Welcome On Mobius

Mobius was created by professionnal coders and passionate people.

We made all the best only for you, to enjoy great features and design quality. Mobius was build in order to reach a pixel perfect layout.

Mobius includes exclusive features such as the Themeone Slider, Themeone Shorcode Generator and Mobius Grid Generator.

Our Skills

WordPress90%
Design/Graphics75%
HTML/CSS/jQuery100%
Support/Updates80%
  • Radar

    The Risk Management Company

    A global network of Risk Management experts

    About us
  • Adversaries change.

    Have you adapted?

    On September 22 @ SPFAmericas, participants will be introduced to guiding principles of how terrorists plan and execute attacks on critical infrastructure. Learn predictive profiling methods to assess threats to employees, infrastructure and the environment.
    Register as our guestConference website
  • Risk Management Education

    In accordance with ISO 31000.

    Aug 27-29 @San Juan, Sept 9-11 @Montréal, Sept 16-18 @Chicago & Oct 7-9 Oct @Brussels

    Register Today
  • WE SPECIALIZE IN GROUP LEARNING EXPERIENCES

    Learn from your peers in a group learning environment hosted by one of our expert trainers in all corners of the world. We offer 12 courses in all aspects of Security Risk Management, Risk Management in congruence with ISO 31000 and Risk Assessment Techniques based on ISO 31010.


    Risk Management Education

     

1
/
3
/

Our Values

The Risk Management Company. We manage your risk.

Confidentiality

Hear, see and be silent. We have a strict company confidentiality policy. Our employees have appropriate security clearance.

Dynamic

We are able to change and adapt to a continuously changing risk environment.

Ownership

We take ownership of the projects that you entrust to us, we respect deadlines and are only satisfied when you are also.

Empathy

We base our solutions on your specific risk context, threats and opportunities. We think alongside you.

Optimism

The word Optimism is derived from the Latin meaning “Optimum”, meaning “Best”. We strive to be the best in all aspects of risk management.

NEW ISO 22301 Business Continuity Courses

Register to reserve your place

We offer subscription education and in-company training services. Register to attend in locations around the world or request a proposal for in-company training.

Our Events

Our Products and Services

We offer a full range of risk management services including online subscriptions to resources and software solutions
  • Consulting
  • Education
  • Engineering
  • Assurance
  • Subscriptions

Risk Assessor

Risk consulting focus on identification, analysis & evaluation of risks, in accordance with the ISO 31000:2009 Risk Management Standard & IEC/ISO 31010 Risk Assessment Techniques

Risk Strategy Planner

Focus on Risk Strategy & Planning including risk treatment options, objectives, deter, delay, detect, alarm, assess & respond, defense-in-depth/layers of protection

Risk Organizer

Focus on Organization and Human Factors including roles and responsibilities, organizational security measures, procedures, instructions and training as well as training and awareness programs.

Security Education

Complete Security education program from Risk Assessment to Security Audits, and all components of the a continuous improvement cycle including Planning, Implementing, Checking and Acting to achieve your Security goals.

Risk Management in Accordance with ISO 31000

Risk Management training in congruence with the vocabulary, principles, framework as process outlined by the international standard ISO 31000:2009

IEC/ISO 31010 Risk Assessment Techniques

Risk assessment techniques training based on the IEC/ISO 31010 guidance on selecting and using the appropriate techniques to assess risk in a given context.

Risk Inventory

Mapping and charting of all current controls in place, assessing effectiveness and efficacy, and recommendations for improvement.

Engineering & Design

Engineering design in accordance with our proprietary risk and typical controls methodology (ORSM-4©), including managerial, process, physical controls, access controls, intrusion detection, fire protection, camera surveillance, ITC security, integration and control rooms.

Tender Support

Engineering and project support during tender processes. We write your functional and technical specifications, and provide guidance on public tender regulations.

Risk Project Manager

Project management services including supplementing resources, implementation oversight, and follow ups of implementations or upgrades.

Risk Radar Scanner

Highly structured security scan depicting the maturity of an organization , effectiveness and efficacy of controls, level of compliance with procedures, policies, laws and regulations that pertain to security.

ROSI Scan

Analysis of the “Return on Your Security Investment” (ROSI) which is considered the “Security Optimum”.

Path Analyzer

Critical path analysis of a site or asset where we identify critical targets, characterize threats, and asses the risk of adversaries reaching the target.

Compliance Auditor

A complete audit of risk control measures against internal and external requirements.

ERM Benchmarker

Subscription to ERM Benchmarker™ that assess the effectiveness of Enterprise Risk Management in an organization & offers risk managers a structured evaluation tool-set covering 100+ ERM capabilties.

Risk Radar Scanner

Highly structured security scan depicting the maturity of an organization , effectiveness and efficacy of controls, level of compliance with procedures, policies, laws and regulations that pertain to security.

Risk Manager Subscription

Risk Manager Software Subscription including Risk Assessor, Strategy, Metrics, Incident Management, Security, Health and Safety, Business Continuity and Crisis Management modules.

Assurance Manager Subscription

Compliance & Assurance Manager Software Subscription including regulatory & internal requirements, audit programs, internal controls, & proficiency modules.

Powered by
STP-EPS-logo-small

Powered by
STP-EPS-logo-small

Powered by
Enablon-small

Powered by
Enablon-small

0Corporate Customers
0Individuals Trained
0Radar Associates
0Days Experience

CONTACT OUR TEAM

Our global team of risk and security experts are excited to meet you!

Learn about

INDUSTRIES WE SERVE

We serve a variety of industries with core competencies in pharmaceuticals, energy and utilities, nuclear facilities, mining, luxury goods supply chain, ports and harbors, cultural heritage sites, sports, events and other public spaces,as well as federal, state/province and local government departments.

Discover more

Energy & Utilities

Schools & Universities

Healthcare & Services

Stadiums, Sports & Events

Transportation & Logistics

Government & NGO's

Precious Metals & Mining

Banking & Professional Services

Airports, Ports & Harbors

Construction & Engineering

Pharmaceuticals & Biologicals

Manufacturing & Supply Chains

Latest News and Articles

Follow Radar on social media to receive the latest news on Risk, Security and Related Technology form our team of experts, academics, professionals, partners and trainers

Risk Communication Strategy

November 13, 2015
Background Since the 9/11 terrorist attacks, there have been multiple others terror attacks on transportation and critical infrastructure including the 2004 Madrid train bombings, 2005 London bombings and 2006 Mumbai train bombings and therefore sufficient reason to believe that public transportation and critical infrastructure remain at risk in the United States. Title 6 U.S.C. § 1112 – Authorization of the Transportation Security Administration’s (TSA) Visible Intermodal Prevention and Response (VIPR) teams authorizes the program to “augment the security of any mode of transportation at any location within the United States”. The VIPR program’s mission is [was, webpage now removed] to “promote confidence in and protect our nation’s transportation systems through targeted deployment of integrated TSA assets utilizing screening and law enforcement capabilities in coordinated activities to augment security of any mode of transportation” (TSA.gov Website, 2013 until removed). The methods that are authorized by Title 6 U.S.C. § 1112, and employed by VIPR are examples of what the general public can expect during an incident or emergency. For the objectives of this article, all security teams, agents and government agencies could effectively issue risk communications and benefit from this strategy and the term Agency is refers to these collectively. The activities discussed introduce an element of unpredictability to combat terror activities due to its random application and classified status. As a result, travelers who may come into contact with security personnel unexpectedly may react with confusion or shock. This scenario is a source of risk, conflict and confusion that warrants explanation and proper risk communication procedures to avoid fear, panic, and public resistance. This article presents an example of a risk communications strategy that could be used in scenarios of similar nature, to inform and educate members of the general public, private and non-governmental organizations, domestic and international travelers and public officials. Risk Communication Methodology The Elaboration Likelihood Model (ELM) of persuasion developed by Richard E. Petty and John Cacioppo (1986) was used to design this example risk communication strategy, incorporating attitude certainty  and the theory of changing minds . Using the Model of Source Characteristics , it was determined who would deliver the message and how the message should be structured so that it is perceived to be credible, attractive and exert the appropriate amount of power and influence, as Kelman describes. Two routes of communication, central and peripheral, were selected to reach the majority of stakeholders in a short to medium time-frame. Long-term communication strategies will be employed regularly and security measures will be publicized repetitively using social media, placards, public meetings and feedback channels. The message was evaluated using a self-assessment checklist inspired by the 7 R’s of Changing Minds for continual review and improvement. Stakeholder Analysis This risk communication strategy serves as a reference guide when releasing information externally, and to describe how an Agency intends to communicate with stakeholders. The plan addresses stakeholder needs (see Figure A1, Stakeholder Analysis) including those that are responsible for making decisions about communication changes as a result of feedback or public reaction to the information that was received. Stakeholders are

