IT Risk & Regulatory Compliance 

In today's fast moving business world, technology platforms and systems play a critical role in the achievement of business objectives. Management of the IT infrastructure (IT Governance), is becoming increasingly critical, by adding value while balancing risk versus return over IT and its processes.

Therefore, it is essential that the risks are identified and assessed to ensure they are being effectively managed. This should be done within a framework of generally accepted IT Security and Control practices to benchmark the existing IT Environment.


KPMG’s IT Risk & Regulatory Compliance provides assurance and advisory services to assist our clients in identifying risks and establishing appropriate controls and security measures from using Information Systems and Technology.


How we can help


Our services include but are not limited to:


  • IT Risk & Regulatory Compliance
  • IT Attestation (ISAE 3402, SAS70, SysTrust, WebTrust, ISO 27000)
  • IT Internal Audit and Compliance
  • IT External Audit and Compliance
  • IT Outsourcing Attestation and Regulatory Assistance


  • IT Governance, Security & Continuity 
  • Information Governance, Privacy and Confidentiality

  • Identity and Access Management
  • Business Systems General and Application Controls
  • Information Protection, Strategy and Policy
  • Business, Security and Technology Assessment
  • Business and Technology Resilience
  • IT Architecture and Infrastructure