KPMG is proud to be recognized as a "Leader" in the IDC MarketScape Worldwide Cybersecurity Governance, Risk, and Compliance (GRC) Consulting Services 2025-2026 Vendor Assessment. We believe this recognition reflects our deep commitment to helping organizations unify risk taxonomy, controls, and assurance into a cohesive governance model that can strengthen transparency from process level to the board. With mature methodologies, scalable libraries, and defensible scoring models, KPMG supports clients in accelerating assessments, prioritizing remediation, and demonstrating measurable progress in risk reduction and compliance efficiency.

      KPMG’s strengths as recognized by IDC MarketScape in the report

      • KPMG connects enterprise risk, controls, and assurance methodologies that translate into clear governance, improving transparency from process to board.
      • KPMG has developed libraries and scoring models that scale assessments, establish defensible prioritization, and accelerate supplier remediation.
      • Reporting and narratives resonate with leadership. Metrics tie investment to outcomes, safeguarding sponsorship and budget.
      • Organizations that are subject to supplier, privacy, or conduct risks will benefit from KPMG's libraries and scoring models, which can scale assessments and prioritize remediation with defensible criteria.
      • Organizations must tell a clear story on risk reduction and compliance efficiency. KPMG offers package metrics and narratives that resonate at the top, protecting sponsorship and budget.
      • When organizations need risk taxonomy, control design, and assurance to unify, KPMG's methodology builds that connective tissue, improving transparency from process to board.

      Our perspective

      We feel this recognition underscores KPMG’s ability to bring together risk taxonomy, controls, and assurance to strengthen enterprise‑wide governance. With scalable libraries and defensible scoring models, we empower organizations to accelerate assessments, sharpen prioritization, and address supplier, privacy, and conduct risks more consistently. Our leadership‑ready metrics and narratives help teams articulate risk reduction and compliance efficiency with clarity and confidence — enabling sponsorship, sustaining investment, and demonstrating tangible outcomes.

      What KPMG Leaders are saying about the recognition

      We believe this IDC recognition reflects the trust our clients place in KPMG to guide their cybersecurity and governance transformation. Our approach is rooted in clarity, consistency, and a deep understanding of how risk connects across the enterprise.

      Laurent Gobbi

      Global Tech Risk Leader, KPMG

      Learn more about how KPMG can help you strengthen Cybersecurity GRC

      KPMG professionals bring deep experience, connected methodologies, and scalable technology enabled models to help organizations advance their governance, risk, and compliance programs with clarity, efficiency, and measurable impact.

      About IDC MarketScape:

      IDC MarketScape vendor assessment model is designed to provide an overview of the competitive fitness of technology and service suppliers in a given market. The research methodology utilizes a rigorous scoring methodology based on both qualitative and quantitative criteria that results in a single graphical illustration of each vendor’s position within a given market. IDC MarketScape provides a clear framework in which the product and service offerings, capabilities and strategies, and current and future market success factors of IT and telecommunications vendors can be meaningfully compared. The framework also provides technology buyers with a 360-degree assessment of the strengths and weaknesses of current and prospective vendors.

      Our insights

      Proactively get ahead of cybersecurity issues.

      In an AI-dominated business environment, the foundational principles of cybersecurity are even more critical.

      Organizations are rapidly adopting AI. It’s exposing them to new risks. It is also creating countless opportunities to improve operations and efficiencies, unlock value and grow competitive advantage.

      Our people

      Laurent Gobbi

      Global Cybersecurity and Tech Risk CoE Leader

      KPMG en France