Last updated: 1 July 2021
KPMG, through the course of delivering services to you, utilises third party cloud computing providers.
The Australian partnership is a member firm of the KPMG global organisation of independent member firms affiliated with KPMG International Limited. As such, we will leverage common infrastructure that is managed by KPMG affiliates around the world to a common standard.
KPMG Australia has a dedicated Information Security Office (ISO), including the Chief Information Security Officer (CISO) who is responsible for developing and promoting KPMG's information security policies, standards/processes and security-related initiatives within the firm. KPMG Australia is ISO-27001:2013, ISO27017:2015 (Cloud Security) and ISO22301:2012 certified and undergoes audits every year. KPMG requires that all third-party vendors (including cloud computing providers) comply with KPMG's information security policies and undergo a granular security assessment as per our Vendor Risk Management. The hosting location of third party computing providers is the same country as those listed in KPMG's Privacy Policy.
Where a service-specific cloud computing provider is utilised, this will be noted in our engagement letter with you.