Helping clients meet their business challenges begins with an in-depth understanding of the industries in which they work. That’s why KPMG LLP established its industry-driven structure. In fact, KPMG LLP was the first of the Big Four firms to organize itself along the same industry lines as clients.

How We Work

We bring together passionate problem-solvers, innovative technologies, and full-service capabilities to create opportunity with every insight.

Learn more

Careers & Culture

What is culture? Culture is how we do things around here. It is the combination of a predominant mindset, actions (both big and small) that we all commit to every day, and the underlying processes, programs and systems supporting how work gets done.

Learn more

Anticipating risk, from any direction

KPMG helped a renowned research hospital with leading-practice data security and SoD governance for its Workday HCM solution.


A global patient care and medical research leader




Workday HCM and security configuration

Client challenge

Protecting a world leader in patient care and medical research from financial, regulatory, and reputational risk is a nonstop, evolving endeavor. The hospital’s leadership wanted to protect its transactions and data from threats, and asked KPMG to help design a Security and Segregation of Duties (SoD) framework.

KPMG helped the organization design a leading practice, risk-aware Human Resources (HR) operating model, embedded in its system, policies, and procedures—all powered by the Workday cloud technology. As a result, leadership has balanced the divergent tasks of employee enablement with balancing transactions and personal data. Nearly 16,000 employees have new transaction support tools. And a strong HR organization has grown even stronger—prepared for risk, from whatever direction it arrives.

Our proprietary Workday Security and SoD Analyzer tool provided this client with a detailed gap assessment of SoD conflicts.


KPMG built on our client’s existing cloud experience, helping put into place a leading-practice SoD model within Workday’s Human Capital Management solution. KPMG:


Advised the hospital on the security and controls of Workday’s Human Capital Management cloud solution in order to align it with the current organizational structure, business processes, and regulatory requirements.


Used our proprietary Workday Security and SoD Analyzer tool to conduct a detailed gap assessment of SoD conflicts—in wide-ranging HR processes (e.g., hire-to-retire), role definitions, and application access.


Delivered Workday training workshops for hospital employees overseeing security, change management, and incident management controls prior to Workday go-live.


Advised the client about data security including the security over personally identifiable information stored within Workday.

Benefits to client

With the help of KPMG, the medical facility and its teams are now equipped with a security framework that respects immediate return-on-investment considerations, and supports future-forward risk-awareness. Specific benefits include:


A leading-practice Security and SoD governance model in place, which balances employee enablement with a strong security and control environment.


Reduction in financial, regulatory, and reputational risk exposure, through identification and remediation of SoD conflicts in key HR areas of administration, payroll, core HR, and benefits prior to going live on Workday.


An HR organization equipped for Workday Human Capital Management solution enhancements (as part of future releases), through training, knowledge-transfer, and skills development.


Elevated and expanded security awareness at the leadership level, to include strategic considerations of both short- and long-term privacy, reputation, regulatory, and financial risk.


  • Clients value specialized tools like our proprietary Workday Security and SoD Analyzer

    Our solution is part of our ongoing commitment to bring the full breadth of KPMG to bear on specific client challenges, combining skill sets and insight from deep experience in Workday, cloud security, business process, and information technology risks.

  • We help clients build security and controls awareness into system-implementation efforts

    We take a holistic approach, helping clients consider security and controls opportunities as they upgrade technology or business processes, incorporating security and controls leading practices, and using our specific skill sets to help organizations transition to new behaviors and mindsets.

  • Clients need trusted advisors who deeply understand their chosen technology solution

    KPMG uses our technology alliance with Workday to deliver immediate, specialized insight and help clients best leverage their technology investments. In this case, our client benefited from our strong understanding of Workday’s distinctive and sophisticated security capabilities.

Dive into our thinking:

Anticipating risk, from any direction

Download PDF

Meet our team

Image of Sai Gadia
Sai Gadia
Partner, Cyber Security Services, KPMG LLP

Explore other services tailored to your business​

Thank you!

Thank you for contacting KPMG. We will respond to you as soon as possible.

Contact KPMG

Use this form to submit general inquiries to KPMG. We will respond to you as soon as possible.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's Privacy Statement.

An error occurred. Please contact customer support.

Job seekers

Visit our careers section or search our jobs database.

Submit RFP

Use the RFP submission form to detail the services KPMG can help assist you with.

Office locations

International hotline

You can confidentially report concerns to the KPMG International hotline

Press contacts

Do you need to speak with our Press Office? Here's how to get in touch.