Certifications at Visma Connect
The core of our vision on certification is the conviction that long-term success of a company results from customer satisfaction. We strive for customer satisfaction by ensuring that our services consistently meet our own requirements, legal and regulatory requirements and our customers' requirements.
Certifications are important for our management system, because they keep us sharp and provide us with tools to consistently deliver high-quality services in a dynamic market. In addition, certifications offer our customers the certainty that Visma Connect is able to comply with agreements made (ISO 9001), to handle information and data securely (ISO 27001) and to provide services that offer added value to customers and suppliers (ISO 20000), as well as have a positive impact on our surrounding environment(CSR-P). Visma Connect is also a certified SWIFT service provider (SWIFT SIP) and if we process personal data as a data processor on behalf of our customers we comply with the requirements of the Data Pro Code, a Dutch code of conduct on privacy.
We are therefore certified according to the following (ISO) standards:
- Quality Management (ISO 9001: 2015)
- Information security (ISO 27001: 2013)
- Service Management (ISO 20000: 2011)
- Corporate Social Responsibility (MVO-P v.2 2013)
- SWIFT Shared Infrastructure Program
- Data Pro
To maintain these certifications, we are audited annually by an external party. They look at the operation and effectiveness of our management system and whether we meet the applicable standards. To ensure that we continue to comply with these, Visma Connect has a Security & Compliance department. They are committed to ensuring that our services consistently meet all requirements and we continue to deliver secure and high-quality services Do you have any questions on our certifications?
Please send an e-mail to firstname.lastname@example.org.
ISO 20000 : 2011
ISO 20000 is the international standard for Service Management. Its goal is to ensure a win-win situation for suppliers and their customers. This standard requires that all phases of the service lifecycle, from the drawing board to final delivery, take place in a controlled and customer-oriented manner, so that both customer and supplier experience added value.
The standard also requires the use of a Service Management system to continuously improve the processes and staff behind a service. This guarantees added value in the future.
ISO 27001 : 2013
ISO 27001 is the international standard for Information Security. Its goal is to ensure that organizations treat their customers’ data in a secure manner, guaranteeing confidentiality, availability and integrity. To comply with this standard, Visma Connect constantly assess threats and risks, taking the appropriate security measures to protect our services and the data we handle from failure, damage and infringement.
The standard also requires an Information Security management system to continuously improve the effectiveness of our security measures. This gives our customers confidence in the reliability of our security policies.
ISO 9001 : 2015
ISO 9001 is an international standard for Quality Management. Its goal is to ensure suppliers deliver “according to specifications.” The standard ensures that we follow a customer-oriented methodology in our work. Customer requirements are translated into feasible specifications in advance. Processes and products are then consistently tested against those specifications during execution, thereby ensuring that the right product is delivered.
This standard also requires a Quality Management system to ensure that we improve our work method with a focus on the customer, so that we can stay true to customer trust. In other words: say what you do, do what you say, prove it and improve it
MVO-P is the certifiable Dutch standard for Corporate Social Responsibility. The standard follows a performance ladder and measures organizations against 3 areas: People, Planet and Profit. Visma Connect received a Level 3 MVO-P certificate in June 2017. This level is comparable to ISO-certificates like 9001, 27001 and 20000.Level 3 also includes a CSR management system that draws on the PDCA cycle (plan–do–check–act or plan–do–check–adjust) to continuously improve our CSR goals, efforts and results.
SWIFT Shared Infrastructure Program (SIP)
The Shared Infrastructure Program is a supportive framework developed by SWIFT to help customers with the due diligence checks required when engaging a service provider.
The SIP defines eligibility criteria, roles and responsibilities, as well as the legal, financial and operational requirements service agencies must meet at all times. SWIFT performs additional checks, including on-site inspections, to verify compliance on specific moments.
SWIFT regularly reviews and adapts this program to reflect market and technical developments and respond to the evolving threat landscape.
As a service provider, we are responsible for ensuring compliance with SWIFT’s SIP.
The Data Pro Code is an approved code of conduct according to article 40 of the General Data Protection Regulation (GDPR) in The Netherlands. This code of conduct is initiated by the IT branch organization NLdigital. Its goal is to ensure GDPR-compliance (in particular to the requirements set out in article 28 GDPR) of IT organizations that process personal data as processor for their customers in The Netherlands. All organizations that acquired the Data Pro certificate are registered in the Data Pro Register. The Data Pro Code has been approved by the Dutch privacy supervisory authority Autoriteit Persoonsgegevens.