-
Privacy and Data Protection
Our digital risk team is made up of a combination of subject matter experts and technical specialists who can help your business comply with the GDPR.
-
Governance, Risk and Compliance (GRC)
While business goals and strategies evolve, our services support you wherever you are in your business cycle. The digital economy is simultaneously increasing the magnitude of new business opportunities while increasing the difficulty of getting it right.
-
ISO 27001 and ISO 27701
Grant Thornton’s ISO 27001 and ISO 27701 specialists will arrange and oversee the formal audit process.
-
SOC 1,2,3
As a service organization there are many ways to provide assurance to your customers and in turn other stakeholders over your control environment. One of the most effective and cost-efficient ways is to issue a Service Organization Control (SOC) Report.
-
Incident Response
Grant Thornton’s Cyber Incident Response Team can support your business in the event of a cyberattack or data loss event. We work alongside your existing IT and Legal teams to provide a co-ordinated, timely and efficient investigation and remediation.
-
Hacking Services
At Grant Thornton, our cyber security experts can develop a bespoke penetration testing plan to meet your business needs and unique IT environment. We can undertake the full suite of testing or conduct individual assessments, as required.
-
Cyber Health Check
Approximately 54% of organizations report that they have experienced at least one cyber-attack during the past year. Grant Thornton’s cyber health check provides you with an objective, jargon-free assessment of your current cyber security, drawing on both qualitative and quantitative elements.
-
Dark Web Threat Intelligence
We use a variety of dark and deep web monitoring tools that continuously scans illegal sites to discover any mention of your data, ranging from breached security credentials such as usernames and passwords to leaked confidential documents of your company.
-
Digital forensics and electronic discovery
We offer a full suite of digital forensics and data acquisition services in investigations related to cybercrime, disputes, fraud and regulatory investigations.
-
Insolvency
If you're facing a time of personal or corporate financial crisis you need advice from someone who listens, who understands your specific issues and deals with them in a supportive and sensitive manner.
-
Crisis stabilisation and turnaround
In periods of financial distress, management teams often face considerable challenges, with many directors having little or no experience of similar conditions.
-
Operational and financial restructuring
Companies challenged by underperformance often need support in identifying options for financial or operational restructuring. Tapping this type of advice helps them create a stable platform for business turnaround.
-
Accelerated M & A
Even fundamentally sound businesses run into difficulties. Cash flow can come under pressure from the loss of a big client, or a dip in performance can threaten a breach of banking covenants if there is insufficient headroom.
-
Indirect Tax
Our experienced VAT specialists are available to assist companies and entrepreneurs of all industries and sizes in meeting their obligations.
-
Direct Tax
We can help you ensure a bespoke balance between tax compliance and effective tax planning for your special circumstances.
-
Ημερίδα Γνωριμίας με την Grant Thornton Κύπρου
Σας προσκαλούμε σε μια μοναδική ευκαιρία να γνωρίσετε την Grant Thornton Κύπρου! Την Τρίτη, 5 Νοεμβρίου 2024, θα έχετε τη δυνατότητα να συναντήσετε την ομάδα μας, να ενημερωθείτε για επαγγελματικές ευκαιρίες και να εξερευνήσετε πιστοποιήσεις όπως ACCA.
-
Life at Grant Thornton
At Grant Thornton Cyprus, we are taking a holistic approach and reimagining the way we work, continually assessing it and making necessary changes to better support our people.
-
In the community
Unlocking the potential for growth in our local communities.
-
Diversity and inclusion
Diversity helps us meet the demands of a changing world. We value the fact that our people come from all walks of life and that this diversity of experience and perspective makes our organisation stronger as a result.
-
Global talent mobility
One of the biggest attractions of a career with Grant Thornton Cyprus is the opportunity to work on cross-border projects all over the world.
-
Learning and development
At Grant Thornton we believe learning and development opportunities allow you to perform at your best every day.
-
Our values
We are a values-driven organisation and we have more than 56,000 people in over 140 countries who are passionately committed to these values.
How to avoid a communications crisis
30 Mar 2016If you don’t want to deal with a communications crisis, make sure your corporate governance procedures are robust enough to prevent it in the first place.
On 18 May 2010, almost a month after an explosion on BP’s Deepwater Horizon oil rig in the Gulf of Mexico, Tony Hayward, BP’s CEO at the time, told reporters: “I think the environmental impact of this disaster is likely to be very, very modest.”
In the event, five billion gallons of crude oil leaked into the Gulf of Mexico, 11 people lost their lives and, to date, BP has spent $55 billion on fines, payouts and clean-up costs. The company’s share price more than halved from a high of 651.46p and has never really recovered.
When a crisis goes beyond the operational aspects of fixing what has gone wrong, there are expensive pitfalls. “There can be costs in terms of loss of share and brand value, lawsuits, bad media exposure and of doing business afterwards,” says Luciano Bordon, Partner, Advisory Services at Grant Thornton Brazil. “The common reason for these crises is the lack of enterprise risk management. When a company has good enterprise risk management, these kinds of failings can be avoided.”
How you communicate with your stakeholders is just as important. If you get it wrong, the repair bill is likely to be much higher than expected.
Three lines of defence
Good enterprise risk management (ERM) is a fundamental part of good corporate governance. Vassilis Monogios, a Partner in Operational Advisory at Grant Thornton Greece, recommends the 'Three lines of defence' model as one to follow. It enables you to understand which structures inside an organisation can help you to identify, measure, manage and audit all possible material risks that threaten the strategic, financial, operational and compliance objectives of the company.
“The first line of defence is management: sales directors, purchasing, finance, IT directors and so on. They manage the risks in their area,” Monogios explains.
“The second line of defence has to do mostly with compliance and risk functions. Compliance deals with what the company needs to implement to be compliant with external regulations and internal processes. The risk function continuously evaluates those risks to see if they are mitigated to an appropriate level, according to the risk appetite of the organisation.
“The third line of defence is the internal audit function, which audits the organisation’s entire operations and captures the material issues that the first and second lines perhaps could not deal with effectively. It’s a very practical model.”
This model can work for smaller organisations as much as larger ones, says Bordon. “If it’s not a whole department, then make people responsible for internal controls. If they don’t have the expertise, hire consultant firms to evaluate internal controls. You can also buy internal audit systems to help in this kind of assessment.”
Watching what you say
An effective ERM strategy will also include a crisis communications plan for when things still go wrong, despite the three lines of defence, says Monogios. Without this, a problem that should be no more than moderate could become bigger. Even worse, a serious problem could disrupt the company's entire operation.
An effective crisis communications plan will cover how the media, public and shareholders are addressed during difficult times, including contingencies for the kind of scenario faced by BP.
Crucially, staff must be familiar with it at every level of the organisation. This is particularly important in today’s world where every employee, not just the CEO, has access to publishing platforms such as Twitter, Facebook and LinkedIn.
“Our best-prepared clients have a compliance department with a big communications plan for the whole organisation that explains good practice and how to avoid crises and mistakes,” says Bordon. “And all those responsible – everyone in management – teach their employees. They have meetings to explain the compliance programme. It's not only down to one person in the company, it's a multi-disciplinary task force.”
No company wants to be caught in the media spotlight for the wrong reasons. Good enterprise risk management helps prevent crises from occurring in the first place but if they still do, it also offers a robust communications plan that tells you how to speak to your stakeholders when things go wrong. As Bordon says: “You want to be more preventative before than detective afterwards, looking for what went wrong.”
To find out more about using enterprise risk management to avoid a communications crisis, contact Luciano directly.