KPMG LLP

Cyber Risk Quantification Service with KPMG Cyber Risk Insights

This service enables CISOs and the Board gain visibility of their cyber risk exposures and quantify business-critical impacts using data (including financial impact analysis), enabling cyber strategy design and investment prioritisation. Our service includes deployment and adoption of KPMG's Cyber Risk Insights Product, our intuitive Cyber Risk Quantification SaaS platform.

Features

• Cyber risk quantification assessment, analysis and strategic risk reporting
• Threat and attack-modelling of cyber compromise-scenarios relevant to your business
• Identify strengths and weaknesses in your defences
• Simulation analysis to test effectiveness of cyber capabilities and controls
• Measure risk reduction through cost-benefit analysis of your cyber programme(s)
• Cyber risk exposure reporting and analysis
• Cyber risk quantification services support
• Investment appraisal of cyber strategies and business cases
• Cyber business case development and analysis
• Cyber-related financial loss modelling, impact analysis and stress-testing

Benefits

• Quantify your cyber risk exposures using financial and non-financial data
• Identify what capabilities you should prioritise to maximise risk reduction
• Make better, more defendable investment decisions, supported by evidential data
• Understand your risk reduction profiles relative to your investment appetite
• Communicate cyber risk posture to the Board in business terms
• Upskill your cyber risk professionals in cyber risk quantification
• Enable regular, systematic, consistent and data-driven cyber risk assessments
• Develop cyber business cases that meet HMG Green Book guidance
• Stress-test the effectiveness of your defences, capabilities and controls
• Enable benchmarking of cyber-risk posture to achieve collaboration and knowledge-sharing

£400 to £2,855 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at psopportunities@kpmg.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

348731268123376

Contact

KPMG G-Cloud Team
02073111000
psopportunities@kpmg.co.uk

Planning

• Planning service: No

Training

• Training service provided: Yes
• How the training service works: We can provide cyber risk quantification training generally, and specifically for KPMG Cyber Risk Insights
• Training is tied to specific services: Yes
• Services the training service works with: KPMG Cyber Risk Insights

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: This service helps you address tough cyber risk management questions from a variety of perspectives by: ; optimising protection portfolio of cyber capabilities needed to optimise protection against threats; optimising spend; Identifying business benefit delivered from proposed cyber investment;; Measure quantitatively to understand true risk exposure - likelihood in year and potential impact vs. cyber risk appetite; and, ; building understanding by explaining complex interdependent cyber risk exposure simply.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security audit services

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: Availability of key client side staff, quality of information provided can both reduce the quality of delivery

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: KPMG will respond to all communication during UK office hours. We endeavour to provide you with a response within 24 hours.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: This service is delivered primarily on a time and materials basis.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 05/05/2022
• What the ISO/IEC 27001 doesn’t cover: Any item not in Satement of Applicability v10
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We’ve committed to Net Zero 2030, backed by our environment strategy, aligned to the 1.5-degree pathway, and approved by the Science Based Targets Initiative. And introduced an internal carbon price. A self-imposed tax that’s applied to our energy use and business travel. Bringing the cost of our carbon emissions back to us to fund decarbonisation projects. Initiatives have inspired our staff and gained us a top 2% Carbon Disclosure Project (CDP) A Rating, Platinum EcoVadis medal and Environmental Management (ISO 14001) and Energy Management (ISO 50001) certification. ; During contract delivery we will: ; ; ‒ Encourage our suppliers to report their carbon data to CDP, helping us to measure and encourage progress and remain on their Supplier Engagement Leader board. Reducing pollution through our supply chain.; ; ‒ Facilitate a ‘fighting climate change’ 90-minute session and create a team charter to agree:; ; o Traveling SMART | Minimising travel for those involved in the contract and measuring and monitoring all contract related business travel and carbon emissions using our proprietary KPMG carbon tracker tool.; ; o Living sustainably at home | Managing home office equipment efficiently and avoiding printing.; ; o Adopting a ‘digital first’ approach | Using collaborative technologies for data storage/ sharing to maximise effectiveness and reduce email volume.; ; Reducing travel, power consumption, and paper usage to minimise emissions and support sustainable behaviours.; ; ‒ Host a 60-minute sustainability impact modeller tool demonstration. Helping reduce your carbon footprint of cloud deployments using bespoke tooling to optimise implementation. ; ; ‒ Monitor, measure, and report commitments using the Social Value Portal. An evidence-based, data-driven tool, underpinned by the National Themes, Outcomes and Measures framework. It’s endorsed by the Local Government Association and compatible with all major ESG frameworks. Bringing rigour to commitments tracking and allowing you to flex and value the impact and hold us accountable.

  Covid-19 recovery

  The pandemic accelerated changes in the way we work, forcing us to adapt to ensure rapid recovery. Office space has been transformed for innovation, collaboration, and convening between our colleagues, clients, networks, and local communities. ; ; Contract specific commitments: ; ; ‒ Leverage market-leading devices and hybrid working plans to allow teams to be outstanding in delivery empowered by agile working. Offering greater flexibility and choice during the working week, bringing together physical and virtual worlds.; ; ‒ Welcome those who have not been able to join the workforce previously to play an active role e.g., those who couldn’t spend much time away from home due to caring commitments, those with great distances to travel to an office, or those with a disability which precludes travel. Creating a more diverse workforce.; ; ‒ Host a 60-minute future of work session to share our latest thinking. Including, helping you to consider how innovative technologies can support some of the hardest aspects of change to achieve and sustain high performance and nurture creativity.; ; ‒ Monitor, measure, and report commitments using the Social Value Portal. An evidence-based, data-driven tool, underpinned by the National Themes, Outcomes and Measures framework. It’s endorsed by the Local Government Association and compatible with all major ESG frameworks. Bringing rigour to commitments tracking and allowing you to flex and value the impact and hold us accountable.

