Internal Audit, Risk and Compliance Services 

Management today should no longer be satisfied with internal auditors who merely perform financial and compliance audits. Business leaders should demand that internal audit functions continuously demonstrate that they add value to the organization.


Assurance must be provided to management and the organization's stakeholders that sound governance is practiced; critical business issues and risks are being effectively controlled; opportunities are identified and capitalized upon; and potential losses and fraud can be prevented - not just detected after the fact.

Services which meet these requirements add value to the organization and continuously improve the business strategies of management while still addressing the traditional compliance and financial areas.

KPMG’s Internal Audit, Risk & Compliance services offer a wide range of tailored services and products to help enhance corporate governance, assess business risk, provide assurance on control effectiveness and support you in achieving your organization's goals.


KPMG’s Internal Audit, Risk & Compliance services include:

  • Internal audit Co / Outsourcing
  • Internal Controls Review
  • Strategic Performance Review of Internal Audit Function (KSPRint)
  • Establishing / revitalizing the internal audit function
  • Enterprise-wide Risk Management, including Risk Assessments
  • Governance review and assessment
  • Sarbanes-Oxley assistance services 


Dr. Rasheed Al Qenae

Managing Partner

+965 22287000 

Ali Abbas

Senior Manager

+965 22287000 

Internal Audit Co/ Outsourcing

During times of economic challenges and cost reducing objectives, companies increasingly source functions outside of their core competencies as a way of reducing costs, freeing up capital, and achieving greater flexibility. Strategic sourcing of internal audit (IA) can give an organization immediate access to specialized resources and subject matter professionals globally to help quickly adjust to changing business conditions. The basis of our approach to delivering an effective outsourced or co-sourced internal audit function is to view it using a wider lens that looks at your entire business and places the function in the context of your whole organization. Our professionals, aided by proprietary tools and methodologies, assist organizations to move forward with the right approach to improve or establish their internal audit functions. KPMG’s proprietary Global Internal Audit Methodology offers a wide-ranging approach that coordinates a series of steps and activities designed to meet the increased requirements of today’s internal audit function.


Strategic Performance Review of Internal Audit Function (KSPRint)

KPMG’s Strategic Performance Review of Internal Audit (K’SPRint) is our global approach to providing a strategic diagnostic review that helps organizations increase the value of their Internal Audit function. KPMG’s K’SPRint methodology helps management assess how well Internal Audit is positioned within the organization to contribute to business performance and provides a basis for redesigning or improving the function. The methodology is supported by a conceptual framework that identifies three focus areas, “Positioning, Processes and People” and the related “driving principles” drawn from KPMG’s knowledge and experience with internal audit functions. It also encompasses assessment against leading practices and IIA Standards.


Establishing an Internal Audit Function (EIAF)


KPMG’s EIAF methodology will assist organizations in delivering a co-source or outsource engagement that requires the establishment or revitalization of the internal audit function. EIAF focuses on providing support to those organizations that have none or a small IA function and guides clients with the steps needed to establish an internal audit function. The implementation of EIAF will typically involve the consideration of existing business processes, controls, business models, systems and organizational structures, all of which aim to help an organization achieve its business objectives and help enhance overall performance results.


Enterprise-wide Risk Management, including Risk Assessments


Enterprise Risk Management (ERM) Services focus on helping organizations implement sustainable ERM systems, as they pursue more profitable and competitive operations.  Our professionals help clients develop predictive capabilities so that clients can react to risk and respond in a manner that enhances business value and performance. Our industry-specific ERM capabilities apply to all financial and non-financial sectors, and include: enterprise risk assessments, an evaluation of the current state of risk management practices; the development of a practical road map to achieve the desired risk management end-state; knowledge transfer; and training.


Governance review and assessment

One of the most important challenges for board members is to build a foundation of trust - with management, the investment community, regulatory agencies, and the public. The stakes are high and the margin for error is low. While new standards are emerging, one thing remains clear: the responsibility to adopt sound governance practices has been placed squarely on corporate directors and officers. KPMG has developed a strategic framework that can enable a board to self-assess its existing governance practices and to build consensus around brining desired changes to fruition. Such an assessment is not only prudent but also responsive to increased stakeholder expectations for board self-evaluation.