ISACA Max Blecher Innovation Award Winner: Triplicity

ISACA Max Blecher Innovation Award Winner: Triplicity

Patrick Ryan won the Innovation Award at the annual ISACA event on 29 September 2017, for Triplicity.

Well done to the team — so proud!

Congratulations to Patrick Ryan, the Managing Director of Mobius Services (Pty) Ltd & Phinity Risk Solutions, for winning the award. Under Patrick’s direction, Mobius developed a Third Party Risk Management (TPRM) methodology in 2015, to assist clients in managing their third party risks.

Previously, in assisting several organisations to implement their own programmes, Patrick had identified the relatively low maturity level of TPRM across South Africa. The extent of manual effort involved became clear very quickly, with the lack of expertise and knowledge about TPRM in the market becoming equally apparent. This often resulted in very senior risk professionals running programmes and executing very manual processes.

It was then that Patrick decided Mobius Consulting would set itself out on an iterative process to:

  • mature TPRM practices
  • further develop and deepen the pool of expertise and knowledge in TPRM
  • automate the manual assessment process through the use of fit-for-purpose technology
  • focus on including information security as an integral part of the TPRM process, which has in many cases been lacking.

By 2016, Patrick had created (and in 2017 registered) a digital division within the Mobius Group, Phinity Risk Solutions, which would focus on developing this fit-for-purpose tool. In February 2017 Triplicity Risk was launched as a cloud-based SaaS solution that has to date been deployed internationally.

Phinity Risk Solutions focuses on simplifying and accelerating risk profiling and assessments. Most organisations are struggling to understand information and business risk, along with the potential impact if a risk is not proactively managed. With Phinity, the Mobius Group has remedied this through the development of our risk platform and automation tools. Leveraging applied agile development practices to bring our solutions to market (in line with our core values of being simple, reliable and adaptable), we’ve created a risk solution that brings value to our clients soon after implementation.

Triplicity Risk automates TPRM, leveraging big-data analytics and AI. Considering today’s corporate environment and its increasing reliance on third parties to deliver services and streamline business processes — and given that these third parties often provide revenue generating processes as well — it could have a significant negative impact on a business and brand if they suddenly stopped.

The management of third parties and how they deliver a business process (or protect data and comply with legislation) remains the organisation’s accountability. Manually identifying, assessing, reporting, remediating and monitoring all third parties is costly, time-consuming and error-prone, with manual or insufficient auditing or oversight in the process to avoid duplication or omissions.

Triplicity’s cloud solution is scalable and efficient, with a real-time configurable dashboard which:

  • highlights all you need to know about your vendors in one place
  • cuts through the complexity, effort and time of risk analysis
  • requires no previous knowledge to seamlessly profile and assess all your vendors, every year
  • provides business with simple, reliable and adaptable reports needed to reduce risk
  • improves strategic relationships and enhances sharing of data and ideas with your vendors

The solution has been developed locally in South Africa — from the concept to the framework, to the finished product. Practical examples of the impact:

  • One person can now run a TPRM programme for thousands of third parties simultaneously.
  • They can do so in a secure, methodical and auditable process.
  • There’s no longer the need for a costly army of auditors.

The manual process is often ad hoc and limited in scope because of cost. Triplicity’s framework and automation allow for all parties to be assessed in an ongoing, iterative way.

Long-term prospects and sustainability are looking good for Triplicity. It has been successfully deployed and is live in the UK, and we are looking to provide it to the US and Australia within the next six to 12 months. We think our service (and the price points at which it’s provided) is the best solution for the long-term sustainability of this practice.


If you’re in the process of addressing your organisation’s Privacy compliance requirements, effective Third Party Risk Management is a key competence that requires a practical and scalable solution. Triplicity, our flagship cloud software, has been designed to facilitate the entire process, offering you a single tool for everything from third party profiling and risk assessment right through to managing remedial controls. Our experienced team will assist you in devising your ideal approach. Paired with Triplicity, this will enable you to manage your risk effectively and efficiently – now and into the future.


Posted in , ,