Share with your friends

Are you:

  • A provider of outsourced services – like technology, payroll, HR or investment management?
  • Managing a large amount of data for your customers?
  • Required to demonstrate a strong control environment required by your customers?
  • Managing a business in which security, availability, privacy or processing integrity are important? 

If you face any of these scenarios, then SOAR can help you. Please contact us, we’d love to hear from you.


A good night’s sleep: We help you to reach and exceed the ever-increasing third-party assurance bar. 

Build a risk-aware culture: We help increase risk and controls awareness amongst your staff to continually drive improvement for you and your customers.

Getting on the front foot: SOAR helps you be on the front foot when bidding to prospective customers. 

Satisfying due diligence and audit requests: SOAR gives comfort to prospective and existing customers, reducing ‘audit fatigue’. 

Connect with us


Want to do business with KPMG?


loading image Request for proposal

Our SOAR experience

In the UK, we issue 150+ SOAR reports annually (2000+ reports globally), with a UK team of 600+ specialists.

Our approach has been refined over many years from working with organisations globally and locally. It means we tailor and bring the wealth of that experience to you, making your assurance project a real success.

We work with clients of all shapes and sizes, with specialisation in Payments, HR + Payroll, Financial Services (including FinTech), Technology, Public Sector, Health and Private Enterprise.

Client testimonies

10 out of 10 in our Client Voice Programme Survey. “A highly engaged and knowledgeable team, extremely likely to recommend.”

10 out of 10 in our Client Voice Programme Survey. “I have an excellent working relationship with the engagement team who go above and beyond our expectations. Any project would be privileged to involve these fine representatives of KPMG.” 

Our frameworks

We’re able to provide assurance using one or more of the frameworks below:


ISAE 3402: International framework for internal controls over financial reporting

SSAE 18: US-specific framework for internal controls over financial reporting


Broad applicability to any services where security, confidentiality, availability, processing integrity, and/or privacy are important to customers. 


Broad applicability to any service as per SOC 2 but without a detailed report.

AAF 01/20 (replaces AAF 01/06) & AAF 05/20 (replaces 02/07)

UK framework for organisations delivering specific financial services – especially pension management, investment management and related industries. 

ISAE 3000

An international standard that can cover financial and operational risks and controls specified by a service provider. 

Harmonised assurance

KPMG is the only Big Four firm in the UK accredited by UKAS to provide ISO certifications, e.g. ISO 27001 and 22301. 

Insights for SOAR

Talk to our audit experts