2 3

fortexx – IT Management Consulting in Germany, Turkey and Middle East

Business IT Alignment

•••••• Digital / IT Strategy

•••••• IT Governance, Risk & Compliance

•••••• Cyber Security

We help our clients to improve quality and reduce risk in

Business and IT by providing professional experience

combined with intercultural competencies.

...... Made in Germany

Before setting up fortexx in 2011, Steffen Paul founded and headed Woodmark Consulting, a business intelligence consultancy in Munich/Germany, where he is still co-owner and member of the supervisory board.

During the rise of the internet business, as Chief Information Officer he accounted for the entire IT of DAB bank, one of Germany‘s first online brokers. He started his career with Andersen Consulting (today Accenture) and Arthur Andersen Business Consulting, where he worked in several countries as IT implementer and as IT management consultant for IT Strategy and Governance.

Steffen Paul holds a Diploma in Applied Mathematics from Ulm University (Germany). His majors were computer science and business administration.

Before joining fortexx GmbH in 2013, Ümit Kuşdoğan was Head of IT of a consulting and engineering company in Germany. Prior to that, he served as an Information Security Officer and IT Architect for the Munich Re Group and as a Project Engineer for Cisco Systems in EMEA.

During his entire career he has always been involved in international projects in various countries.

Ümit Kuşdoğan holds a Diploma in Computer Science from Hochschule Furtwangen University (Germany) and an Executive MBA from the Krannert School of Management at Purdue University (USA).

Steffen PaulFOUNDER AND MANAGING DIRECTOR, HAS MORE THAN 20 YEARS OF PROFESSIONAL EXPERIENCE IN CONSULTING AND LINE MANAGEMENT.

Ümit KusdoganMANAGING DIRECTOR, HAS SPENT MORE THAN 15 YEARS WITH IT TOPICS, SPECIALISING IN CYBER SECURITY, IT GOVERNANCE, RISK AND COMPLIANCE.

BEARING IN MIND LOCAL CIRCUMSTANCES (E.G. CULTURE, WORKING HABITS) IS A MAJOR ASPECT OF OUR WORK TO BETTER RESPOND TO OUR CLIENTS‘ NEEDS.

WE EMPHASISE ON USING KNOWLEDGE, EXPERIENCE AND METHODOLOGY TRANSFER, ESPECIALLY FROM SUCCESSFUL

PROJECTS IN GERMANY, TO OUR CLIENTS.

4 5

We help you to ensure, THAT YOUR DIGITAL PROCESSES ARE WELL DEFINED, CONTROLLED AND SECURE.

The increasing importance of digital processes in almost any kind of organisation requires a dedicated approach to governance, risk, compliance and cyber security.

Successful companies make their IT and business departments work together strategically and operationally. Depending on the business strategy, IT always plays the corresponding role, from a pure internal service provider to a creative innovator.

A clearly defined Digital or IT strategy serves as a goal and objective for permanently necessary decisions.

Well defined structures and processes for controlling and management of operations make sure, that legal and internal regulations are met and risks are managed appropriately.

To make sure that your IT really provides added value and reduces risks, we as IT management consultants do help you with our experience and with long time proven methodologies.

Our services

•••••• Quick Checks

•••••• Maturity analysis

•••••• Development and Implementation

•••••• Transformation

•••••• Implementation of sustainable transparency

•••••• Moderation of workshops

•••••• Coaching and project management

IF YOU WANT SOMETHING NEW, YOU HAVE TO STOP DOING SOMETHING OLD. Peter F. Drucker

DIGITAL / IT STRATEGYIT GOVERNANCE

RISK MANAGEMENT

COMPLIANCE

CYBER SECURITY6 7

The increasing digitalization should not be left to chance. As any other major activity, implementation and management of digital processes require a coher-ent strategy. Due to todays speed of change, business and Digital / IT strategies should be revised on a regular and methodological basis.

We support you reviewing your Digital / IT strategy, adapting the existing one, or – if necessary – developing a new Digital / IT strategy.