  Tackling economic inequality

  Like you, we are committed to shaping an environment to narrow disparities, level the playing field, and create better growth opportunities for diverse businesses. During the delivery of the contract, we’ll tackle economic inequality through the following commitments: ; ; ‒ Adhere to inclusive recruitment and progression practices that follow the five foundational principles in the Good Work Plan (satisfaction, fair pay, participation and progression, wellbeing, and voice and autonomy). Increasing self-worth and motivation and improving retention and productivity.; ; ‒ Provide access to KPMG’s Introduction to Python Coding 10-week course to your staff and suppliers. Successful participants will receive a Credly digital certificate. Strengthening logic and problem-solving skills and equipping future generations with the desired skills to make them a relevant asset.; ; ‒ Extend the reach of our technology and engineering apprenticeships by partnering with local authorities and charities. Generating additional paths to employment for people from lower socio-economic backgrounds and bolstering future skills in the UK. Practical work experience is gained while working towards professional qualifications/ accreditations and earning a salary. ; ; ‒ Create business opportunities for a range of local suppliers such as entrepreneurs and start-ups. By encouraging our 1,800 active suppliers to use local sourcing in their supply chain. For example, for our national catering contract we expect the supplier to source produce locally, supporting local producers and reducing food miles. Our sustainable procurement policy is supporting SMEs and VCSEs via various initiatives e.g. the prompt payment code. ; ; ‒ Monitor, measure, and report commitments using the Social Value Portal. An evidence-based, data-driven tool, underpinned by the National Themes, Outcomes and Measures framework. It’s endorsed by the Local Government Association and compatible with all major ESG frameworks. Bringing rigour to commitments tracking and allowing you to flex and value the impact and hold us accountable.

  Equal opportunity

  We aim to attract the best talent in the market, from all backgrounds at every stage of their career and empower them to reach their full potential. Our initiatives include establishing 16 diversity networks to support individuals and voluntarily publishing diversity pay gaps and action plans to close gaps. Improving progression for our historically underrepresented groups* and placing us in the Top 5 in the Social Mobility Employer Index since 2017.; * Bridge Group – KPMG progression gap analysis. ; ; During the delivery of the contract, the following commitments will go further to level the playing field: ; ; ‒ Take a risk-based approach to policies, training, governance, and approvals to ensure human rights due diligence. Although our industry is not considered high-risk, risk can arise in our operations and supply-chain. Supporting your zero-tolerance approach to modern slavery. ; ; ‒ Invite your employees to join our Cross Company Allyship Programme. Matching mentees from ethnic minority groups with mentors from across KPMG and our client base. Creating diversity of thought, experience, providing career guidance, and building professional network and confidence. ; ; ‒ Provide employability support to people who have served with the armed forces. We’re signatories to the Armed Forces Covenant and holders of the Gold Defence Employers Recognition award. Providing successful career opportunities for those embarking on ‘civvy street.’ ; ; ‒ Ensure the contract workforce are physical/ digital accessibility trained, recognising that not all disabilities are visible. Building an awareness of the policies and standards that enhance accessibility and productivity.; ; ‒ Monitor, measure, and report commitments using the Social Value Portal. An evidence-based, data-driven tool, underpinned by the National Themes, Outcomes and Measures framework. It’s endorsed by the Local Government Association and compatible with all major ESG frameworks. Bringing rigour to commitments tracking and allowing you to flex and value the impact and hold us accountable.

  Wellbeing

  Our wellbeing strategy has been shaped by listening to our people and working with specialists. Focusing on the areas where we can have the biggest positive impact. During contract delivery, we will support wellbeing with the following commitments: ; ; ‒ Provide the contact workforce with a rich, innovative suite of specialist information, advice, services, and treatment – supplemented with focused initiatives. Shaped by listening to our people and working with specialists. Using clinical, organisational, and positive psychology to empower individuals by providing the right care, at the right time. And allowing them to be at their best. ; ; ‒ Facilitate a 90-minute wellbeing workshop for the contract workforce, using our bespoke Wellbeing EDGE tool to create a wellbeing charter. Identifying team member “non negotiables,” creating an inclusive environment, and agreeing our collective approach to maximise team wellbeing. ; ; ‒ Facilitate monthly constructive health and wellbeing check-ins using Wellbeing EDGE and a wellbeing survey to measure the success of our approach and identify additional support required. Understanding how the team can be effectively supported through emerging challenges. Ensuring the workforce witnesses our commitment to continuous improvement, including feedback being incorporated and acted on. Thus, empowering them to continue to speak up.; ; ‒ Appoint a dedicated accredited Wellbeing Ambassador, with a passion for wellbeing, to challenge mental health stigma and begin empathetic conversations with team members. Building, embedding, and maintaining a sustainable wellbeing approach and giving visible support to those struggling mentally or physically. ; ; ‒ Monitor, measure, and report commitments using the Social Value Portal. An evidence-based, data-driven tool, underpinned by the National Themes, Outcomes and Measures framework. It’s endorsed by the Local Government Association and compatible with all major ESG frameworks. Bringing rigour to commitments tracking and allowing you to flex and value the impact and hold us accountable.

Pricing

• Price: £400 to £2,855 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at psopportunities@kpmg.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.