Luke Nelson

Luke is KPMG’s U.S. Service Leader for Tech Risk Intelligence focusing on delivery and innovation capabilities in tech risk quantification, real time risk reporting and key risk indicator (KRI) and metric program design, build and analytics. He has experience helping clients to identify and assess current state technology risks, working with them to improve their financial, operational, and IT processes and controls; including evaluating their Enterprise Risk Management (ERM) programs. Luke’s experience includes assisting clients improve resource efficiencies and reducing costs while enhancing their IT product quality and procedural effectiveness. He has significant experience using risk-based methodologies and data analysis techniques to evaluate numerous business processes and their system-based controls

Luke works with executive IT management of global Fortune 500 companies to refine and implement their IT strategies. He has executed multiple compliance and regulatory audits, created enterprise testing strategies and centers of excellence, delivered process and Information Technology internal controls assessments. He has also coordinated Information Technology security reviews and application analysis, design, and testing.

• Led the development of KPMG Tech Risk Intelligence, a new solution that provides organizations with financial risk exposure and, using advanced mathematical approaches and modeling techniques, presents best case scenarios for their investment decisions.
• Helps enhance organizations’ reporting capabilities by defining guiding principles to prioritize and aggregate technology risk profiles to provide consistent, concise, and actionable information.
• Advises clients on the development of their IT internal controls rationale across their entire risk profiles, including financial, operational, compliance and strategic risks.
• Assisted one of the nation’s largest insurers in streamlining financially significant in-scope processes, supporting technolog,y and related controls by using top-down, risk-based approaches inclusive of inherent risk compositions across business units and geographies.
• Supports clients in analyzing their technology controls to reassess their strategies and focus on a risk prioritized agenda; efforts include identifying performance metrics, managing control design, executing strategy, and delivering root cause analysis aligned with measureable and actionable recommendations.
• Assesses several current state processes, along with supporting controls and applications, to provide efficiency and effectiveness recommendations complete with action plans.
• Assists clients with the initial process understanding and control gap analysis with subsequent identification, evaluation, and remediation of issues.