Essential Certificatins fr Call Centers and BPOs February 2012 22011YYYY This paper utlines the essential certificatins fr Business Prcess Outsurcing cmpanies with details n the Organizatinal Certificatins, Individual Certificatins, Industry Specific Certificatins, and key Cmpliance Laws f the client natins.
Intrductin With the grwing repertire f service prviders in emerging gegraphies prviding BPO and Call Center services, clients are spilt fr chice. In this wrld f increased financial system vlatilities and geplitical risks, clients are treading ever mre cautiusly in selectin f the right service prvider. The cardinal factrs that decide their chice are shwn diagrammatically as fllws: Capability Talent Cmpetency Infrmatin Security Regulatin & Cmpliance Need fr BPO Certificatins Quality Assurance Prcess Maturity Custmer Service Talent Retentin Operatinal Efficiency T reap true benefits f glbalizatin, setting standards thus becmes imperative fr clients as well as service prviders. The bjective f this whitepaper is t (1) assist BPO and Call- Center service prviders decide which certificatins are necessary in rder t demnstrate capabilities that are recgnized and accepted glbally (2) assist clients in their evaluatin f service prviders and (3) prvide agents with necessary skills that can enable grwth in their career. Further, it als classifies the BPO certificatins int mandatry and desirable. Desirable certificatins althugh nt imperative enhance the cmpetitiveness f BPO and Call Center service prviders. Organizatinal Certificatins ISO 9000: Internatinal Organizatin fr Standardizatin ( ISO ) 9000 series is an internatinal set f dcuments n quality assurance, written by members f a wrldwide delegatin knwn as the ISO/Technical Cmmittee 176. Cpyright 2012 All Rights Reserved, Avasant LLC Page 2 f 11
The ISO 9000 series cnsists f five dcuments; three cre quality system dcuments, that are mdels f quality assurance, namely ISO 9001 - mdel fr quality assurance in design / develpment, prductin, installatin and servicing; ISO 9002 - mdel fr quality prductin and installatin; ISO 9003 - mdel fr quality assurance in final inspectin and test; and tw supprting guidelines dcuments, namely ISO 9000 and ISO 9004. COPC 2000: stands fr Custmer Operatins Perfrmance Centre. The COPC-2000 Standard was written in 1995 by a cre grup f users f call center services and assciated distributin fulfillment peratins, including representatives frm American Express, Dell Cmputer Crp., Micrsft, Nvell, L.L.Bean. COPC is the wrld's leading authrity n custmer cntact centre peratins. COPC is used t imprve custmer service. The (COPCSM) missin is t develp and drive initiatives that supprt superir perfrmance in custmer-tuch intensive envirnments, as measured by the criteria f custmer service, custmer satisfactin, and peratin efficiency. These initiatives are develped and implemented in cllabrative, cnsrtium envirnment, which includes practitiners frm bth external and internal Custmer Service Prviders (CSPs), clients, industry suppliers, and ther industry experts. The COPC-2000 CSP Standard certificatin is a framewrk that ensures a cmpany's utmst perfrmance in service, quality and csts in cntact center envirnments. Tday, COPC audits rganizatins fr cmpliance t the COPC2000 standard; cnducts benchmark reviews f call centers and fulfillment centers, using the standard as the rganizing methdlgy fr the data cllected during the curse f the review; cnsults with call centers and fulfillment centers n peratinal perfrmance imprvement; cnsults with purchasers f call center and fulfillment services n strategic alternatives fr utsurcing, including hw best t select and manage service prviders; prvide industry-wide frums, such as cnferences, wrkshps, and facilitated user grups, t fster an atmsphere supprtive f high levels f custmer service. e-scm: (e-services Capability Mdel) Wrld's first capacity mdel t cater the unique requirements f ITES / BPO services. The mdel has been develped by ITSqc grup at CMU Serwiz partnered with Carnegie Melln University, (funders f the SEICMM, used by the Sftware industry) t develp this capability mdel and assciated assessment methds at the Department f Cmputer Science. The mdel fcuses n assisting custmers t measure the capability f service prviders n assisting custmers t establish and manage cntinually imprving utsurcing relatinships. It initiates and guides service prviders thrugh the prcess f cntinuus imprvement by specifying practices t be implemented and institutinalized. It aims t becme the preferred resurce fr best practices and appraisal f BPO capabilities. The e-scm will assess the capabilities f service prviders t service custmers in the IT enabled BPO business sectr. Cpyright 2012 All Rights Reserved, Avasant LLC Page 3 f 11
The e-scm-sp v2 cmprises f 84 practices, which are cnsidered best practices fr a successful surcing relatinship. Each practice is disseminated alng the fllwing three dimensins: Surcing Life-cycle Capability Area Capability ISO 27000 Series (27001 and 27002) and BS7799: ISO 27001 ISO/IEC 27001, part f the grwing ISO/IEC 27000 family f standards, is an Infrmatin Security Management System (ISMS) standard published in Octber 2005 by the Internatinal Organizatin fr Standardizatin (ISO) and the Internatinal Electr-technical Cmmissin (IEC). ISO 27001 prvides the framewrk fr a technlgy neutral, vendrneutral management system that enables an rganizatin t assure itself that its infrmatin security measures are effective. This includes the cntinued accessibility, cnfidentiality and integrity f its wn infrmatin and that f its stakehlders as well as legal cmpliance. ISO 27000 is largely based upn the previusly adpted BS 7799 used cmmnly since 1995 fr managing infrmatin security. BS 7799 was brken int 2 parts - The first part, cntaining the best practices fr Infrmatin Security Management, was revised in 1998; was eventually adpted by ISO as ISO/IEC 17799, "Infrmatin Technlgy - Cde f practice fr infrmatin security management". In 2000, ISO/IEC 17799 was then revised in June 2005 and finally incrprated in the ISO 27000 series f standards as ISO/IEC 27002 in July 2007. The secnd part t BS7799 als knwn as BS 7799 Part 2, titled "Infrmatin Security Management Systems - Specificatin with guidance fr use." BS 7799-2 fcused n hw t implement an Infrmatin security management system (ISMS), which later became ISO/IEC 27001. The 2002 versin f BS 7799-2 intrduced the Plan-D-Check-Act (PDCA) (Deming quality assurance mdel), aligning it with quality standards such as ISO 9000. BS 7799 Part 2 was adpted by ISO as ISO/IEC 27001 in 2005 ISO/IEC 27001 requires that management: Systematically examine the rganizatin's infrmatin security risks, taking accunt f the threats, vulnerabilities and impacts; Design and implement a cherent and cmprehensive suite f infrmatin security cntrls and/r ther frms f risk treatment (such as risk avidance r risk transfer) t address thse risks that are deemed unacceptable; and Cpyright 2012 All Rights Reserved, Avasant LLC Page 4 f 11
Adpt an verarching management prcess t ensure that the infrmatin security cntrls cntinue t meet the rganizatin's infrmatin security needs n an nging basis. PCMM : r Peple Capability Maturity Mdel. This prvides guidance fr rganizatins in crucial areas such as attracting, develping, mtivating, deplying and training the talent needed t steadily imprve the rganizatin's sftware develpment capability. Supprt Center Practices (SCP) Certificatin: prgram was designed t address issues that affect the rapidly grwing technlgy supprt industry. SCP Certificatin quantifies the effectiveness f custmer supprt based upn a stringent set f perfrmance standards and represents best practices in the industry. Six Sigma: A methdlgy that prvides business with the tls t imprve the capability f their business prcesses. This increase in perfrmance and decrease in prcess variatin leads t defect reductin and vast imprvement in prfits, emplyee mrale and quality f prduct. Six Sigma is a rigrus and a systematic methdlgy that utilizes infrmatin (management by facts) and statistical analysis t measure and imprve a cmpany's peratinal perfrmance, practice and systems by identifying and preventing 'defects' in manufacturing and service related prcesses in rder t anticipate and exceed expectatins f all stakehlders t accmplish effectiveness. Help Desk Institute: (HDI) is the wrld's largest membership assciatin fr the service and supprt industry. Funded in 1989, HDI's missin is t lead and prmte the custmer service and technical supprt industry by empwering its members thrugh access t timely and valuable industry infrmatin, including reprts and publicatins; encuraging member cllabratin thrugh events and nline frums; and establishing internatinally recgnized, standards-based industry certificatin and training prgrams. HDI teaches the custmer service skills and service management prcesses required t prvide quality IT service and supprt. Each HDI Certificatin reflects the level f knwledge required fr specific rles, ranging frm Custmer Service Representative t Supprt Center Directr. HDI helps supprt center rganizatins with help desk peratins t imprve efficiencies, increases the quality f service, and advances service and supprt thrugh prfessinal develpment. SPOT: SPOT certificatin prcess is the path t establishing a Wrld Class Quality Call Center. The SPOT Certificatin prcess is unique and cncentrates n tp perfrmance standards fr a center withut the usual lengthy prcess that ther certificatin prcesses require. Spt certificatin prcess has tailred a sphisticated time-efficient certificatin prcess that will target a center s tp-quality perfrmance in three simple steps t a guarantee f being certified as an elite wrld- class service prvider which is essential fr a center s daily prductivity. Cpyright 2012 All Rights Reserved, Avasant LLC Page 5 f 11
