KPMG LLP

KPMG Powered Risk

We help our clients to make risk, policy, compliance, controls and assurance transformation simpler by combining business and sector knowledge with technology experience.

Our leading practice Target Operating Models (TOM) are designed specifically for Central Government, Local Government, Higher Education, Policing and Healthcare with pre-configured technology accelerators available on ServiceNow.

Features

• KPMG's leading practices and content embedded within your preferred platform
• Pre-configured and sector specific library of risks and automated/manual controls
• Accelerated implementation using our vison, validate, construct, deploy, evolve methodology
• Governance accelerators including Project Definition, Quality Plans, RACI, Requirements Validation
• Pre-defined GRC Target Operating Model to implement change more effectively
• Pre-defined reporting strategy and pre-configured integrated reports with process mapping
• Pre-defined data migration strategy with analysis and upload accelerators
• Portals enabling enhanced user experience for risk and compliance users
• Business change accelerators to drive adoption
• Pre-configured for ServiceNow Integrated Risk Management or MetricStream

Benefits

• Enables organisation-focussed outcomes, beyond just a system implementation
• Incorporates leading practice from GRC technology providers and KPMG experience
• Reduces and de-risks implementation time, releasing time for business partnering
• Reduced implementation cost and lower total cost of ownership
• Enables easier future updates - no system customisation constraints
• Understanding the extended enterprise level risks and controls
• Helping mitigate the increasing regulatory enforcement requirements
• Identification and prioritisation of key risks/controls
• Streamlined compliance and controls environment
• Drives adoption of new processes and technology

£360 to £2,550 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at PSopportunities@kpmg.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

350263668895871

Contact

KPMG G-Cloud Team
02073111000
PSopportunities@kpmg.co.uk

Planning

• Planning service: Yes
• How the planning service works: We have a 6 point GRC framework to guide our clients through their transformation. It covers vision & strategy, process and data, programme management, people & change, cloud technology selection and technology enablement
• Planning service works with specific services: No

Training

• Training service provided: Yes
• How the training service works: KPMG has a proven 9 step training methodology that focuses on training strategy and approach, learning needs analysis, training design, development and pilot, training delivery, trainee/trainer assessment, evaluation, sustainability and links to capability frameworks and Performance support and coaching. End user training is provided on your chosen technology platform.
• Training is tied to specific services: Yes
• Services the training service works with:
  • ServiceNow
  • MetricStream

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: We have deep expertise in the setup and migration of data from legacy systems to ServiceNow Integrated Risk Management technology platform and other GRC platforms, which helps in reducing overall setup and implementation timelines
• Setup or migration service is for specific cloud services: Yes
• List of supported services:
  • ServiceNow Integrated Risk Management (IRM) platform.
  • MetricStream
  • RSA Archer
  • IBM Openpages

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: For quality assurance, Powered Risk is based on a pre-built and tested solution that de-risks the client testing effort. KPMG then combine quality tools, proven practices, skilled resources and broad industry knowledge accelerators such as pre-defined test strategy, test scenarios, scripts and test plans to deliver faster business and IT change.; ; Any Performance Testing of Cloud Platforms needs to be agreed / conducted in close co-ordination between the client and the Platform owner, allowing for any constraints imposed. KPMG can provide services to support or manage aspects of this test activity as per the agreed scope and test strategy for the project.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications:
  • GBEST
  • CHECK
  • CREST
  • Tigerscheme
  • Cyber Scheme
  • Other
• Other security testing certifications:
  • CISSP - Certified Information Systems Security Professional
  • CISM - Certified Information Security Manager
  • CISA - Certified Information Systems Auditor
  • CCSK - Certificate of Cloud Security Knowledge
  • CCSP - Certified Cloud Security Professional
  • TOGAF - The Open Group Architecture Framework
  • CIPM - Certified Information Privacy Manager
  • CIPT - Certified Information Privacy Technologist
  • SCF - SABSA Chartered Security Architect – Foundation
  • AWS Certified Solutions Architect – Associate

Ongoing support

• Ongoing support service: Yes
• Types of service supported: Hosting or software provided by a third-party organisation
• How the support service works: As part of our implementation services, we provide infancy care which is usually limited to 2-3 months from the Go-live date. The ongoing support is then transferred to the technology provider i.e. ServiceNow Integrated Risk Management; ; KPMG Powered Evolution (Managed Services) is an annuity-based service designed to help maintain and, optionally, continually optimise Cloud Software as a Service (Cloud SaaS) Enterprise functional solutions that are configured on one of the following Platforms from various vendors with whom KPMG has an alliance:; • Oracle; • ServiceNow; • Workday; • Microsoft; • SAP; ; KPMG Powered Evolution (Managed Services) includes the following service elements:; • Base Services: Delivery of (a) case management, (b) periodic major update support, which includes impact assessments of Workday functionality, (c) knowledge management, (d) service desk, and (e) regression testing of your chosen technology platform major updates.; • On Demand Services: Delivery of Minor Enhancements for (a) configuration changes, (b) data integration, (c) interface services, and (d) report writing.; • Governance: Support for and adherence to the subscribing organisation's (a) release planning and management frameworks and (b) IT change control framework, as well as (c) reporting of delivery if this service itself.

