IT Advisory Services - Risk Consulting 

Systems and IT services are increasingly a competitive differentiator for companies. New technologies and trends such as the Computing Cloud ("Cloud Computing"), virtualization and applications using mobile devices create opportunities for business, but also bring new risks that require further analysis and controls. The practice of IT Advisory Services - Risk Consulting KPMG has experienced and qualified to treat these risks.



Eduardo Vieira Cipullo


Partner, IT Advisory Services - Risk Consulting


+55 11 3940-1500

Feature image

Luiz Gustavo Cabral


Partner, IT Advisory Services - Risk Consulting


+55 41 3544-4747

Main product lines:


We work with market-leading companies of all sizes and sectors, in order to identify, mitigate and/or manage the risks related to computerized business processes and the IT department itself.


Our services include, among others:


  • Information Security and the leading practices in IT governance risk management, including ISO27001, CobiT and ITIL.
  • IT Internal Audit (co-sourcing and outsourcing).
  • Risk management in projects related to the selection and implementation of IT solutions, including ERP.
  • Risk management related to conflicts of Segregation of Duties and Identity Management.
  • IT Attestation Services, including the Audit of Systems and SAS70/ISAE3402.


How we can help your company


We have the IT knowledge required for improving the efficiency and effectiveness of the system controls in business processes.


Our team has wide experience in automated controls and processes, and is trained on the leading practices of IT operation, management and governance, always aiming at improving in a positive cost-benefit ratio.


Focus on mitigating key risks


“Straightforwardly”, we are objective when dealing with IT risks and issues that are really more relevant to the company’s business and results.


Accelerated productivity


We carry out our advisory projects on IT risks and controls by using management processes, which aim at avoiding potential rework and achieving results in a shorter term and with the least effort, whilst enabling the achievement of the level of details planned.