Certifications are important for EBPI. It keeps us sharp and gives us the tools to have our processes in order to address a dynamic market. These certifications provide clients with the assurance that EBPI is able to meet high quality agreements (ISO 9001), to process information and data securely (ISO 27001) and to provide services that offer added value to the customer and supplier ( ISO 20000).
ISO 20000 : 2011
ISO 20000 is the international standard for Service Management with the aim of achieving a win-win situation for the customer and supplier. This standard requires that all phases of the delivery lifecycle of our services, from drawing board to actual delivery of the service, take place in a controlled and customer-oriented manner, whereby the customer and supplier both experience an added value of the service.
The standard also requires a service management system to continually improve the processes and people behind the service, so that the added value of the service will continue to be guaranteed in the future.
ISO 27001 : 2013
ISO 27001 is the international standard for information security with the aim that organizations treat their customers' data in a secure manner so that they remain available, maintain integrity and are confidential. This standard requires that EBPI continually assesses threats and risks and takes appropriate security measures to permanently protect the service and information against failure, modification and infringement.
The standard also requires an Information Security management system to continually improve the effectiveness of the set of security measures, allowing customers to continually rely on the safety of EBPI's service.
ISO 9001 : 2015
ISO 9001 is the international standard for quality management with the aim that organizations are able to deliver "Conforming to specifications". This standard requires EBPI to use a customer-oriented approach in which customer requirements are translated into feasible specifications in advance. During realization, the solutions and products are continually tested against those specifications so that the right service level is delivered to the customer.
The standard also requires a Quality Management system to continuously improve the customer focus of the working method, so that customers can continue to trust that EBPI makes the right agreements and then also realizes them (in short: Say what you want to do, do what you say).
CSR-P is the certification for the Dutch standard of Corporate Social Responsibility according to the Performance Ladder. The aim is that organizations can distinguish themselves on different levels in 3 “P ” aspects; People, Planet and Profit.
EBPI was certified in June 2017 for CSR-P level-3 which is comparable to the current ISO certifications such as 9001, 27001 and 20000.
Level 3 also includes a CSR management system based on the PDCA circle to continuously improve the CSR goals, efforts and results.
EBPI shares the achieved CSR results with its stakeholders every quarter via the CSR quarterly report.
Integration of management systems
Of course, the management systems for Quality, Information Security, Service Management and CSR-P are not separate from each other.
EBPI has opted, with the annual company policy as a source, to adapt the certificate specific policy documents, so that these remain in line with the company policy and so reinforce each other.
The management systems for Quality (K), Information Security (I), Service Management (S) and MVO-P (M) have been merged into an integrated management system KISM2, which is already suitable for the Environment (M). Thanks to the High Level Structure (HLS) in all modern ISO and CSR standards, EBPI has been given the opportunity to integrate common procedures and assessments.
The integration of these systems has been carried out, and checked for compliance and effect via internal audits.