Common Pitfalls in Incident Management Implementation

October 30, 2015
Common Pitfalls in Incident Management Implementation Unity of Command A disorganized command structure may lead to units that self-dispatch to an incident or task, and do not have accountability to a supervisor. It is important that there is an established process for communications within the delegation of authority system, as well as free sharing of information between units. Prevention Neglecting a review of prevention measures in a post-incident investigation is often a cause of future incidents, especially when the incident was neutralized or managed successfully. Successful incident responses often provide false assurance that the control measures are effective. No assumptions should replace maintenance, observations, reviews, and audits after an incident. Post-incident investigations should prioritize prevention measure reviews so that the root cause of the control failure or success is established, documented, corrected, or enforced if required. Tailoring, Flexibility and Robustness No plan fits all incidents, and not all incidents may have been identified in the risk assessment. For this reason, the emergency plans should be tailored to fit the context of the incident, and the action plans should be flexible to consider these changes. Terminology Using complex terminology, abbreviations, or technical language during an incident could lead to misunderstanding, miscommunication, and errors that may escalate an incident to a crisis. Terminology should be in plain English and clearly defined in the emergency plan so that nothing is left to individual interpretation. Personnel Training and Competence Human and cultural factors must be taken into account when planning emergency operations. Human factors include the perceptions and intentions of individuals and groups, capabilities and competence, experience, knowledge and skills of personnel, as well resistance to change. It is often the case that a director may not hold that title during an incident, but may be influenced or influence other personnel when being reassigned or losing their span of control. Human factors should be defined and understood so that responsibilities are assigned accordingly, and enable the stakeholders to execute their duties. Resources must be held accountable, and therefore must be competent, trained, and skilled to use tools and techniques to achieve their goals. There should be training programs and mechanisms in place to measure skills and knowledge on a continuous basis in order to maintain preparedness.

Implementing Incident Management in Emergency Management

October 30, 2015
Implementing Incident Management in Emergency Management All organizations must have an emergency plan in place that includes resources, roles and responsibilities, procedures, logistics and contractual arrangement for an EOC (NFPA® 1600 , 2013, p. 12). The Emergency Operations Center is a physical location near the incident where the incident response will be coordinated. From the FEMA goals, it is understood that emergency management programs prioritizes the overall coordination of an incident response. Although it is essential to minimize loss of life and impact to the environment or biodiversity, it may be more beneficial in the long term to prevent incidents from occurring. According to the NFPA® 1600 “[t]he entity shall develop an incident management system to direct, control, and coordinate response, continuity, and recovery operations”. Incident management is however more than coordinating the response, continuity, and recovery operations. The following three risk management processes are vital in implementing incident management in an organization: Hindsight Insight Foresight Together these three risk management processes form a “line of sight” for emergency management personnel. Hindsight: Root cause analysis All incidents, regardless of severity must be investigated to ensure that maintenance of measures were conducted, that all risks were identified, and that the incident was not an indicator of a change in circumstances that may warrant a full risk assessment review. Root cause analysis is backward looking and aims to discover control inefficiencies and failures so that these can be corrected as appropriate. Successes and strengths must be considers as well so that these can be enforced. There are many tools and standardized methods that can be used for root cause analysis. One such method is a fault tree analysis (FTA). An FTA is a process where all causal factors are identified and associated with the incident to determine a hierarchy of failures leading from the event backwards to find the root of the problem or failure. As with all assessment methodologies, FTA’s have a number of limitations and strengths to consider. Although it provides an easy method to visually determine causal factors and binary failures, it does not consider time-frames of each factor, and is challenging to compute combined factors leading to a significant amount of uncertainty in estimating probabilities. Nevertheless, FTA’s present a diagram that may be used to prioritize research activities and control design corrections. The lessons learned from root cause analysis is documented and incorporated to improve or renew measures, best practices, and training programs to educate responders, the public, and government of emerging issues and incident trends. Root cause analysis is applied to failures and successes to learn everything that is relevant to both outcomes. Insight: Control assurance. All prevention measures should be maintained, monitored, and reviewed periodically as these measures prevent incidents from occurring, and are the first indicators that incident severity or frequencies are increasing. Examples of preventive measures may include equipment and machinery maintenance, periodic procedural reviews, policy implementation, management review, structural, automated, and managerial control testing, and independent auditing. Prevention measures should include compensating measures so that a secondary

Incident and Emergency Management

October 30, 2015
What is Incident Management? Incident management is an application of risk management theory that prescribes procedures, processes, systems, and resources that are applied to risk hazards or or states that have materialized. A typical incident management process may include incident reporting, warnings and notifications, a situation-based assessment leading to strategic and tactical planning, execution, response management, post-incident investigation, risk assessment, root cause analysis, recording of incidents, and lessons learned. All of these items contributing to preparedness and continuous improvement. The NFPA® 1600 defines an incident management system (IMS) as “[t]he combination of facilities, equipment, personnel, procedures, and communications operating within a common organizational structure and designed to aid in the management of resources during incidents” (2013, p. 12). What is Emergency Management? Emergency Management typically applies where impacts are widespread within global organizations, at international, national or within communities. The International Association of Emergency Managers’ description for Emergency Management is “the managerial function charged with creating the framework within which communities reduce vulnerability to threats/hazards and cope with disasters”. According to FEMA, the overall goals of emergency management are (a) first, to reduce the loss of life, (b) then, to minimize property loss and damage to the environment, and (c) finally, to protect the jurisdiction from all threats and hazards.