Using best practices and our experiences, we make sure, that your Digital / IT strategy meets your business needs by being:

•••••• appropriate and feasible

•••••• complete and consistent

•••••• comprehensible

Depending on individual needs we provide suitable services, e.g.:

•••••• Strategy Audit

•••••• Strategy Consulting

•••••• Innovation Management

•••••• Organisational Consulting

•••••• Project Portfolio Management

Digital / IT Strategy DEAD ON TARGET

THE WAY WILL ONLY BE FOUND WHEN YOU KNOW WHERE YOU ARE GOING. Lao-Tse

8 9

DIGITAL TRANSFORMATION CLOUD

INDUSTRY 4.0

DIGITAL INNOVATION

INTERNET OF THINGS

IT Governance, Risk & Compliance ACTING INSTEAD OF REACTING

The risk landscape is always changing. We help our clients to identify threats and vulnerabilities in order to mitigate risks for business disruptions and to enable compliance.

Higher business and IT complexity, growing regulatory requirements and increased focus on accountability force executives of organisations to have a closer look on IT Governance, Risk & Compliance (GRC).

However, often initiatives are uncoordinated and not effective. Most organisations manage their IT GRC separately from the rest of their GRC efforts. They get planned and managed in silos, which potentially increases the overall business risk for the organisation. In addition, parallel initiatives lead to duplication of efforts and cause uncontrolled costs.

By establishing a universal, end-to-end approach to IT Governance, Risk and Compli-ance processes, leading organisations are able to demonstrate that they can better leverage information, gain operational efficiency, and provide greater transparency into overall business and IT risks.

We help you to better master these management tasks through adequate strategies, rules, guidelines and tools.

IF YOU WANT TO BE SUCCESSFUL, THERE ARE A LOT OF INVISIBLE COMPONENTS, YOU HAVE TO TAKE INTO ACCOUNT. Abdul Salam Al Mutlaq

10 11

KEY COMPLIANCE INDICATORS

GOVERNANCE MODEL

BUSINESS CONTINUITY MANAGEMENT

ISO 3100X

12 13

ONLY AMATEURS ATTACK MACHINES; PROFESSIONALS TARGET PEOPLE. Bruce Schneier

Global cyber crime and the corresponding economic damages are dramatically increasing. Any organisation, independent of kind of business, region or size, is exposed to more and more attacks of its digital network, potential data manipulation or industrial espionage.

Systematically and periodically assessing your IT Security level should be an important part of your organizations‘ preventive maintenance and business continuity plan. This is vital to ensure Confidentiality, Integrity and Availability of your and your customers‘ data and information.

New methods of attacks are invented as fast as the changes in IT technology. Companies and IT professionals face the problem, that threats and vulnerabili-ties are not visible and easily identifiable.

Of course you have professionals, who take care of your IT’s security level. But there are many advantages of having an independent IT Security consultant check and assess your IT occasionally.

And do not forget about Cyber Security Management. Security is not just about setting up firewalls, virus detectors, etc. Cyber or IT Security needs to be aligned and actively managed with your strategy and GRC guidelines.

According to your individual needs we help you designing, implementing and managing your appropriate solution.

Cyber Security ENSURE CONFIDENTIALITY, INTEGRITY AND AVAILABILITY

NETWORK SECURITYSEGREGATION OF DUTIES

SECURITY POLICIES

ISO 2700X

INTERNET OF THINGSBIG DATA

Our consultants HAVE SUCCESSFULLY WORKED ON PROJECTS FOR THE FOLLOWING ORGANISATIONS (SELECTION):

14 15

•••••• Accenture – France, Germany, Sweden

•••••• Arthur Andersen Business Consulting – International

•••••• Ciba Specialty Chemicals – Austria, Germany, Switzerland

•••••• Cisco – Belgium, Canada, Germany

•••••• Coca Cola – Germany

•••••• Daimler – France, Germany

•••••• Deutsche Bank – International

•••••• ERGO – Germany, Turkey

•••••• Leonardo Venture – Czech Republic, Germany, Ukraine

•••••• MedNet International – Greece, United Arab Emirates

•••••• MLP – Austria, Germany

•••••• Munich Re Group – International

•••••• Sanitec Group – England, Finland, France, Germany, Sweden

•••••• Siemens – International

•••••• Tadawul – Saudi Arabia

fortexx GmbH

Richard-Reitzner-Allee 185540 Haar/Munich Germany

www. fortexx.de