Directory/KPMG India
KPMG India

KPMG India

India
Contact
Visit website
Nozomi APJ Global System Integrator Award of the Year 2025Automation Anywhere Pinnacle Partner of the yearSAP New Cloud Partner for Partner Excellence 2025ServiceNow 2026 worldwide Core Business Partner
Resources
Accreditations
  • HITRUST Assessor
Locations with physical presence
  • India
Regions Supported
  • NORAM
  • LATAM
  • EMEA
  • APAC
Security Frameworks
  • ISO42001v2023
  • NISTAI RMFAI 100-1v1.0
  • NIST Privacy Frameworkv1.0
  • NISTCSFv2.0
  • TISAXISA v6
Languages
  • English
Team member's Credentials
  • CISSP
  • CISM
  • CISA
  • CRISC
  • CCSP
Security Certifications Obtained
  • ISO 27001
  • SOC 2

KPMG India helps clients create a resilient and trusted digital world - even in the face of evolving threats. We enable organizations strengthen cyber resilience, manage cyber risk and build digital trust through advanced cyber security services.

KPMG India has a domestic client base of over 2700 companies. Our global approach to service delivery helps provide value-added services to clients. Our service offerings have been designed to provide solutions that are tailored to the current market landscape and clients’ needs. Our services include but are not limited to :

Cyber Assurance

  • IT Attestation/Assurance - Includes SOC 1, SOC 2 and SOC 3, AUP, SOC 2 for cloud and SOC 2+ ( integrated with multiple frameworks such as HITRUST, ISO27001, NIST, CSA )
  • HITRUST- HITRUST CSF validated assessments
  • ERP Security- Review of ERP security, access controls, and data management
  • Cloud Assurance - Cloud security assurance, compliance, and attestation services
  • IT Internal Audit - Supports clients in controls transformation, IT audits including IT SOX compliance
  • Responsible AI - identify IT risks inherent to AI use cases or models
  • IT risk and compliance- framework to assist clients from design to implementation to operations. 

Strategy and governance

  • Cyber security framework/compliance assessment- assist clients in compliance with NIST CSF, COBIT, ISO and other relevant information security regulatory frameworks
  • Cyber Maturity Assessment- board‑level cyber maturity assessment aligned to global standards
  • Cyber Strategy and target operating model- Help clients define cyber strategy and a tailored target operating model
  • Cyber key performance indicator, metrics and dashboarding- Enable consistent, scalable cyber performance reporting
  • Third party security risk management- Assist in third‑party security risk assessment
  • Business Resilience- assist clients with Business Continuity Management (BCM) programme

Cyber defence

  • Security Testing and Configuration Review- offensive security testing or vulnerability assessment and penetration testing (VAPT) to configuration review
  • ERP Security Assessment: ERP security across SAP, Oracle EBS, and MS Dynamic
  • Red Team Assessment : Provide an outside‑in view of security across people and technology
  • IoT/OT Security Assessment : Review of an organization’s industrial control system security
  • Cloud Security Testing : Assessment of technical security posture
  • Product Security Assessment : In‑depth review of an organization’s software and hardware products
  • Remediation Support for vulnerability management program: remediation strategy to strengthen vulnerability management
  • External Attack Surface Management - Focus on external attack surface and provide threat intelligence using KPMG proprietary tools

Use Cases

A global leader in IT services, consulting and business solutions

KPMG has performed client specific SOC 1 Assurance engagement covering general IT controls, an AUP report and client specific SOC 2 reports covering security, availability, confidentiality, processing integrity and privacy trust services criteria for India and overseas operations.

A Large Global Technology and BPO Service Provider

Managed a complex portfolio of 36 client-specific and enterprise-level SOC 1, SOC 2 and SOC 3 reports across 15+ geographies and heterogeneous environments, while scaling platform‑specific, cloud‑based SOC 2 assurance and integrating Responsible AI controls into the organization’s SOC 2 framework to meet emerging regulatory expectations.

Large IT/ITES company

KPMG conducted assessments across red team, application security testing, AI security testing across multiple products for one of the largest IT/ITES companies in India

Leading manufacturer of packaging components and delivery systems for injectable drugs and healthcare products

KPMG performed HITRUST i1 gap and validated assessment for client’s healthcare product hosted on Azure Cloud and helped them achieve HIRUST i1 certification.

American multinational financial services firm

Internal Audit and SOX testing support for business and technology areas

Multinational energy and automations digital solutions company

Assisted in enhancing and streamlining client's existing TPRM program with industry leading practices such as ISO 27001, CMMC, and ISA/IEC 62443 series of standards. Also performing supplier security risk assessment to evaluate risk exposure associated with third party software products and environments.

Ready to connect with KPMG India?