Share with your friends

Salman Ali

Managing Director, ERM GRC Advisory Services

KPMG in the U.S.

Ali is a Managing Director in KPMG’s Advisory Services practice who focuses on Governance Risk & Compliance (GRC) and risk transformation. Ali has substantial industry, software and consulting experience leading advisory engagements on projects such as process improvement for business, risk, compliance, and assurance activities; integration and alignment across risk, compliance, and assurance departments; GRC Technology implementation assistance; establishment of enterprise GRC Frameworks; and defining roles, responsibilities and better practices for the functions within a GRC program. Additionally, Ali has extensive experience in a broad range of organizations and industries in the areas of internal audit, financial controls/SOX, information technology, process improvement, project management, organizational integration, and fraud investigations/root cause analyses.

Ali serves as KPMG’s MetricStream Champion responsible for building and utilizing the established KPMG GRC methodology in conjunction with MetricStream tools at large enterprise clients. Ali has led cross-functional GRC implementation teams in the areas of IT, program management, training and business process support utilizing the established methodology and core GRC foundational elements. Additionally, Ali participated in steering committee meetings, provided overall GRC strategy guidance as well as advisory services related to strategic GRC roadmap to large enterprise clients. Ali’s current and past clients include some of the leading organizations in healthcare, retail, financial services, insurance and energy & utilities.

Professional and Industry Experience

Governance, Risk and Compliance Experience

  • Led multi-faceted team for a MetricStream implementation for Enterprise-wide rollout at a large financial and insurance company assisting with transition from BWise to MetricStream. Areas included Risk, Compliance, Internal Audit, Internal Controls and Information Technology. The scope of work included business process design, foundational elements design and MetricStream libraries implementation, user acceptance testing design, issue management process and MetricStream implementation and change management.
  • Led MetricStream GRC implementation related to automation of exams at a large financial services company utilizing KPMG’s established GRC framework. Led the design and documentation of business requirements, provided advisory services and guidance during the system development life cycle and managed the user acceptance testing process overseeing off-shore team ensuring an on-time and within budget implementation. Provided oversight to Steering Committee including project updates and issue resolution. Assisted with defining strategy to transition from the legacy BWise GRC application to the MetricStream enterprise-wide GRC application.
  • Assisted a global reinsurance company with maturing their enterprise risk management program. Conducted gap assessment against better practices and stakeholder/regulatory expectations, developed observations/recommendations, and roadmap for implementation.
  • Led project management of GRC program implementations. Supported many areas of GRC implementation projects and assisted with the various aspects of the GRC lifecycle focusing on business process readiness, program strategy, technology implementation, GRC foundational elements and hierarchies, and linkage between processes, risks and controls. Created program plans as well as individual workstream project plans; developed a detailed strategic and tactical roadmap which provided the plan to build, establish and implement an integrated and enterprise-wide GRC technology that supported the GRC Strategy and Vision.
Load more
Load more

Connect with me


Want to do business with KPMG?


loading image Request for proposal