The SPOT Perfrmance Maturity Mdel acts as bth a self-assessment tl and cmpliance certificatin prcess t prvide a radmap fr cntact centers, business prcess utsurcing peratins and ther service peratins t map their peratinal perfrmance alng a spectrum ranging frm "just getting started" t "demnstrated high perfrmance ver time." The mdel prvides a radmap t imprved revenue and prfitability thrugh imprved perfrmance in revenue generatin, cst management, faster cycle times and imprved custmer satisfactin. One f the prime cncerns and respnsibilities fr cntact center executive management is usage f apprpriate technlgy. In additin t having an impact n csts, service levels, staff mrale, and end-user satisfactin, the apprpriate infrmatin technlgy and cmmunicatin infrastructure must be in place and managed t supprt the cntact center s business prcesses and services. Spt certificatin prcess has tailred a refined, resurceful certificatin prcess that will shed light n yur cntact center technlgy used. Individual Certificatins BPO Certificatin Institute - BCI ffers the largest, pan-dmain and the wrld s nly range f rle-calibrated Credentialing and Certificatin prgrams fr BPO prfessinals based n the first, mst cmprehensive and the nly dedicated-t-bpo Human Cmpetence Master Standards (HCMS Release 3.1) in the wrld. These credentials have been apprved and are cntrlled by the BPO Prfessinal Certificatin Cuncil (BPCC) thrugh its varius charters. BCI ffers certificatin and credentialing services in three key dimensins human cmpetence fr prfessinals and service delivery quality & talent management quality fr BPO enterprises. Cvering all critical BPO/ KPO dmains like Custmer Service, Transactin Prcessing, Back-ffice services, Finance & Accunting and Technical Supprt, BCI s CCIP (Custmer Interactin), CBPA (Business Prcesses), CFPA (Financial Prcesses), CTSA (Technical Supprt), certificatins straddle the entire BPO service prvider space. CIAC (Call Center Industry Advisry Cuncil): CIAC Certificatin is the prcess by which the cmpetence f individuals is assessed, validated, and recgnized in specific areas f expertise based n the requirements f their jb rle, as determined by leading practitiners in the call center industry. It allws individuals t demnstrate an indepth understanding f call centers, cmprehensive knwledge f the essential aspects f their jb functin, and t demnstrate skills and behavirs identified as essential fr success. Achieving CIAC Certificatin indicates that an individual: Has demnstrated mastery f industry-established knwledge, skill, and behaviral requirements Cpyright 2012 All Rights Reserved, Avasant LLC Page 6 f 11
Is cmmitted t their career and nging prfessinal develpment. Prject Management Prfessinal (PMP) - Prject Management Institute s Prject Management Prfessinal (PMP) credential is the mst imprtant industryrecgnized certificatin fr prject managers. Glbally recgnized and demanded, the PMP demnstrates that yu have the experience, educatin and cmpetency t successfully lead and direct prjects. In areas f transitin, it wuld be key t have a PMP t run prjects efficiently Prject Management Prfessinal (PMP) Certified Assciate in Prject Management (CAPM) Prgram Management Prfessinal (PgMP) PMI Scheduling Prfessinal (PMI-SP) PMI Risk Management Prfessinal (PMI-RMP) Industry Specific Certificatins Trustwave's TrustKeeper : Cmpliance Validatin Service t meet the Payment Card Industry Data Security Standard (PCI DSS). TrustKeeper Cmpliance Validatin Service has been accredited by all the majr card assciatins' data security prgrams including: VISA USA - (CISP - Cardhlder Infrmatin Security Prgram) VISA Internatinal - (AIS - Accunt Infrmatin Security) MasterCard Wrldwide - (SDP- Site Data Prtectin) American Express - (DSOP -Data Security Operating Plicy) Discver Netwrk - (DISC - Discver Infrmatin Security and Cmpliance) JCB - Fully supprts the PCI DSS mandate and TrustKeeper in supprt f that mandate Cpyright 2012 All Rights Reserved, Avasant LLC Page 7 f 11
Key Cmpliance Requirements Apart frm certificatins, Call Center and BPO service prviders will need t adhere t key cmpliance laws f client natins. Cmpliance Law Sarbanes Oxley Act (SOX) Gramm Leach Bliley Act (GLBA) Specific t Financial Services firms Health Insurance Prtability & Accuntability Act (HIPAA) Specific t the Healthcare Industry Data Prtectin Act (DPA) - UK Impact It is mandatry fr all US public cmpanies t adhere t the Sarbanes-Oxley Act (SOX). It invlves defining prcesses, dcumentatin f all business activities, mapping and identifying risks and cntrls. Service Prviders delivering services t clients in the US are als expected t cmply t SOX requirements Outsurcing service prviders t financial institutins in USA need t cmply t GLBA custmer data prtectin guidelines/bligatins t respect custmer privacy and prtect custmer