Service scope

• Service constraints: KPMG is not a software licence reseller, therefore the customer would need to enter into a direct contractual relationship with the vendor. ; ; Elements of solution may be delivered off-shore, if permitted, or can be delivered onshore.; ; Note, KPMG Powered Evolution (managed service) - does not include:; Level 1 Service Desk; Major Enhancements must be covered under alternative arrangements; Support of any infrastructure used to support in-scope Platform; Business continuity or disaster recovery of non-KPMG infrastructure, applications or other IT services; Code changes to, or detection of defects or capacity, memory or performance issues in the Platform environments; Non-English language support

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: During the infancy care period we provide email ticketing support. Our standard infancy care support response time is 4 business hours
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Support levels: N/A

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Standards Institute (BSI)
• ISO/IEC 27001 accreditation date: 12/05/2022
• What the ISO/IEC 27001 doesn’t cover: Any services falling outside the following scope: The protection of information in relation to the provision of professional services by KPMG LLP and its subsidiaries operating from the UK
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We’ve committed to Net Zero 2030, backed by our environment strategy, aligned to the 1.5-degree pathway, and approved by the Science Based Targets Initiative. And introduced an internal carbon price. A self-imposed tax that’s applied to our energy use and business travel. Bringing the cost of our carbon emissions back to us to fund decarbonisation projects. Initiatives have inspired our staff and gained us a top 2% Carbon Disclosure Project (CDP) A Rating, Platinum EcoVadis medal and Environmental Management (ISO 14001) and Energy Management (ISO 50001) certification. ; During contract delivery we will: ; ; ‒ Encourage our suppliers to report their carbon data to CDP, helping us to measure and encourage progress and remain on their Supplier Engagement Leader board. Reducing pollution through our supply chain.; ; ‒ Facilitate a ‘fighting climate change’ 90-minute session and create a team charter to agree:; ; o Traveling SMART | Minimising travel for those involved in the contract and measuring and monitoring all contract related business travel and carbon emissions using our proprietary KPMG carbon tracker tool.; ; o Living sustainably at home | Managing home office equipment efficiently and avoiding printing.; ; o Adopting a ‘digital first’ approach | Using collaborative technologies for data storage/ sharing to maximise effectiveness and reduce email volume.; ; Reducing travel, power consumption, and paper usage to minimise emissions and support sustainable behaviours.; ; ‒ Host a 60-minute sustainability impact modeller tool demonstration. Helping reduce your carbon footprint of cloud deployments using bespoke tooling to optimise implementation. ; ; ‒ Monitor, measure, and report commitments using the Social Value Portal. An evidence-based, data-driven tool, underpinned by the National Themes, Outcomes and Measures framework. It’s endorsed by the Local Government Association and compatible with all major ESG frameworks. Bringing rigour to commitments tracking and allowing you to flex and value the impact and hold us accountable.

  Covid-19 recovery

  The pandemic accelerated changes in the way we work, forcing us to adapt to ensure rapid recovery. Office space has been transformed for innovation, collaboration, and convening between our colleagues, clients, networks, and local communities. ; ; Contract specific commitments: ; ; ‒ Leverage market-leading devices and hybrid working plans to allow teams to be outstanding in delivery empowered by agile working. Offering greater flexibility and choice during the working week, bringing together physical and virtual worlds.; ; ‒ Welcome those who have not been able to join the workforce previously to play an active role e.g., those who couldn’t spend much time away from home due to caring commitments, those with great distances to travel to an office, or those with a disability which precludes travel. Creating a more diverse workforce.; ; ‒ Host a 60-minute future of work session to share our latest thinking. Including, helping you to consider how innovative technologies can support some of the hardest aspects of change to achieve and sustain high performance and nurture creativity.; ; ‒ Monitor, measure, and report commitments using the Social Value Portal. An evidence-based, data-driven tool, underpinned by the National Themes, Outcomes and Measures framework. It’s endorsed by the Local Government Association and compatible with all major ESG frameworks. Bringing rigour to commitments tracking and allowing you to flex and value the impact and hold us accountable.

