Governance, Risk, and Compliance (GRC) Technology Services assist clients with identifying technology requirements to support their GRC processes, selecting GRC vendors, implementing technology platforms, and performing a post deployment review to assess lessons learned from the implementation.
KPMG's GRC Technology Services provide:
- Strategic benefits: Provides monitoring capabilities such as dashboards and macro-level analysis to support the client’s efforts to achieve enterprise assurance.
- Tactical benefits: Supports GRC management by providing a repository for document business processes, policies, control objectives, and risks. Reports provide information on risk and compliance management.
- Operational benefits: Provides configurable controls monitoring, access controls/SoD (Segregation of Duties) analysis, automation of access authorization, periodic attestation of system privileges, and transaction analysis.
GRC Technology Services can help companies
- Enhance efforts to implement enterprise-wide governance
- Eliminate manual efforts by leveraging capabilities of GRC automation
- Reduce redundancies to increase corporate performance
- Achieve convergence of risk and compliance tracking and reporting
- Develop a sustainable approach toward risks, controls, and compliance management
- Harness business intelligence
- Build entity-specific frameworks that coordinate all compliance requirements into a single framework, thereby reducing the need to “test” and “monitor” controls separately
- Address the complexities of compliance across various frameworks by rationalizing risk management , controls and the underlying enabling technology
Featured Success Story
KPMG's team worked with a global chemical distributor whose manual processes were prone to inconsistencies and duplication and required considerable time and effort to maintain process documentation as well as integrate risk and control information across the organization. KPMG provided project management support for the GRC tool selection project and assisted with the definition of business requirements and vendor due diligence for GRC tool selection. The company selected a leading maker of compliance and enterprise risk management software as the preferred vendor and KPMG continued to provide support during the implementation by providing subject matter input.
For more information: