Sanna Suvanto

Director | Audit

KPMG in Norway

Sanna is the Head of Information Risk Management (IRM) at KPMG Norway. She has a long experience as an information Systems Auditor managing several projects for many national and international companies in wide variety of industries. Her areas of special expertise include IT and business process controls and assurance, ISAE 3402 service organization audits, data analysis, shared service center audits, system implementation assurance and Sarbanes-Oxley (SOX) compliance auditing and implementations. In years 2003 - 2005 she was performing internal control implementations, validations and evaluations as required by the US Sarbanes-Oxley Act of 2002 in San Jose, US. Since then she has been extensively involved with SOX and other internal control projects worldwide, helping global organizations to develop and harmonize internal controls in business processes and IT. Her experience as a financial auditor earlier in her career gives her a great understanding on information systems and controls around the financial reporting process.


Telefon: +47 952 60 768


  • Bankvirksomhet
  • Bedriftsrådgivning
  • Detaljhandel
  • IT-rådgivning
  • Internasjonale markeder
  • Nasjonale markeder
  • Revisjon
  • Rådgivning
  • Teknologi
  • Økonomitjenester
  • 1999 Master of Science in Economics (Major Accounting), University of Vaasa, Finland

  • 2016 - KPMG Norway, Information Risk Management, Director

  • 2013 - 2016, PwC Norway, Risk Advisory Services, Senior Manager

  • 2005 - 2013, PwC Finland, Systems and Process Assurance, IT Auditor and Internal Control Specialist

  • 2003 - 2005, PwC US, Assurance, Senior Associate

  • 1999 - 2003, PwC Finland, Assurance, Financial Auditor