mobius consulting company profile

mobius | company profile | 01

© 2014 Mobius Consulting. All rights reserved. www.mobiusconsulting.co.za

mobius designs and produces targeted and sustainable solutions that allow clients to

govern and manage their information risk

mobius | company profile | 03mobius | company profile | 02

© 2014 Mobius Consulting. All rights reserved. www.mobiusconsulting.co.za

combining the skill and experience of our consultants with our extensive knowledgebase of proven methodologies, frameworks and research, we collaborate with our clients to understand and manage their information risks. the initial understanding of our clients’ business and needs is core to the design and operationalisation of targeted solutions. ultimately we partner with our clients to improve their information risk management, allowing them to take care of business-as-usual.

we are a team of highly skilled and motivated individuals who understand information risk and have practical information governance and management knowledge and experience.

Our consultants have a minimum of a tertiary education qualification to meet your it and business needs, supplemented by a range of international professional certifications in the IT governance, risk management, information security and privacy specialisations.

We are called upon to assist When our clients: • have concerns about information risks or the risk of reliance on it. • require expertise and/or capacity to assist with a change related to information risk. • have a change in leadership, structure or resourcing. • Are affected by new regulations or legislation. • face strategic decisions regarding the use of information and technology. • wish to pursue new opportunities or markets.

hoW?

Who?

When?

a combination of increased recognition of the value of corporate information, reliance on technology and risk management techniques as well as growing legislation and regulations relating to information and the processing thereof leads to an increase in complexity for organisations looking to optimise the usage of information whilst managing the associated risks.

Our knowledge and experience enables us to offer targeted and sustainable solutions to clients’ information risks. in our role as your trusted partner, we identify, design, and build the necessary changes to reduce risk and improve efficiency across people, process and technology. by doing this, we enable you to govern and manage your information risks. We offer: • perspective - our knowledge of the market, trends, regulations and leading practices allows us to give our clients industry and subject matter insight and perspective. • proven methodologies and approaches – our consultants take a structured and disciplined approach and offer best practice orientated and practical advice targeted to your situation. • scalability - we provide a multi-disciplinary specialist team depending on your needs, allowing you to focus on your core business. • holistic solution – we consider the governance, people, process and technology aspects of any solution to ensure it is sustainable. • independence – our services are independent of any technologies or solutions.

Why?

mobius | company profile | 05mobius | company profile | 04

© 2014 Mobius Consulting. All rights reserved. www.mobiusconsulting.co.za

We offer a range of services designed to meet your information risk management requirements. we have invested extensively in our frameworks and methodologies to enable us to guide clients effectively and efficiently. From assessments and roadmap development to designing processes and developing the necessary artefacts, we use a holistic approach to deliver sustainable and targeted solutions.

our core services include:it governanceit governance is an actively designed structure that helps align it with the business strategy and processes, thus ensuring that technology assists in the achievement of the company’s goals.

it governance describes who makes which decisions, who provides inputs, who analyzes the issues, who sets priorities, who settles disputes, and the delivery of value.

our approach to it governance is focused on helping clients balance the opposing forces of performance and risk and is closely aligned to global best practices (including cobit, itil, and iso38500), relevant legislation, as well as south african code of governance such as king iii.

information risk managementorganisations are becoming increasingly aware of the value of the information they possess and process, as well as the risks associated should this information be unavailable, corrupt, or fall into the wrong hands. we provide organisations with a structured and managed process to: • assess information risk as it relates to business objectives, opportunities and compliance. • design an information risk management plan. • implement information risk management procedures. • facilitate communication between information risk management and other risk stakeholders.

information privacythe mobius consulting information privacy methodology is designed to provide organisations with a structured, practical and managed process to: • determine the extent of personal information processing and the impact of the protection of personal information act (popi) on your organisation • determine the privacy strategy that will best suit your organisation • assess your organisation’s current level of privacy readiness • Define a detailed privacy roadmap and project plan • manage your organisation’s privacy remediation projects/initiatives • provide privacy/information security/governance specialists to execute your organisation’s privacy remediation project/ initiatives throughout your journey to becoming popi compliant

What?

mobius | company profile | 07mobius | company profile | 06

© 2014 Mobius Consulting. All rights reserved. www.mobiusconsulting.co.za

information securitythe mobius consulting approach to information security aims to ensure that organisations manage the following aspects of their information: • Confidentiality – ensuring that information is not disclosed to unauthorised individuals or systems. • integrity – ensuring that data is complete, accurate and valid and cannot be modified without detection. • availability – ensuring that the information is available when needed.

mobius consulting utilises best practice frameworks such as iso27000, cobit, and national institute of standards and technology (nist) as well custom-developed mobus frameworks, methodologies and tools to contextualise any risks that the organisation may be facing and to enable us to develop holistic solutions incorporating the governance, management, people, and technical aspects of information security.

our focus is on building information security governance that is fit-for-purpose and information security processes that include the appropriate artefacts and technology in order to be efficient, effective, and sustainable.

identity and access governance (iag)controlling access to information in order to grant the correct person the correct level of access to information at the correct time has become one of the most important risk management initiatives within organisations today.

the mobius consulting approach to iag is focused on helping organisations reduce the costs of their operations and improve efficiency, risk management and security and is closely aligned to global best practices such as cobit and itil. mobius consulting has developed an iag framework recognises that iag occurs at a strategic / design level which is driven from a top-down approach as well as on a day-to-day basis within it and business operations.

business continuity management (bcm)our comprehensive approach to bcm follows global best practices outlined in the iso22301 and the business continuity institutes good practice guidelines. our bcm methodology assists organisations to: • identify potential threats. • build resilience within operations to counter these threats. • provide targeted solutions to protect against future threats.as organisations are constantly evolving, we see bcm as an organic lifecycle rather than a static, once-off exercise.

irrespective of your location, our skilled team will assemble in a virtual office – effectively using the latest technologies to communicate and collaborate – in order to offer innovative, targeted solutions. Enabling our consultants through technology allows them to be effective regardless of what location they are working from.

we have experience working in several countries outside of south Africa although our offices are in Johannesburg and Cape Town.

Where?

mobius | company profile | 09mobius | company profile | 08

© 2014 Mobius Consulting. All rights reserved. www.mobiusconsulting.co.za

Cape Town Patrick Ryan: +27 83 678 6788Lynn Martin: +27 83 397 0537 JohannesburgSandhya Mohan-Pillai: +27 82 773 9040 www.mobiusconsulting.co.za

For more information, contact Mobius Consulting on +27 21 201 1120 or +27 10 590 6111,

email info@mobiusconsulting.co.za or visit our website www.mobiusconsulting.co.za

mobius | company profile | 010