IT Advisory Services 

    KPMG's IT Advisory practice advises on managing risks from the use of information technology. If you are undergoing rapid growth, have large, complex information systems or are implementing new leading edge technologies or e-Commerce strategies, KPMG can help you identify and manage the associated IT risks so you can meet your strategic and financial goals.




How we can help
We work with clients to analyze business technology issues within their businesses.
A client might approach us for assistance with:


  • developing an appropriate IT strategy — we work with clients to develop a clear IT strategy that supports their business objectives
  • sourcing — we offer guidance on the most appropriate strategies for outsourcing or offshoring IT services, and aim to implement effective controls
  • cost reduction – we work with clients to help identify the most effective ways to take costs out of a business
  • logistics and supply chain issues — we examine various aspects of processes and technology, and make recommendations for helping to improve efficiency. This is one of the areas where IT can have the greatest impact
  • regulatory and compliance — we are well placed to assist organizations with regulatory and compliance needs. We have a great deal of experience in identifying and controlling financial and operational risks embedded in business systems.


We focus on the business impact of technology rather than systems implementation, and we are not tied to any hardware or software suppliers. As a result, our advice is independent and geared to the specific needs of each client.


Governance and Performance 


Information Governance can be defined as the judicious and competent management of people and information to enhance the value, security and control of systems-enabled business processes. The Information Governance service line can be split into those services that are focused internally within an organization, and those that are targeted at third parties:


  • IS Governance assessment services include:
  • IT Strategy Development
  • IT Risk Management
  • IT Performance Management
  • IT Asset Management
  • Security Management
  • Transaction Services (IT Due Diligence)


Security, Privacy and Continuity 


As the world embraces the information age, globalization and e-Business security, privacy and high availability, 24/7 computing is becoming business critical. In today's world, security, privacy, high availability and immediate recovery are essential. KPMG offers an integrated set of security, privacy and continuity services:


  • Information Security Assessment
  • Enterprise Security Architecture
  • Security Implementation and Integration
  • Security monitoring and response
  • ISO 27001 (former BS7799) Assessment and Implementation
  • IT Security Policy Development
  • Internet Security
  • Service Level Management
  • Enterprise High Availability
  • Business Continuity Management, including BS25999 implementation and crtification


Regulatory Compliance Reviews


KPMG offers services which help clients manage regulatory and compliance requirements, confirming their compliance with specific technology related standards or requirements and giving boards the information they need to meet their fiduciary responsibilities:


  • Regulatory compliance of IT systems with Romanian accounting and fiscal legislation
  • Internet Banking audit – for compliance with Order 389/ 2007, former order 218/2004 and 16/2003 issued by Ministry of Communications and Information Society, regarding use of electronic payments (Electronic Banking, Internet Banking, Mobile Banking)
  • SEP Audit – for compliance with the technical requirements issued for banks prior to being connected to the National Electronic Payment System
  • Regulatory compliance with the National Securities Commission regulations, regarding the authorization of stock market operators
  • Other regulatory compliance reviews


ERP Advisory  


We provide four component services that can be applied at any phase of an implementation and can be delivered individually or in combination:


  • Business Process Controls
  • Security Controls
  • IT Operational Controls
  • Data Quality/Integrity Controls


IT Project Advisory 


IT Project Advisory (ITPA) services can help organizations identify and mitigate the risk of IT project failure and monitor important project milestones. KPMG's project management professionals focus on enhancing the processes surrounding project & program management offices and evaluating project deliverables.


Services encompass a full range of project governance and advisory services over the full project lifecycle, from business case through to execution and close out. ITPA focuses on IT projects or those projects with a strong IT or Governance element. The vision of ITPA is to be the premier provider of project governance, risk management and advisory services predominantly in the IT project market.


The IT Project Advisory assistance that we provide includes


  • Assistance with the development of the Program Management Office (PMO)
  • Assistance with the development of Project Management processes
  • Project management services for non-IT projects
  • Assistance with the identification of the key business requirements for a project initiative
  • Assistance during a client’s vendor selection process
  • Providing Project Risk Assessments and ongoing Risk Monitoring
  • Providing Quality Assurance services to evaluate, verify and validate the internal processes and deliverables of third parties/ system integrators on a  large technology enhancement project


IT Audit 


As organizations make better use of information technology for rapid communication, information at hand allows them to make better decisions more quickly. But the opportunities create risk surrounding the IT infrastructure that supports these efforts. IT Audit services are designed to consider the host of additional requirements on the external and internal auditing functions and to advise on appropriate controls in place that manage the risks and limit exposure.


IT Attestation 


An IT Attestation review assesse whether transactions are being carried out according to disclosed business practice and verifies controls are in place to maintain integrity of transactions. It also involves advice to client on appropriate steps to prevent the inappropriate use of private information collected from customers. KPMG offers IT Attestation Services that include:


  • ISAE 3402 – conducted in accordance with the International Standard on Assurance Engagements no. 3402 - Assurance Reports on Controls at a Service Organization, on behalf of its customers, performed by an independent auditor.


Trust services such as:


  • WebTrust - based on defined criteria for business practices disclosures, transaction integrity, and information protection
  • SysTrust - for overall availability, security, integrity, and maintainability of the company's systems
  • KPMG WebSeal - evaluates an aspect of an organization's Web site or operations (privacy, Web site security, confidentiality, as well as systems and controls)
  • Payments Cards Industry (PCI) advisory and audit services


Sourcing Advisory 


Many leading companies have begun the process of outsourcing non-core activities to external service providers. KPMG has developed a model for the various stages of the outsourcing process that uses KPMG IT Advisory methodologies to help companies successfully execute the various phases of IT outsourcing.


The services provided by KPMG are:


  • Sourcing Risk Management (SRM) Assessment Services - helping to analyze and effectively manage the risks associated with the strategic sourcing of services;
  • SRM Advisory Services - helping clients plan and realize performance improvement through the strategic sourcing of services.


Business Intelligence and Data Management Services


Our Business Intelligence & Data Management processes reviews, tools assessments, and data analysis can result in a roadmap to help realize your vision for true business intelligence and data quality management. Our services include:


  • Implementing strategies
  • Designing Business Intelligence & Data Management Governance models
  • Handling change requirements taken on Business Intelligence & Data Management programs
  • Getting the support for Business Intelligence & Data Management program changes by strong business cases development
  • Assessing, implementing, and configuring the organization and technologies to enable BI
  • Gaining mastery over data management
  • Developing guidelines for monitoring and enhancing business intelligence going forward.


Sign up now

Subscribe to selected content and receive email alerts when new content is available for viewing on this site.


Already a member? Login


Not a member? Register

Contact us

Please contact us if you have any questions about KPMG services or any other inquiries.