Our advisory services enable your company to make the operation and use of the IT environment more secure. We uncover information security risks that affect your company, improve your security processes and help to be compliant with legal requirements or to be prepared for audits againts different standards.
Our professionals provide you assistance in the following fields
Explore our cyber security advisory services
Review from cyber security perspectives; incident management; compliance.
KPMG’s Data Management and Data Protection services help you to manage and protect sensitive employee and client data effectively and in compliance with legal regulations. Our professionals support you with the enhancement of your data classification system, review your data management solution from legal compliance and information security perspectives and help you in implementing an efficient solution for data leakage management by taking into consideration the cost-effective management of incidents that have already occurred.
Assessment and development of the level of data loss protection.
KPMG’s data loss prevention (DLP) services give you assistance in identifying and fulfilling your data protection-related needs. By assembling the data inventory of your company we identify the scope of the data to be protected. We assess the channels that may pose a risk of data leakage and we determine the current data loss protection level of the firm. Based on the results of our review we highlight the development points. We can also assist you with choosing and implementing a DLP solution which best fits you company’s needs.
Simulation of security attacks which take advantage of human naivety and carelessness.
Employees who can be misled are one of the most serious non-technical information security threats to an organization. Using agreed rules and methodologies, we execute social engineering attacks and prepare action plans for the company based on our results, in order to avoid similar incidents. Our audit can be paired with a security awareness training, so that employees become more aware of attackers’ techniques and of the importance of safety measures to be complied with.
We identify and rank information security threats and elaborate an action plan.
Our comprehensive information security risk assessment helps to understand, treat and enhance protection against security risks. After we have taken an assessment of the company’s asset and information inventory, we determine the characteristic threats and prepare a business impact analysis to forecast damages which occur in case the threats become reality. On the basis of historical events, our prior experience and employee interviews at your enterprise we also estimate the likelihood of a threat becoming reality. Finally, we rank all information security risks relevant to your firm and prepare an action plan.
With our methodology founded on international standards and recommendations (such as the ISO 27000 series of standards or the COBIT framework), we help your company to develop and implement information security policies and processes which create a modern regulatory and documentation framework for information security purposes. Upon your request we assess existing IT and information security policies and procedures at your organization, focusing on verification of specific mandatory policies and their level of quality.
We help you establish a modern documentation framework for information security purposes.
With our methodology founded on international standards and recommendations (such as the ISO 27000 series of standards or the COBIT framework), we help your company to develop and implement information security policies and processes which create a modern regulatory and documentation framework for information security purposes. Upon your request we assess existing IT and information security policies and procedures at your organization, focusing on verification of specific mandatory policies and their level of quality.
Using the Cyber Maturity Assessment methodology, KPMG can effectively assess the cyber security preparedness of companies.
Cyber security risks are not new but they continue to evolve at an ever-quicker pace. Companies and public sector organizations now need to comply with an increasing number of requirements set out in legal regulations, with internal policies and with those set by authorities in the fields of data protection and privacy.
Download our summary about Cyber Maturity Assessment (PDF)
We help you comply with various IT-related laws and international standards.
KPMG assists its clients to help them comply with various IT-related laws and international standards (e.g. ISO 27001, ISO 20000, ISO 22301, ISAE 3402, PCI DSS). Depending on your needs, we identify for you which legal regulations are applicable to your enterprise, and review whether the firm meets the requirements set out in those regulations or in the international standard you wish to comply with. Finally, we highlight the areas for improvement.
We help you implement a solution that enables quick recovery after incidents or disasters.
KPMG’s business continuity management solution is a proactive, risk-based approach that reduces the risks of unavailability of services and information and helps quick recovery or replacement of resources after incidents and disasters. Our methodology is based on international standards and the experience of our professionals, who support our clients with developing, implementing and maintaining a framework, policies and plans for business continuity.
KPMG global tech report 2022
Global technology leaders share their digital transformation progress and explore how to strengthen ongoing digital maturity.
Download PDF (1.75 MB) ⤓