BNP Paribas, leader in terms of ISO 9001 certification in banking and insurance

More than 95 divisions and entities across the Group have been awarded the ISO 9001 certification.

Based on a highly demanding international standard focused entirely on customer satisfaction, BNP Paribas demonstrates its determination to “become a benchmark group on customer satisfaction”. Furthermore, it guarantees a high level of quality and professionalism on the services it provides.

BNP Paribas has also implemented ISO certification standards across these areas:

  • Environment (ISO 14001)
  • Occupational Health and Safety Management (OHSAS 18001)
  • Information Security Management (ISO 27001)
  • Information Technology – Service Management (ISO 20000)

A total of more than 95 ISO certificates have been awarded within the Group.  Display certified businesses

The ISO 9001 model is a quality management system aimed towards customer satisfaction.

This standard, at managerial level, deals with the organisational tools to be introduced within an organisation (companies, local authorities, etc.) in order to improve customer satisfaction:

  • by responding to their requirements as well as applicable regulatory requirements,
  • by continuously improving performance in this regard.

BNP Paribas is the leading bank in the world in terms of numbers of ISO 9001 certifications. The Group has more than 70 ISO certifications spread among all of its entities and subsidiaries in France and abroad.

The ISO 14001 model is the international standard in environmental management which enables an organisation:

  • to reduce to a minimum the damaging effects of its business on the environment,
  • to achieve a continual improvement in its environmental performance.

ISO 20000 is the first international IT service management standard: published in 2005, it is intended for organisations responsible for the production and supply of IT services.

This standard is based, in large part, on the ITIL (Information Technology Infrastructure Library) standard of best practices, which has become the benchmark for the management of information technology services and systems.

In terms of content, its scope includes the following key processes:

  • Service level management,
  • Change management,
  • Configuration management,
  • Availability management,
  • Service continuity management,
  • Release management ,
  • Capacity management,
  • Security management,
  • Financial management of services for budget and accounting functions,
  • Service quality improvement planning.

For customers who are end-users of the services, the ISO 20000 certificate is a guarantee of a quality process, based on continuous improvement and on compliance with market best practices.
For service providers, the ISO 20000 certificate contributes to improving the quality of deliverables as well as the productivity and maturity of production models.

I've assumed that “lises en production” was intended to be “mises en production”

The Capability Maturity Model Integration (CMMi) approach, which originates in the US and is now applied as an international standard across the information technology market, enables an IT system to ‘evolve’ to maturity through the efficient and uniform application of a project management framework, while permitting the system’s effectiveness to be measured.

The model is staggered on 5 levels of maturity that enable common practices related to project management, maintenance, and development to become firmly entrenched in the system, and includes measures that ensure that its implementation is appropriately monitored and that the required improvements in performance are achieved.

The BNP Paribas Group has chosen this international benchmark model as a means of evaluating the quality of the IT development and maintenance processes that lie at the heart of its Information Systems Directorates (ISDs).

This process complements the ISO and ITIL processes being implemented in Production, and is part of a global strategy aimed at improving quality, efficiency and responsiveness across the BNP Paribas Group.

CMMi certification of a system enables the system’s maturity level and capacities to be evaluated, with the ultimate aim of:

  • improving the quality of products developed
  • ensuring that delivery deadlines are consistently met
  • optimizing development, integration and validation efforts while mitigating risks.

ISO 27001 is an international information security management system standard: published in 2005, it describes the requirements for establishing an Information Security Management System (ISMS).

This standard does not address risk analysis techniques, but rather the creation of a formal information security policy with respect to security, risk awareness and the implementation of procedures for managing information security.

In terms of content, its scope includes the following points:

  • List of steps,
  • Creating a climate of trust,
  • Securing partnerships,
  • Preference for electronic transfers,
  • Better risk management,
  • Cost reduction,
  • Economies of scale,
  • Reduction of insurance premiums,
  • Calls for tender that require compliance with the standard,
  • Branding with respect to security,
  • Compliance (SOX, C198, HIPPA).

Commercial benefits: calls for tender demanding a level of security that is in compliance with standards, creation of a climate of trust with respect to external partners, shareholders, etc.
Reliability and security of the IT system: business continuity plan, control of IT spending, creating employee accountability.

The ISO OHSAS 18001 specification is the company’s safety standard. Its objective is the rigorous and effective management of occupational health and safety.

OHSAS is the only internationally recognised standard in this field. At the present time, OHSAS 18001 is a privately owned standard. It was developed based on existing national standards ((BS 8800, UNE 81900, VCA) and on standards belonging to a number of certificating entities (OHSMS, SafetyCert, SMS 8800).
From an integrated QSE (Quality, Safety and Environment) management perspective, OHSAS 18001 is fully compatible with the ISO 9001 and ISO 14001 standards.