ISO 9001:2015 is an International Standard promotes the adoption of a process approach when developing, implementing and improving the effectiveness of a quality management system, to enhance customer satisfaction by meeting customer requirements. SQS India BFSI recognizes its quality assurance in independent software testing services to Banking, Financial Services and Insurance organizations using its proven offshore delivery model. The framework established as part service delivery compliance ensures the Company independent software testing services and offerings maintain consistent quality and processes, employing best practices, and using a proven project management methodology to enhance customer satisfaction and ensure continuous improvement.
SQS India BFSI adopted a process approach this has helped the organization to effectively determine and manage numerous linked activities. The application of process approach within an organization provides over the linkage between the individual processes within the system as well as over their combination and interaction across organization. This helped the organization to understand and meet the customer requirements, obtaining results of process performance and effectiveness, and continual improvement of processes based on objective measurement.
ISO 27001:2013, Information Security Management Systems specifies the requirement for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented information security management system within the context of an organisation’s overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof. The receipt of this certification evidences the company’s compliances with the requirements of these international standards requirements and best practice. The Company believes that the compliance with the requirements of this certification will help to improve the confidentiality, integrity, availability and business continuity of vital corporate and customer information may be essential to maintain competitive edge.
PCI DSS: The Payment Card Industry Data Security Standard (PCI DSS) was developed to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally. PCI DSS provides a baseline of technical and operational requirements designed to protect cardholder data. PCI DSS applies to all entities involved in payment card processing -including merchants, processors, acquirers, issuers, and service providers, as well as all other entities that store, process or transmit cardholder data (CHD) and/or sensitive authentication data (SAD).
PCI DSS comprises a minimum set of requirements for protecting cardholder data, and may be enhanced by additional controls and practices to further mitigate risks, as well as local, regional and sector laws and regulations. Additionally, legislation or regulatory requirements may require specific protection of personally identifiable information or other data elements (for example, cardholder name).
The PCI DSS security requirements apply to all system components included in or connected to the cardholder data environment. The cardholder data environment (CDE) is comprised of people, processes and technologies that store, process, or transmit cardholder data or sensitive authentication data. “System components” include network devices, servers, computing devices, and applications. SQS India BFSI Limited adopted and implemented PCI DSS to meet the cards customer requirement.
Click here to view the certificate >
ISAE 3402 (International Standard on Assurance Engagements) / SSAE 16 (Statement on Standards for Attestation Engagements) a independent assessment report as per the ISAE 3402/ SSAE 16 provides the confidence on control procedures, adequacy and reasonable assurance in our service delivery and information security, data privacy related controls. It illustrates the positive effects of properly functioning and articulated control environment to an organization’s senior management and our clients.
Outsourcing companies (SQS India BFSI clients) are looking for third-party assurance to provide their clients (SQS India BFSI) with comfort about their internal control environment. Replacing SAS 70, ISAE 3402 / SSAE 16 standards will remain the most widely employed approach to demonstrate third-party assurance, providing coverage to users of outsourced services. The SSAE 16 "attestation" standard and the ISAE 3402 "assurance" standard essentially share a common framework derived from the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA), which put forth SSAE 16, and the International Auditing and Assurance Standards Board (IAASB) of The International Federation of Accountants (IFAC), which put forth ISAE 3402. This common framework between SSAE 16 and ISAE 3402 is one that represents a migration, adoption, and ultimately, an acceptance of more globally accepted accounting standards, such as those of the International Financial Reporting Standards (IFRS), which are essentially the standards, interpretations and framework adopted by the International Accounting Standards Board (IASB).
Internal process audit team is doing regular process compliance audits on compliance to the established process, customer service delivery fulfillment and Information security controls. Over and above external auditors are doing periodical assessment as part of aforesaid certifications. These are very much essential to ensure that the organizational processes are in conformity with those committed to the customers in terms of the customer agreements as well.