Risk and Compliance

Risk & Compliance and
IT Advisory

Risk & Compliance and IT Advisory for Secure Systems and Data

Our Risk & Compliance and IT Advisory practices were founded specifically to address the complexities of financial compliance and information retrieval in a world that requires secure technology. Compliance work is not a differentiator: what makes KPM different is our distinct experience helping clients realize the potential of fully integrated finance and technology systems. More than 300 businesses including Fortune 500 companies with multi-million dollar initiatives have benefited from our passionate Business Ideas at Work SM approach.

We believe in providing our clients with the most effective, “right-sized” approach to manage their challenges. Our methodology is customized to determine what works best for each client’s needs and goals. We listen to your concerns and insights and we treat your business as different and unique. It is our mission to ensure that our results surpass your expectations.

IT Project Management and Implementation

In addition to our Risk & Compliance and Regulatory services, KPM’s management team has over a half century of project and management experience. We specialize in designing and implementing business intelligence tools, overseeing large scale migrations, building controlled and compliant Information Technology environments and a variety of other technology initiatives designed to make your organization more efficient and effective. Our consultants have practical, hands-on experience in the projects that matter most.

Risk and Compliance and IT Advisory Service Offerings

KPM offers a wide variety of Risk & Compliance and IT Advisory services to help your company reach its goals, including:

  • SOC 1 (SSAE 16), SOC 2, SOC 3 Reports
  • Business Continuity and Disaster Recovery
  • Vulnerability/Penetration Tests
  • Sarbanes Oxley
  • Payment Card Industry (PCI)
  • Gramm-Leach-Bliley Act (GLBA)
  • Fraud Prevention & Investigation
  • MA Privacy and Written Information Security Planning
  • HIPAA and HITECH Act
  • Federal Information Security Management Act (FISMA)
  • British Standard and ISO
  • Data Center Reviews
  • CFR part 11 and Various Life Sciences Compliance
  • Internal Audit
  • Security Testing