Helping clients meet their business challenges begins with an in-depth understanding of the industries in which they work. That’s why KPMG LLP established its industry-driven structure. In fact, KPMG LLP was the first of the Big Four firms to organize itself along the same industry lines as clients.

How We Work

We bring together passionate problem-solvers, innovative technologies, and full-service capabilities to create opportunity with every insight.

Learn more

Careers & Culture

What is culture? Culture is how we do things around here. It is the combination of a predominant mindset, actions (both big and small) that we all commit to every day, and the underlying processes, programs and systems supporting how work gets done.

Learn more

KPMG and Archer together with complementary strengths

Improve risk posture, increase effectiveness of compliance, and lower the cost of enterprise risk governance

Today’s enterprises are faced with new challenges in managing the risks to an increasing volume of data, adhering to information protection requirements, meeting business resiliency needs, and addressing enterprise governance, risk, and compliance management (GRC).

KPMG delivers our clients Archer services, driven by a strong set of established methodologies that have been tried and tested across multiple large-scale GRC deployments. Each service has purpose-built tasks that will help realize industry-standards-based benefits of Archer as well as a “process-first” viewpoint of KPMG with a well-heeled approach to project management and comprehensive organizational change management.

KPMG has unique insight into Archer as both a partner and a customer. Our Archer Certified Consultants, who implement our own internal Archer solutions, also deliver Archer services to our clients, allowing KPMG to share our experiences with our clients and help them avoid common pitfalls during their implementation.

KPMG integrates our in-depth understanding of Governance, Risk and Compliance (GRC) management processes with the technological capabilities available in the Archer Suite to improve and report on enterprise risk and compliance needs including IT, security, business resiliency, and third party risks, amongst others. We deliver our clients strategy, implementation roadmap, configuration, and enablement of specific GRC processes and holistic GRC programs on the Archer platform. This range of services enables our clients to take smart, flexible approaches to the adoption of the Archer platform.

How we have helped companies with important business issues:

  • KPMG helped a life sciences company review its current environment; identify any gaps prior to Archer 6.x upgrade; perform the upgrade across its development, test, and production environments; and complete an end-to-end validation post upgrade. The client received a fully upgraded platform where current users were not impacted. In addition, new users onboarding onto the Archer platform will get to work with the latest features offered by the tool.
  • To help a healthcare services and distribution company with its board-level initiative to enhance manual third-party risk management processes, KPMG worked to achieve a single repository for IT policies and issues that can be used for roll-up reporting at the enterprise level. In addition, the client was able to operationalize its third-party risk processes and report third party risk to the board.
  • A regional financial services organization needed a way to report on its overall cybersecurity posture to the board and measure its assurance against NIST CSF. KPMG provided Archer strategy and implementation services, and by completion of the project, the client was able to operationalize a Cybersecurity Assurance Program, measure maturity across the NIST CSF framework, and identify any deficiencies for continuous cybersecurity improvement.
  • At a major wireless network operator, manual GRC processes were labor intensive and minimally leveraged across different organizations within the enterprise. KPMG assisted in the development and implementation of reengineered GRC processes using the Archer platform. This resulted in an enabled unified GRC platform integrating its previously disparate GRC processes with a unified framework aligned to industry standards and leading practices. Our work enabled a centralized view of GRC issues, events, and unresolved findings and improved accountability and tracking.
  • A major oil and gas company strived to be a leading organization in information risk management but was faced with a number of different systems, controls, processes, and assurance structures that did not allow for maximum value to be achieved from its business model. By implementing the Archer eGRC solution, KPMG was able to establish a consistent platform for risk, compliance, and incident management processes. KPMG delivered a program of behavioral change management that prepared the workforce for the new technology and enhanced processes.
  • KPMG helped a leading insurance company replace a Sarbanes-Oxley (SOX) compliance point solution that was not user friendly and had become bloated from over a decade of use and was not able to provide effective workflows necessary to ensure a managed end-to-end SOX management process. We helped deliver a wide-ranging SOX compliance program that is managed within Archer. Mature SOX and issues management processes were developed and agreed upon by all stakeholders, providing an enhanced yet consistent approach to addressing these areas.
  • A global media and entertainment organization conducted unstructured and uncoordinated IT GRC activities and improvement initiatives with limited integrated vision for IT GRC. It had limited program governance and oversight, with limited direction and knowledge of IT GRC strategy and no single channel for policy-related issues and guidance. KPMG provided visibility and organization of IT GRC issues to management, provided a peer assessment, formalized known improvement areas by establishing them into project charters to ease implementation, and provided a two-year road map to formalize the IT GRC program.
  • A large multinational financial services company engaged KPMG to assist the company with development of a GRC strategy and an Archer eGRC road map that would allow the company to track enterprise risk, IT risk assessments, application assessments, related issues management, and foundational elements. Upon completion of the project, the company is now enabled to provide its executive stakeholders real-time enterprise-wide status updates on enterprise risk management and enterprise technology risk assessment such as IT risk assessments and application assessments and enhanced with related issues management activities through a single platform.

Dive into our thinking:

KPMG and Archer together with complementary strengths

Download PDF
YouTube thumbnail image

KPMG and Archer together

Meet our team

Image of Prasanna Govindankutty
Prasanna Govindankutty
Principal, Advisory, Cyber Security Services, KPMG US

Explore more

Thank you!

Thank you for contacting KPMG. We will respond to you as soon as possible.

Contact KPMG

Use this form to submit general inquiries to KPMG. We will respond to you as soon as possible.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's Privacy Statement.

An error occurred. Please contact customer support.

Job seekers

Visit our careers section or search our jobs database.

Submit RFP

Use the RFP submission form to detail the services KPMG can help assist you with.

Office locations

International hotline

You can confidentially report concerns to the KPMG International hotline

Press contacts

Do you need to speak with our Press Office? Here's how to get in touch.