  Tackling economic inequality

  Like you, we are committed to shaping an environment to narrow disparities, level the playing field, and create better growth opportunities for diverse businesses. During the delivery of the contract, we’ll tackle economic inequality through the following commitments: ; ; ‒ Adhere to inclusive recruitment and progression practices that follow the five foundational principles in the Good Work Plan (satisfaction, fair pay, participation and progression, wellbeing, and voice and autonomy). Increasing self-worth and motivation and improving retention and productivity.; ; ‒ Provide access to KPMG’s Introduction to Python Coding 10-week course to your staff and suppliers. Successful participants will receive a Credly digital certificate. Strengthening logic and problem-solving skills and equipping future generations with the desired skills to make them a relevant asset.; ; ‒ Extend the reach of our technology and engineering apprenticeships by partnering with local authorities and charities. Generating additional paths to employment for people from lower socio-economic backgrounds and bolstering future skills in the UK. Practical work experience is gained while working towards professional qualifications/ accreditations and earning a salary. ; ; ‒ Create business opportunities for a range of local suppliers such as entrepreneurs and start-ups. By encouraging our 1,800 active suppliers to use local sourcing in their supply chain. For example, for our national catering contract we expect the supplier to source produce locally, supporting local producers and reducing food miles. Our sustainable procurement policy is supporting SMEs and VCSEs via various initiatives e.g. the prompt payment code. ; ; ‒ Monitor, measure, and report commitments using the Social Value Portal. An evidence-based, data-driven tool, underpinned by the National Themes, Outcomes and Measures framework. It’s endorsed by the Local Government Association and compatible with all major ESG frameworks. Bringing rigour to commitments tracking and allowing you to flex and value the impact and hold us accountable.

  Equal opportunity

  We aim to attract the best talent in the market, from all backgrounds at every stage of their career and empower them to reach their full potential. Our initiatives include establishing 16 diversity networks to support individuals and voluntarily publishing diversity pay gaps and action plans to close gaps. Improving progression for our historically underrepresented groups* and placing us in the Top 5 in the Social Mobility Employer Index since 2017.; * Bridge Group – KPMG progression gap analysis. ; ; During the delivery of the contract, the following commitments will go further to level the playing field: ; ; ‒ Take a risk-based approach to policies, training, governance, and approvals to ensure human rights due diligence. Although our industry is not considered high-risk, risk can arise in our operations and supply-chain. Supporting your zero-tolerance approach to modern slavery. ; ; ‒ Invite your employees to join our Cross Company Allyship Programme. Matching mentees from ethnic minority groups with mentors from across KPMG and our client base. Creating diversity of thought, experience, providing career guidance, and building professional network and confidence. ; ; ‒ Provide employability support to people who have served with the armed forces. We’re signatories to the Armed Forces Covenant and holders of the Gold Defence Employers Recognition award. Providing successful career opportunities for those embarking on ‘civvy street.’ ; ; ‒ Ensure the contract workforce are physical/ digital accessibility trained, recognising that not all disabilities are visible. Building an awareness of the policies and standards that enhance accessibility and productivity.; ; ‒ Monitor, measure, and report commitments using the Social Value Portal. An evidence-based, data-driven tool, underpinned by the National Themes, Outcomes and Measures framework. It’s endorsed by the Local Government Association and compatible with all major ESG frameworks. Bringing rigour to commitments tracking and allowing you to flex and value the impact and hold us accountable.

  Wellbeing

  Our wellbeing strategy has been shaped by listening to our people and working with specialists. Focusing on the areas where we can have the biggest positive impact. During contract delivery, we will support wellbeing with the following commitments: ; ; ‒ Provide the contact workforce with a rich, innovative suite of specialist information, advice, services, and treatment – supplemented with focused initiatives. Shaped by listening to our people and working with specialists. Using clinical, organisational, and positive psychology to empower individuals by providing the right care, at the right time. And allowing them to be at their best. ; ; ‒ Facilitate a 90-minute wellbeing workshop for the contract workforce, using our bespoke Wellbeing EDGE tool to create a wellbeing charter. Identifying team member “non negotiables,” creating an inclusive environment, and agreeing our collective approach to maximise team wellbeing. ; ; ‒ Facilitate monthly constructive health and wellbeing check-ins using Wellbeing EDGE and a wellbeing survey to measure the success of our approach and identify additional support required. Understanding how the team can be effectively supported through emerging challenges. Ensuring the workforce witnesses our commitment to continuous improvement, including feedback being incorporated and acted on. Thus, empowering them to continue to speak up.; ; ‒ Appoint a dedicated accredited Wellbeing Ambassador, with a passion for wellbeing, to challenge mental health stigma and begin empathetic conversations with team members. Building, embedding, and maintaining a sustainable wellbeing approach and giving visible support to those struggling mentally or physically. ; ; ‒ Monitor, measure, and report commitments using the Social Value Portal. An evidence-based, data-driven tool, underpinned by the National Themes, Outcomes and Measures framework. It’s endorsed by the Local Government Association and compatible with all major ESG frameworks. Bringing rigour to commitments tracking and allowing you to flex and value the impact and hold us accountable.

Pricing

• Price: £360 to £2,550 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at PSopportunities@kpmg.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.