Quality: An increasing number of IT-BPO companies continue to adopt global standards such as ISO 9001 (for Quality Management) and ISO 27000 (for Information Security). India based centres account for the largest number of quality certifications achieved by any single country.
Over the last three years, there has been an 18 percent increase in the number of IT-BPO companies acquiring quality certifications; 30 percent increase in performance certifications; 20 percent increase in security certifications. Most companies who have acquired quality certifications have invested in acquiring level 4 and 5 certifications exhibiting greater sophistication.
View list of Certified Companies
Security: According to the DSCI-KPMG security survey, (which provides insights into the data security and privacy environment of the Indian IT-BPO industry), data security is a hygiene factor for the sector. In addition to considering it a key differentiator to gain competitive advantage, companies are following standardised processes, as certified by globally established standards such as ISO 27001. At the same time, a majority of organisations are being vigilant about evolving security issues, and vulnerabilities and constantly reviewing the environment to assess its security posture. Today, companies are providing architectural treatment to security solutions, using enterprise portals to manage security, adopting techniques such as threat modelling, threat tree, etc. and focusing on innovation in security initiatives.
Organisations have also adopted solutions related to encryption and started to develop fraud management and forensic capabilities internally. In the wake of data protection regulations, more than 50 percent of the organisations have deployed or are planning to deploy hard disk encryption, e-mail encryption, techniques to prevent data loss, security incident and event monitoring, mobile data protection and legal and compliance management. Indian organisations are additionally adopting various information security practices to make delivery centres secure.
The DSCI-KPMG survey highlights the fact that IT-BPO organisatioins focus on people related controls in addition to deploying technology for security. More than 80 percent of Indian IT-BPO organisations are mindful of the risks related to providing unrestricted access to information assets. Over 75 percent of the organisations have adopted policies for securing administration of databases. Additionally, organisations have set up measures to secure critical applications against vulnerabilities. Organisations are also looking at automating security processes and implementing leading edge technologies such as virtualisation security and data loss prevention to reduce the risk associated with data leakage.