Insights

Fresh thinking and actionable insights that address critical issues your organization faces.

Learn more

Resources

Services

KPMG's multi-disciplinary approach and deep, practical industry knowledge help clients meet challenges and respond to opportunities.

Services to meet your business goals

Technology Alliances

KPMG has market-leading alliances with many of the world's leading software and services vendors.

View all Alliances

Industries

Helping clients meet their business challenges begins with an in-depth understanding of the industries in which they work. That’s why KPMG LLP established its industry-driven structure. In fact, KPMG LLP was the first of the Big Four firms to organize itself along the same industry lines as clients.

How We Work

We bring together passionate problem-solvers, innovative technologies, and full-service capabilities to create opportunity with every insight.

Learn more

Careers & Culture

What is culture? Culture is how we do things around here. It is the combination of a predominant mindset, actions (both big and small) that we all commit to every day, and the underlying processes, programs and systems supporting how work gets done.

Learn more
Relevant Results
Sorry, there are no results matching your search.
Autocomplete suggestions are available. Use up and down arrows to review and enter to select.
See more results

A guiding North Star for cyber risk strength

KPMG helped a FORTUNE 500 omnichannel retailer's enterprise risk team assess and strengthen cloud risk management practices.

Client

A leading Fortune 500 omnichannel retailer

Sector

Consumer and Retail

Project

Google Cloud cyber security platform and cyber risk assessment

Download PDF
Share

Client challenge

An omnichannel retailer had become a Fortune 500 household name by investing in innovation, managing risk every step of the way, and keeping long-term strategy in mind, regardless of the immediate challenge. Its multiyear information technology (IT) transformation journey is no exception.

As the company embraces the possibilities of Google Cloud Platform (GCP), it asked KPMG to assess and help strengthen its cloud risk management practices, with larger business objectives.

Moving through a multiyear digital transformation, this company counted on KPMG to help it ensure that governance is an IT value lever.

Key KPMG initiatives

KPMG helped the company assess current risk posture and develop a framework for ongoing monitoring of platform security and resiliency. Working with the company’s Enterprise Risk team, we leveraged the company’s existing cyber risk audit assets and experience with GCP to deliver a set of risk frameworks aligned to key cloud resources and risk domains. KPMG:

1

Conducted stakeholder discussions to assess the cloud roadmap, GCP services, third-party application development tools, and data types for cyber risk resilience.

2

Designed a set of technical audit guides that capture resource-specific risks, outline controls and configuration settings by vendor platform, and set forth testing approaches.

3

Incorporated additional, sector-specific customer data security and regulatory knowledge to configure the audit program to the company’s needs.

4

Tested controls to identify gaps in current processes, communicated critical risks to leadership periodically, and provided recommended actions to mitigate risks.

Business impact

With the help of KPMG, the Enterprise Risk team has identified key risks across the cloud platform and developed a foundational framework for ongoing management of risk and controls in GCP. Specific benefits include:

1

Governance leveraged as an IT value lever, as the company moves through a multiyear digital transformation.

2

Visibility into critical security, resiliency risks and misconfigurations, as the company continues adoption of GCP.

3

Framework for ongoing monitoring, audit visibility across GCP platform configuration to help ensure consistent application of appropriate processes, configurations and access model.

Why KPMG?

  • Strength and knowledge deliver a winning combination

    The KPMG next-generation alliance with GCP synergizes Google strengths in cloud-enabled IT transformation, with our own domain experience in risk, regulatory compliance, and enterprise deployment.

  • We know cyber security

    The right cyber strategy is an investment in the growth of the business, protecting and enabling the business to move at speed and pace. Our experience in cyber risk and security response combines that strategic perspective with tactical knowledge in areas such as security controls, cloud data storage, backup and recovery, and enterprise implementations.

  • We understand that risk and governance are value levers

    Organizations count on KPMG to bring a high-level strategic perspective to the design and implementation of technology-intensive risk and governance processes, including dimensions of compliance, effectiveness, cost, and resilience.

Dive into our thinking:

A guiding North Star for cyber risk strength

Download PDF

Meet our team

Image of Sai Gadia
Sai Gadia
Partner, Cyber Security Services, KPMG LLP
Read bio
Image of Sai Gadia
Sai Gadia
Partner, Cyber Security Services, KPMG LLP
Read bio

Explore related content

Service
Cyber Security Services
Read more
Industry
Consumer & Retail
Read more
Service
Modernize and innovate with Google Cloud Security
Read more

KPMG. Make the Difference.


Some or all of the services described herein may not be permissible for KPMG audit clients and their affiliates or related entities.

The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the particular situation. KPMG LLP does not provide legal services.

The information contained herein is not intended to be “written advice concerning one or more Federal tax matters” subject to the requirements of section 10.37(a)(2) of Treasury Department Circular 230.

© 2024 KPMG LLP, a Delaware limited liability partnership and a member firm of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

For more detail about the structure of the KPMG global organization please visit https://home.kpmg/governance.

Thank you!

Thank you for contacting KPMG. We will respond to you as soon as possible.

Contact KPMG

Use this form to submit general inquiries to KPMG. We will respond to you as soon as possible.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's Privacy Statement.

An error occurred. Please contact customer support.

Job seekers

Visit our careers section or search our jobs database.

Search now!

Submit RFP

Use the RFP submission form to detail the services KPMG can help assist you with.

Submit

Office locations

View locations

International hotline

You can confidentially report concerns to the KPMG International hotline

Learn more

Press contacts

Do you need to speak with our Press Office? Here's how to get in touch.

Contact

Headline