We are living in a dynamic world where business strategies are planned around customer needs and expectations. Industry like ours, in customer experience management, deals with hyper- competitive experience economy backed by enormous customer data. Every other day new risks are identified and are required to be managed through risk based process approach coupled with penetration and vulnerability test to avoid occurrence and recurrence. It also helps to make fool proof processes until new threats are discovered and cycle continues. We can say this is a journey without destination in the direction of customer expectation and experience
Cyber-attacks have become more sophisticated and are increasing in volume and strength daily, the financial and reputational damage caused by an ineffectual information security posture can be disastrous. It might be relevant to note that the global average cost of a data breach has skyrocketed to $3.86 million (a 6.4% increase from 2017), according to Ponemon and IBM. Companies in Brazil, South Africa, and France appear to have the highest estimated probabilities of a data breach at 43.0 percent, 40.9 percent, and 35.1 percent, respectively. In addition, companies in South Africa, Brazil, and Turkey report the lowest deployment rate of security automation. The average total cost of a data breach is $2.88 million for organizations that fully deploy security automation. In contrast, organizations that do not deploy automation realize a much higher total cost of a data breach at $4.43 million — or a net total cost difference of $1.55 million.
Quality Management System (ISO 9001) and Information Security Management System (ISO 27001) are internationally recognized and practiced all over world which help to protect organizations against such threats though risk assessment and demonstrate the necessary steps to protect the business.
ISO 9001 and 27001 certification not only helps to demonstrate good security practices, thereby improving working relationships and retaining existing customers, but it also a testimony of customer focus approach which gives proven marketing edge against competition. In addition, whether a business complies with this standard could be a major factor when a customer is deciding if it wants to work with an organization.
As the accepted global benchmark for the effective management of information assets, ISO 27001 enables organizations to avoid any potential financial losses caused by data breaches.
In a 2016 ISO 27001 survey, Ninety-eight percent of respondents mentioned “Enhanced Information Security” as the most important benefit of ISO 27001, followed by “Improved Company Reputation” and “Improved Competitiveness”. These benefits collectively had an impact if the customer plans to share information with the organization with the “Enhanced Information Security” being the most obvious one. Of the 53 countries participation, it was only South Africa that participated in the survey from the region.
As Africa is gearing up for Digital Africa stature, iSON encourages more and more organizations in Africa to be ISO certified and have a proactive and a holistic approach to counter any kind of data breach of its consumers. Organizations need to understand that another security hardware appliance such as a firewall, latest security technology will not provide the security that they expect if the people and processes that form part of it are not in place or adhered to; reason being the disruptions in technology and skill enablement are being witnessed at an unimaginable speed. Thus, it becomes all the more imperative to understand the importance of information security and take the relevant steps to ensure the protection thereof.
Key to consistency is process approach. Process approach ensures control on inputs, process parameters to deliver consistency in output and makes it stable and predictable to win customer’s confidence. Anything which cannot be measured will not be improved. Interrelation of customer facing processes with inward looking processes will ensure alignment with consumer results.
iSON BPO began its Africa adventure in 2011 and since then has been certified to ISO 9001:2015 & ISO 27001:2013 by market leaders like British Standards Institute (BSI) and Bureau Veritas (BV) as third party certification agencies. The certification involved streamlining of processes across 19 sites spread across 13 countries in Africa for 10,000 employees speaking 30+ languages. We started with our first ISO 9001:2015 certification in East Africa – Kenya and gradually got all our locations certified. Recently, we transitioned to ISO 27001:2013 certification which clearly demonstrates iSON’s ability to effectively manage information security risks by implementing an information security management system while serving organizations of Africa and in Africa.
It is proven that organizations that consider quality management to be an integral part of their business operations usually achieve a higher operating efficiency than those that do not. A certified organization ensures clear processes and communication structures, tasks and responsibilities throughout the entire organization. This increases the involvement of staff, which in turn improves the working atmosphere and reduces the pressure of work.
We have been able to bring cognizance to all our employees through imparting training and conducting awareness sessions regularly across all locations. Our employees understand the importance of these certifications and adhere to the guidelines as applicable and follow them accordingly. This has been a part of our new hire training process. At present we have 5 Lead auditors and more than 175 internal auditors who have been trained and certified internally to conduct integrated management system audits. iSON BPO QMS and ISMS practices have traveled to other organizations in continent through our clients and employees.
iSON with its decade experience in Africa has ensured zero leakage independent of disruptions in technology, for FTSE100, S&P500 and CAC 40 companies from the computer technology, unified communications, telecommunications, financial services sectors, among others.