance of third parties and adherence to service-level agreements (SLAs)
  • More collaborative, value-driven relationships
  • Improved business decision making

From chaos to clarity

Deloitte Risk Advisory helps simplify the complex while providing confidence in decision making.

We advise

  • Evaluate existing EERM capability
  • Strategize for EERM ecosystem optimization
  • Design EERM frameworks, including policies and operating models

We assess

  • Perform third-party audits, inspections, and contract compliance reviews

Domain and core solutions (incl. third-party audit)

Тег accordion
  • Third-party cost and revenue recovery

    Utilizes advanced accounts payable analytics and performs a series of supplier contract compliance inspections, statement of accounts automation and reviews, advertising audits, royalty inspections, reseller audits, and software licensing audits, to identify financial leakage recovering both cost and revenue for the organization.

  • Contract management program

    Performs advanced contract analytics to help organizations prepare for regulatory change, optimize contracts and monitor contractual compliance.

  • Third-party compliance and assurance

    Executes third-party on-site audits, and contractual compliance audits.

  • Extended enterprise strategy assessment, design, and implementation

    Helps organizations understand their existing strategy to manage the extended enterprise, offers guidance to help refine this strategy, and drive the implementation of this strategy across the business.

  • Risk management program design and implementation

    Conducts current state assessments of the organization's risk management program, develop a target state for the program, and helps implement the program to both mitigate risk and enhance value across the organization.

About Deloitte Risk Advisory

Deloitte Risk Advisory helps organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage.

We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries.

Get in touch

Are you looking to manage your third-party relationships for growth? We’re ready to help you take the next step in managing your extended enterprise for extended value.

Key contacts

Sergey Kudryashov

Sergey Kudryashov

Partner, Risk Advisory

Sergey is leading Operational Risk and Crisis Management practice in Risk Advisory. Sergey has over 15 years of internal audit, control, and risk management experience in Russia. He also has exposure ... More

Ekaterina Chebykina

Ekaterina Chebykina

Senior Manager, Risk Advisory

Ekaterina has more than 13 years of auditing and consulting experience in Russia. She is a Certified Information Systems Auditor (CISA) and a member of the Institute of Internal Auditors. Ekaterina's ... More