Industries

Helping clients meet their business challenges begins with an in-depth understanding of the industries in which they work. That’s why KPMG LLP established its industry-driven structure. In fact, KPMG LLP was the first of the Big Four firms to organize itself along the same industry lines as clients.

How We Work

We bring together passionate problem-solvers, innovative technologies, and full-service capabilities to create opportunity with every insight.

Learn more

Careers & Culture

What is culture? Culture is how we do things around here. It is the combination of a predominant mindset, actions (both big and small) that we all commit to every day, and the underlying processes, programs and systems supporting how work gets done.

Learn more

Expanding the circle of trust

KPMG helped a leading cloud service provider fast-track authorization to operate in the public sector.

Client

A leading cloud service provider

Sector

Technology

Project

Support for achieving FedRAMP authority to operate

Client challenge

Our client is a global technology conglomerate that develops, manufactures, and sells networking hardware and software, telecommunications equipment, and other high-technology products and services. Having focused on commercial markets since its founding, it wanted to expand into regulated markets but lacked the internal capabilities, organization, and relationships to achieve FedRAMP accreditation on its own. Approval by the FedRAMP—considered the gold standard in cloud security—is critical for this cloud service providers wanting to sell cloud products to the public sector.

With mandates and initiatives increasing adoption of cloud services in the federal government, this cloud service provider (CSP) turned to KPMG—an independent and accredited third-party assessment organization for FedRAMP— to help it obtain the FedRAMP ATO that would open up a substantial and long-term revenue pipeline.

Since the average authorized cloud product generates $150 million per year—and the company has sold 34 projects to date—we helped this CSP gain significant traction in the regulated marketplace.

Key KPMG initiatives

KPMG leveraged leading insights from our deep understanding of FedRAMP authorization criteria and our extensive experience supporting major cloud service providers on their FedRAMP ATO journeys. Our multidisciplinary team of cloud, security, and regulatory subject matter professionals:

1

Conducted a deep-dive diagnostic assessment, examining the current security compliance posture, comparing it to key FedRAMP security controls; translated the gaps and recommendations into tailored, actionable plans.

2

Created an organizational target operating model to support the new cloud product team and set up a project management office to centralize project execution.

3

Wrote thousands of pages of compliance documentation.

4

Advised engineers and developers how to build new environments for 325 most common FedRAMP access controls.

5

Introduced the client to officials at the General Services Administration and the U.S. Department of Health and Human Services, which became the sponsoring agency.

6

Prepared the client for the FedRAMP audit by performing internal readiness testing of technical controls and holding mock interviews.

7

Designed, built, tested, and rolled out a continuous monitoring program after the client achieved its ATO.

Business impact

The client achieved FedRAMP ATO in 11 months for its largest product line. All told, we helped the CSP receive FedRAMP approval for two-thirds of the products it presented for authorization. Since the average authorized cloud product generates $150 million per year—and the company has sold 34 projects to date—we helped this CSP gain significant traction in the regulated marketplace. In addition, the company has expanded its circle of trust with a new base of customers as it continues to transition from hardware provider to CSP, leveraging compliance, security, and privacy capabilities enabled by KPMG.

Why KPMG?

  • Extensive experience

    Our considerable experience with the FedRAMP authorization process provided the structure and support the client needed to fast-track its ATO journey in an unfamiliar, regulated market.

  • Deep relationships

    Our key relationships across the FedRAMP community allow us to identify the leading agencies that want to use cloud services so that we can help clients identify sponsors.

  • High-quality documentation

    We are known for writing compliance documentation that meets FedRAMP standards for quality and engenders FedRAMP’s trust in our clients.

Meet our team

Image of Steve Barlock
Steve Barlock
Principal, Advisory, KPMG US

Explore more

Thank you!

Thank you for contacting KPMG. We will respond to you as soon as possible.

Contact KPMG

Use this form to submit general inquiries to KPMG. We will respond to you as soon as possible.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's Privacy Statement.

An error occurred. Please contact customer support.

Job seekers

Visit our careers section or search our jobs database.

Submit RFP

Use the RFP submission form to detail the services KPMG can help assist you with.

Office locations

International hotline

You can confidentially report concerns to the KPMG International hotline

Press contacts

Do you need to speak with our Press Office? Here's how to get in touch.

Headline