ISO Certifications & Assurance Reporting
Getronics’ services and operations are aligned with the world’s most respected standards and frameworks. Our processes are based on the IT Infrastructure Library (ITIL®) service management framework, and our organisation is ISO-certified with a focus on Continual Service Improvement and Customer Satisfaction.
We are committed to ensuring that the services we provide are fully aligned to our clients’ business goals. Getronics has developed and refined its Global Service Delivery Model to ensure a consistent and controlled service process worldwide.
Getronics is certified to:
- ISO 9001, Quality Management
- ISO 14001, Environmental Management
- ISO 20000, IT Service Management
- ISO 22301, Business Continuity Management
- ISO 27001, Information Security Management
- ISO 50001, Energy Management.
Getronics has also commissioned independent ISAE 3402 and SOC 2 Type 2 Assurance Reports of its organisational controls.
Further details of the above ISO and ISAE/SOC activities are presented below:
Getronics operates a global ISO 9001:2015 registered Quality Management System (BSI certificate FS 591710). Certification is based on regular assessments carried out by an accredited certification body against the Standard. The QMS establishes the base processes for document and records control, internal audit and management review, and a key element is to focus on customer satisfaction and address any complaints, with continual improvement of our services and processes as a goal.
Getronics operates an ISO 14001:2015 registered Environmental Management System (BSI certificate EMS 591711) in the UK, Iberia and Chile. The EMS includes processes to ensure that Getronics complies with environmental legal requirements, identifies the environmental aspects of the Company’s activities, and sets objectives and targets for environmental improvement and reduction of our environmental impact.
Getronics operates an ISO 20000-1:2011 registered IT Service Management System (BSI certificate ITMS 591713), in the UK, Spain and other countries delivering Managed Cloud services. The SMS includes processes for service planning and introduction, service delivery management, business relationship management, and the typical ITIL-based disciplines for service request, incident, problem, change, release, availability, capacity, asset and configuration management.
Business Continuity Management
Getronics operates an ISO 22301:2012 registered Business Continuity Management System (BSI certificate BCMS 666338), in India and other countries delivering Managed Cloud services. Its key focus is to ensure that Getronics has carried out a business impact analysis and implemented and tested appropriate business continuity plans to minimize the disruption to service delivery in the event of a major incident affecting one or more of our locations.
Information Security Management
Getronics operates a global ISO 27001:2013 registered Security Management System (BSI certificate IS 591715). To ensure compliance with our own policies and processes, customer policies and regulatory requirements, we have employed automated tools, legal requirements registers, security awareness training, and record and investigate security incidents, as well as carrying out regular independent internal audits.
Getronics operates an ISO 50001:2018 registered Environmental Management System (BSI certificate ENMS 591720) for its Data Centres in the UK, which supports organisations in all sectors. The EnMs helps the organisation to use energy more efficiently, through the planning and review of energy performance, and the setting of objectives and targets for improvement. We consistently monitor and measure results, in order to focus on continually improving our energy management and reducing our environmental impact.
NV Getronics Belgium SA commissions independent service auditors’ assurance reports to the ISAE 3402, International Standard for Assurance Engagements Type 2. The ‘Assurance Reports on Controls at a Service Organisation’ is an assurance standard used for auditing and documenting that a service organisation has adequate internal controls. The scope of Getronics’ reports is the design and operating effectiveness for its Multi-Cloud Management Services and Workspace as a Service.
Getronics has also commissioned independent SOC 2 (Service Organisation Controls) Type 2 reports relevant to security for its Managed Cloud Data Centre services and infrastructure and maintenance activities for its Managed Cloud services undertaken through its locations in India and across Europe.
European Data Centre Code Of Conduct
Getronics UK has Participant Status in the European Data Centre Code Of Conduct, which aims to inform and stimulate Data Centre operators and owners to reduce energy consumption in a cost-effective manner without hampering the mission critical function of data centres. As an official participant, Getronics is committed to following the intent of this Code of Conduct and abide by a set of agreed obligations.