Information Technology and Business Systems Advisory

IT and Business Systems Advisory

KPMG help clients by utilizing IT and business systems to improve competitiveness, enhance efficiency, reduce operation cost and control risks.

KPMG help clients by utilizing IT and business systems to improve competitiveness...

KPMG's Information Technology and Business Systems Advisory professionals help our clients utilize information technology and business systems to improve competitiveness, enhance efficiency, reduce operating costs, and control risks, i.e. maximize the return on their investment in information technology. Our clients include leading enterprises in many industries such as financial services, e-commerce, payment, hi-tech, telecommunication, social media, cloud services, retails & distribution, and healthcare, etc. We also assist major government organizations, regulatory authorities, and state-own enterprises in providing better services to the public while managing associated risks and protecting sensitive data.


Our goal is to assist clients in gaining competitive advantage through technological innovation, including applying big data, mobile device and cloud computing. Our team has extensive yet profound experience in mobile applications development, cloud architecture design, software deployment and computer-telephony integration. We believe we will be the strongest partner in our client’s digital transformation journey.


Our team members are skilled in IT strategic planning, enterprise software applications, cyber security, information risk management, IT service management, IT project management, as well as information systems audit. Home to consultants with industry-leading professional certificates, KPMG is also the only professional consulting organization in Taiwan certified in ISO 27001 (information security management), ISO 20000 (IT service management), and BS 10012 (personal information management).


Our services include:
Cyber Security and Privacy Protection

Pervasiveness of internet adoption has posed significant challenges in cyber security. We assist our clients to implement processes and technologies for better information security, privacy and continuity. We are among the very few organizations in Taiwan that is qualified to deliver all three pillars of security services: consulting, certification, and training. We are also actively participating in the formation of regulations and standards, both local and around the world. Our services include:

  • a full spectrum of security testing services, ranging from network penetration testing, systems vulnerability assessment, security log review, to the security compliance testing for specific industries such as financial institutions;
  • advisory for implementing standards and programs, international or local, such as SWIFT CSP, GDPR, PDPA, ISO 27001 (information security), PCI DSS (payment security), ISO 22301 (business continuity) , BS 10012 (privacy), HIPPA (for healthcare), and TPIPAS (for e-commerce), etc.; and
  • IRCA-approved training courses for security auditors.


Emerging Technologies Advisory and Implementation

Emerging technologies are rapidly changing the landscape of businesses. We assist our clients to plan and implement new technologies and solutions, while advising them how to manage technology risks and comply with ever-increasing regulations. Our services enable the clients to enjoy the benefits of latest technologies, and avoid additional cost or missing opportunities caused by trial-and-error. Our services include:

  • advisory and audit for electronic payment business;
  • cloud strategy, application, and security;
  • planning, integration, security control, and management of smart/mobile devices, including BYOD (Bring-Your-Own-Device);
  • mobile applications (app) development and implementation;
  • planning and implementation of VDI (Virtual Desktop Interface); and
  • IP telephony integration, and design for mobile cost savings.


Emerging Technology Risk

In the digital era, organizations can achieve tangible benefits from emerging technologies such as IoT, mobile devices, robotic process automation (RPA), or cloud computing. But in doing so, they must recognize and manage the risks that can accompany these technologies, and the regulatory compliance required of them.

We help clients transform emerging technology risk into opportunity, by taking a holistic view of the related risks and responsibly demonstrating effective management of information technology (IT) through governance and controls, data integrity, security and privacy, and supplier management.


ERP Advisory

We provide high-quality professional services that span both technical and functional areas. With in-depth industry expertise and through our strategic alliance with major solution providers of Enterprise Resource Planning (ERP) software, we help clients utilize their application systems to achieve the best result, measurable and sustainable business benefits while reducing risks and uncertainty. Our continuous training and support services assist clients to reduce the total cost of ownership.


Profitability Management Technology Service for Financial Industry

Analysis for profitability and asset/liability management advisory to senior managers alleviate increasing pressure from their stakeholders. The service includes implementation of Fund-Transfer Pricing, Activity-Based Costing, and Multi-Dimensional Performance Assessment. We provide state-of-the-art system platforms that help companies to develop a dynamic business strategy, an efficient organizational structure, an adequate implementation approach, a systematic deployment plan, and a professional training program.


IT Strategy and IT Performance Improvement

We assist our clients, especially CIO’s, to deal with major IT challenges, e.g. constructing the IT strategic blueprint, effectively supporting business growth while controlling IT expenses, and improving customer satisfaction, both internal and external, toward IT services, etc. We help our clients employ best practices such as ITIL, and implement technology tools, to improve IT performance, and to obtain ISO 20000 international certification in IT service management.


IT Project Advisory

For clients executing complex IT projects, we help them identify and mitigate the risk of project failure and monitor important project milestones. Our services include Enterprise Project Management Office, Project Risk Management, Selection Assistance, etc., all designed to increase the chances of achieving project success and optimizing the project benefits.


IT Audit and Attestation

For clients who wish to identify, measure and monitor business risks resulting from their dependence on information technology, we assist them through various audit or attestation programs such as WebTrust, SysTrust, SSAE16 / ISAE3402 (previously SAS70), Service Organization Controls audit (SOC 1, 2, and 3), Certificate Authorities Audit, vendor audit, and general / specific IT audit.

Connect with us