Eric Rae

Partner, Risk Services

KPMG in Canada

Eric Rae is a partner in the Technology Risk Consulting group at KPMG LLP (Canada). He is highly experienced in Digital and Technology Assurance, Risk Services, Cybersecurity, Privacy, Blockchain, and emerging AI technologies. Eric has led numerous complex engagements covering a broad range of infrastructure, enterprise and security architecture, risk management, and attestation areas. 

Eric specializes in a broad range of KPMG services, including: IT governance; IT Control Assurance and Attestation (primarily CSAE 3000/1, SOC 1, SOC 2, SOC 3); Information Security Management Systems and Certification - ISMS (ISO/IEC 27001/2, ITSG-33, NIST, NERC, etc.); Privacy Information Management Systems and Certification - PIMS (ISO/IEC 27701); CSA Star Level 2 Attestation; Cloud Architecture Implementation and Assessment; Identity and Access Management; Supply Chain Security (SOC for Supply Chain); Compliance Management; Cyber Security Design, Maturity Assessments and Penetration Testing; IT Audit Support; IT Business and Continuity and Disaster Recovery; Security Operations; Vulnerability Management; Payment Card Industry Qualified Data Security Standard advisory support; Policies and Procedures; Lottery Draw Machine Attestations; Blockchain Design, Development, and Support for Financial Audit and DeFi Considerations; IT Infrastructure Engagements (such as SIEM, IDS, and IAM); and Ethical AI Risk Management and Attestation.

  • Bachelor of Technology, Computer Systems: British Columbia Institute of Technology

  • Certified Internal Auditor (CIA): Institute of Internal Auditors (IIA)

  • Certification in Risk Management Assurance (CRMA): Institute of Internal Auditors (IIA)

  • Certified Information Systems Security Professional (CISSP): International Information Systems Security Certification Consortium (ISC)2

  • Certified Information Security Manager (CISM): Information Systems Audit and Control Association (ISACA)

  • Certified Data Privacy Solutions Engineer (CDPSE): Information Systems Audit and Control Association (ISACA)