In operation, the key management system 120 may receive a request 101 from the application 130 to perform an operation with a cryptographic item stored at the key management system 120. In response to receiving the request, key management system 120 may identify a quorum policy associated with the cryptographic item. Upon determining that quorum approval is required to perform the operation based on the quorum policy, the key management system 120 may transmit requests for approval 102a-n to entities 110a-n. The key management system 120 may receive indications of approval 103a-n from entities 110a-n. Upon receiving the number of indications of approval specified by the quorum policy, the key management system 120 may perform the requested operation with the cryptographic item. The key management system may subsequently provide the results 104 of the requested operation to application 130. For example, the cryptographic item may be a cryptographic key and the operation may correspond to encrypting or decrypting data with the cryptographic key. The results of the encryption operation or the decryption operation may be the resulting data that is provided to the application 130. In some embodiments, the application 130 may verify a status of the operation at the key management system and may subsequently retrieve the results 104 of the requested operation after the status indicates that the operation has been approved or has been performed. Further details with regards to the key management system 120 are described in conjunction with FIGS. 2-7.