Advanced Analytics Platform (AAP)

The implementation of complex transformation and digitalisation projects requires not only a well-founded strategy but also the targeted use of suitable technologies and platforms that enable the implementation of proof of concepts, minimum viable products through to productive applications and, with their flexibility and scalability, are also necessary for the successful implementation of the projects.

Companies with a high need for digitalisation generally have neither such technologies nor the capacities and skills to implement the planned projects. At the same time, the path to the public cloud as a possible managed alternative by third parties is not possible for them without the necessary procedural and regulatory framework conditions due to their data criticality (keyword: data sovereignty).

With the Advanced Analytics Platform, KPMG provides both the platform and the necessary expertise to close the gap along the digital transformation process. On the one hand, it provides the technical basis to enable data processing in a platform operated and protected by KPMG. Secondly, it enables cloud-native software development, from the hosting of database solutions to customised data science and AI applications by KPMG employees on behalf of our clients. In this way, KPMG actively supports the acceleration of the decision-making process for the implementation of transformation projects.

The AAP offers a wide range of services for the optimisation of business processes and the development of innovative solutions. The entire process - from the implementation of a proof of concept to the development of minimal viable products on the AAP - is accompanied to ensure the successful realisation of ideas. Implementation projects are carried out according to specific requirements and supplemented by in-depth analyses and advice on cloud-native better practices. Our expertise also includes advice on setting up organisational teams that can take on operational tasks. In addition, we offer education and training to optimally prepare your employees for new challenges in dealing with cloud-native applications and DevOps processes.

In addition to the implementation of customer-specific requirements, the AAP offers access to a wide range of managed services developed by KPMG and offered as part of our consulting approach.

The AAP offers a centralised authentication service using Keycloak, which can be used by applications via the OpenID Connect (OIDC) protocol. Keycloak enables flexible integration by accessing the KPMG users from the Active Directory Federation Services (ADFS) or the users of clients via a connected identity provider, depending on the application scenario. It is also possible to use both an external identity provider and KPMG's own ADFS in parallel. This makes it possible to grant KPMG and client users access to the application at the same time, ensuring seamless and secure authentication.

In the background, the AAP is an orchestrated container platform based on Kubernetes. This enables the use of state-of-the-art container technology for a variety of use cases and thus increases the scalability and efficiency of development and operating processes.

The container platform is designed on the basis of KPMG's high security standards and thus enables the secure execution of applications and processing of customer data. This includes the areas of observability, access management, CI/CD system and storage management, in each of which dedicated cloud-native tools are used and which have all been integrated with a focus on multi-client capability, DevSecOps processes and the secure operation of applications.

The platform is managed and operated by KPMG IT Service GmbH, a wholly owned subsidiary of KPMG AG Wirtschaftsprüfungsgesellschaft based in Berlin. The physical servers on which the platform is hosted are located in Germany and provide a secure and reliable infrastructure. The virtual machines are based on Red Hat Enterprise Linux, which ensures a robust and powerful environment for your applications. To ensure integrity and protection against malware, all uploaded data is scanned by platform-wide virus scanners. In addition, customer applications are automatically scanned for application vulnerabilities to further increase security. Client data is stored and processed in isolation from each other by using separate namespaces, which guarantees clear separation and security of the data.

KPMG AG WPG is ISO 27001 certified and therefore has a recognised information security management system.

The data centre has the following certifications:

• Climate Neutral Data Centre Pact

• Cyber Essentials

• EU Code of Conduct

• ISO 14001

• ISO 22301

• ISO 27001

• ISO 45001

• ISO 50001

• ISO 9001

• PCI DSS

• SOC 1 Type II

• SOC 2 Type II

• TISAX