Technology Risk helps our clients better comprehend and manage technology, cyber and information risks. By closely understanding our clients’ issues and strategies, we assist them manage their technology risks and further their business objectives.

We help clients:

• assess the adequacy of their technology risk management through IT auditing and attestation – This includes identifying and testing the key IT controls in place to ensure the integrity and accuracy of their critical data and information assets
• enhance the outcomes from their major IT investments through project risk management support and independent assurance reporting
• identify, manage and reduce their cyber security and other technology / information risks
• enhance their business resilience/continuity and crisis management
• improve their understanding and management of technology risks through designing and implementing effective control frameworks over technology assets
• meet their IT compliance and governance obligations in a way that improves business objectives.

There’s no real average day in our team. During an engagement, your day may involve coordination with client contacts, typically IT managers, system administrators or business process owners, to understand the controls they look after, obtain evidence to support that controls are operating effectively and documenting these for our internal files.

Our work is a mix of onsite work at client offices, follow-ups from the KPMG offices and occasional onsite visits to specific locations such as managed data centres. For larger IT attestation engagements, there is often a component of liaising with overseas KPMG teams, such as the US or UK, which is typically coordinated by the manager on the job.

Other days may involve assisting teams with business development (i.e. collating proposals in response to client requests for services) and attending/developing internal training, as well as involvement in other KPMG initiatives.

You’ll learn the fundamentals of the audit process and how IT is used to process data and information. You’ll develop a feel for the processes within specific sectors and in relation to certain IT services. You’ll see the critical role IT plays in a modern business and how to evaluate IT risk.

Along with developing client facing skills, you’ll grow your technical skills in around auditing and assurance (vs Advisory), how to effectively test controls and how to address risks. You’ll also begin to master the soft skills such as time management, prioritising work, working with others (internal colleagues and external clients), managing expectations, how to communicate effectively, and making an impact (verbal and written).

The best part of the role is the ability to learn on the job and operate independently at an early stage of your career. Every day is an opportunity to learn something new. Whether its technical skills required for the job, or observing other members of the team and how they engage in different situations, there is always something to be taken away. Our team is young. We work hard and take a lot of pride in our work. But we also know how to relax when the work is done.

• Technology Risk