List of KPMG Sofy GRC Customers
Amstelveen, 1186 DS,
Netherlands
Since 2010, our global team of researchers has been studying KPMG Sofy GRC customers around the world, aggregating massive amounts of data points that form the basis of our forecast assumptions and perhaps the rise and fall of certain vendors and their products on a quarterly basis.
Each quarter our research team identifies companies that have purchased KPMG Sofy GRC for Governance, Risk and Compliance from public (Press Releases, Customer References, Testimonials, Case Studies and Success Stories) and proprietary sources, including the customer size, industry, location, implementation status, partner involvement, LOB Key Stakeholders and related IT decision-makers contact details.
Companies using KPMG Sofy GRC for Governance, Risk and Compliance include: Whitbread, a United Kingdom based Leisure and Hospitality organisation with 38000 employees and revenues of $4.00 billion, Booking.com, a Netherlands based Professional Services organisation with 6500 employees and revenues of $2.06 billion, Costa Coffee United Kingdom, a United Kingdom based Leisure and Hospitality organisation with 30000 employees and revenues of $1.50 billion, Sanoma Group, a Finland based Media organisation with 4588 employees and revenues of $1.43 billion and many others.
Contact us if you need a completed and verified list of companies using KPMG Sofy GRC, including the breakdown by industry (21 Verticals), Geography (Region, Country, State, City), Company Size (Revenue, Employees, Asset) and related IT Decision Makers, Key Stakeholders, business and technology executives responsible for the software purchases.
The KPMG Sofy GRC customer wins are being incorporated in our Enterprise Applications Buyer Insight and Technographics Customer Database which has over 100 data fields that detail company usage of software systems and their digital transformation initiatives. Apps Run The World wants to become your No. 1 technographic data source!
Apply Filters For Customers
| Logo | Customer | Industry | Empl. | Revenue | Country | Vendor | Application | Category | When | SI | Insight |
|---|---|---|---|---|---|---|---|---|---|---|---|
 |
Booking.com | Professional Services | 6500 | $2.1B | Netherlands | KPMG | KPMG Sofy GRC | Governance, Risk and Compliance | 2024 | n/a |
In 2024 Booking.com implemented KPMG Sofy GRC as part of its Governance, Risk and Compliance tooling to support finance controls and record to report workflows. KPMG Sofy GRC is cited alongside BlackLine in hiring descriptions, indicating the application is positioned within month end close and financial controls for Booking entities across the finance organization.
Deployment appears focused on controls monitoring and month end close support, with explicit responsibilities for SOFY administration referenced in role descriptions. Functional usage aligns with standard Governance, Risk and Compliance capabilities, including controls monitoring, control evidence collection, and orchestration of close related tasks, and KPMG Sofy GRC is named as the platform providing those capabilities.
Job level administration duties imply a centralized governance model within finance, with a designated SOFY administrator role responsible for configuration, user access, and integration touchpoints to close processes. The presence of BlackLine as a proximate tool in postings suggests operational integration between KPMG Sofy GRC and close orchestration systems, and the implementation scope centers on record to report and financial controls without explicit multi regional rollout or quantified outcomes disclosed.
|
 |
Costa Coffee United Kingdom | Leisure and Hospitality | 30000 | $1.5B | United Kingdom | KPMG | KPMG Sofy GRC | Governance, Risk and Compliance | 2021 | n/a |
In 2021, Costa Coffee United Kingdom implemented KPMG Sofy GRC to centralize Governance, Risk and Compliance across 18 business units worldwide. The SaaS deployment was completed within five weeks and targeted automation of controls, support for internal audit cycles, and consolidated visibility over 350 controls and 180 end users.
The implementation used the KPMG Sofy GRC Controls Management module to record and maintain control frameworks and to enable data driven risk and control activities. Configuration included automatic scheduling of control executions, workflows for creating findings and action plans, and exception based monitoring for segregation of duties and access to sensitive data. Management reporting was instrumented to produce instant reports on control frameworks and control effectiveness.
Operational coverage included Group Control, internal audit functions, control owners and operators across the 18 business units, with a single portal providing centralized maintenance and transparency into execution progress. The project emphasized role based facilitation for control owners to fulfil and track planned control executions, and supported over 6,000 sign offs recorded during the rollout. The deployment model remained SaaS hosted, reducing on premises footprint.
Governance changes focused on centralized control maintenance, exception processing and orchestration of action plans across business units to close findings and remediate access vulnerabilities. KPMG Sofy GRC enabled Group Control to analyze control frameworks and procedures in one easy to use portal and provided exception based analyses for SoD and sensitive data access. The implementation met the five week delivery window and scaled to support ongoing monitoring and internal audit cycles.
|
 |
Sanoma Group | Media | 4588 | $1.4B | Finland | KPMG | KPMG Sofy GRC | Governance, Risk and Compliance | 2025 | n/a |
In 2025, Sanoma Group deployed KPMG Sofy GRC to manage SAP authorisations and Segregation of Duties as part of Sanoma Learning's SAP S/4HANA program. KPMG Sofy GRC is being used in the Governance, Risk and Compliance category to centralize SoD and access control policy for the S/4HANA rollout across Sanoma Learning in Europe.
The implementation focuses on the SoD and access control module, configuring role models, segregation rule sets, and automated access review workflows. Configuration work emphasizes entitlement mapping and role design consistent with SAP S/4HANA security constructs, enabling recurring compliance assessments and policy enforcement.
KPMG Sofy GRC is integrated with the SAP S/4HANA environment to ingest authorization assignments and perform SoD analysis, supporting both Sanoma Learning and centralized IT security teams. Operational coverage is concentrated on SAP authorisations governance within the Learning business, and the solution interfaces with change control and user provisioning processes tied to the S/4HANA program.
Governance and process changes are reflected in public hiring for SAP authorisation expertise that cites SOFY as the core tool, indicating formalized accountability for access reviews and segregation controls. The deployment positions KPMG Sofy GRC as the primary control framework for SAP authorisations and Segregation of Duties inside Sanoma Group's Governance, Risk and Compliance practice.
|
 |
|
Leisure and Hospitality | 38000 | $4.0B | United Kingdom | KPMG | KPMG Sofy GRC | Governance, Risk and Compliance | 2024 | n/a |
|
Buyer Intent: Companies Evaluating KPMG Sofy GRC
- Gibson Electric Membership Corporation, a United States based Utilities organization with 220 Employees
- Ipex Australia, a Australia based Professional Services company with 10 Employees
- Ketan Construction, a India based Construction and Real Estate organization with 500 Employees
Discover Software Buyers actively Evaluating Enterprise Applications
| Logo | Company | Industry | Employees | Revenue | Country | Evaluated | ||
|---|---|---|---|---|---|---|---|---|
| No data found | ||||||||