persnal infrmatin against reasnably freseeable internal r external threats t its security, cnfidentiality, and integrity With fcus n the healthcare industry, HIPAA fcuses n administrative simplificatin, unique health identifiers, privacy & security. HIPAA Privacy Rule, applies t "business assciate" cntracts, where any vendr which receives r utilizes prtected health infrmatin frm, r fr, the cvered entity needs t ultimately ensure the integrity and security f health care infrmatin When a business uses an utsurced entity t prcess persnal infrmatin n its behalf, it retains liability fr the security and accuracy f infrmatin and full cntrl ver hw it is used. This means the business remains liable fr any breaches f the Data Prtectin Act, even if the utsurced cmpany is based abrad. Hence during selectin f a service prvider, clients ensure that all regulatins cmplying t the DPA are met and breach f any cntract is enfrceable, checking fr security, and auditing that prvider peridically fr cmpliance Certificatins such as ISO and BS 7799 will help prviders cmply with sme f these regulatins. Cpyright 2012 All Rights Reserved, Avasant LLC Page 8 f 11
Summary Table f Varius Certificatins and their Degree f Imprtance Certificatin Impact Nature f Certificatin Need ISO 9000 Generic certificatin n prcesses t ensure delivery f quality utput. Thugh this certificatin is nt mandatry, it is desirable that the perating prcesses cmply t this mdel. COPC 2000 Specific t cntact center envirnments ensuring utmst perfrmance in service, quality and csts. e-scm ISO 270001 and 27002 PCMM Six Sigma Supprt Center Practices (SCP) Certificatin Help Desk Institute (HDI) SPOT Helps assisting custmers t measure the capability f service prviders specially if the service is in the area f supply chain management Mandatry fr Call Centers t implement infrmatin security standards Guidance fr rganizatins in attracting, and deplying talent. Mst large call centers in India have this certificatin. Applies t all prcesses and ensures lean prcessing with minimal defects. Genpact, Wipr etc cmply t six sigma. Quantifies the effectiveness f custmer supprt based upn a stringent set f perfrmance standards and best practices Certificatin fr rganizatins perating helpdesks specifically Similar t COPC, aims at imprving Call Center efficiency. This is an alternate t COPC, thugh nt as ppular. Cpyright 2012 All Rights Reserved, Avasant LLC Page 9 f 11
Certificatin Impact Nature f Certificatin Need BPO Certificatin Institute PMP Call Center Industry Advisry Cuncil (CIAC) Trustwaves Trustkeeper and Individual Oriented Individual Oriented Individual Oriented Industry Specific (Credit Cards Industry) Certifies human cmpetence fr prfessinals and service delivery quality & talent management quality fr BPO enterprises including Call Centers. This is primarily fr individual certificatin. Individual/Persnnel Specific certificatin aimed at managing prjects efficiently Specific certificatins t asses individual perfrmance f Call Center agents Specific t the Credit Card industry, it ensures data security f data within an rganizatin Mandatry Desirable Abut the authrs Dr. Pradeep K. Mukherji is the President and Managing Partner at Avasant APAC and Africa. Ashwin Waghela is Manager at Avasant and based at Mumbai Skanda Janakiraman is Sr. Cnsultant with Avasant and based at Manhattan Beach, USA Cpyright 2012 All Rights Reserved, Avasant LLC Page 10 f 11
Enterprise Optimizatin Services Glbalizatin Advisry Services Surcing Advisry Services Abut Avasant With its glbal headquarters in Ls Angeles, Califrnia, Avasant is a tp management cnsulting, research, and events firm servicing glbal clients acrss the public, private, and nn-prfit sectrs. Our talented team f cnsultants, lawyers and technlgists average ver 20 years f industry-hned experience and have cnducted 1,000+ engagements in ver 40 cuntries wrldwide. Avasant drives custmer value thrugh the use f ur prprietary cnsulting and advisry methds, which have been refined ver decades f real-wrld transactin and engagement experience. The cmbinatin f ur wrld-class resurces allws Avasant t yield superir business utcmes in three primary dmains: Strategic Surcing, Technlgy Optimizatin and Glbalizatin Cnsulting. Fr mre details abut Avasant s services and capabilities, Please visit ur website at: www.avasant.cm Visit us fr a cmplete list f research papers n: www.avasant.cm/research Glbal Headquarters Ls Angeles 3601 N Aviatin Bulevard, Suite 3000, Manhattan Beach, CA, 90266, USA Tel: 310-643-3030 Fax: 310-643-3033 Email: cntactus@avasant.cm Nrth America Austin New Yrk Chicag San Dieg San Francisc Asia Beijing Bangalre Mumbai Tky Eurpe Lndn Middle East & Africa Accra N part f this paper culd be re-prduced, re-printed r translated withut prir permissin. Cpyright 2012 All Rights Reserved, Avasant LLC Fr any further cmmunicatins, please cntact: marketing@avasant.cm Page 11 f 11