DSCI Assessment Framework

Indian IT/BPO Service Providers are striving hard to ensure that security and privacy of data is well maintained. In this outsourcing ecosystem, many Clients have developed and applied their own proprietary assessment frameworks for evaluating their Service Providers. Service Providers, on the other hand, strain their resources to respond to diverse and varied client information requests. Such independent approach proves to be an ineffective and costly affair, both for the Clients and the Service Providers.

Inconsistencies arising from the use of different assessment methodologies cause delays, resulting in inefficient use of time and resources. Unavailability of generally accepted standard for Service Provider assessments further aggravates the problem.

To overcome these issues and challenges, DSCI as an industry initiative seeks to establish a well-defined “Assessment Framework” in order to have a universal assessment approach that can be used to assess different organizations in DSCI Assessment Framework – DAF©. The guiding principle for developing DAF© has been to add value to the organization through the assessment by way of reviewing the strategy, processes, implementation including technology solutions deployed – through rating arrived for each of the identified criteria. The Framework emerged out of the findings from our security surveys that were based on detailed questionnaires. We also analyzed the responses of companies to our rather elaborate questionnaires that we had designed for the DSCI Excellence Awards. It was interesting to observe the emerging pattern, which provided clues to light-weight assessment. The assessment process would lend itself to self-assessment by organizations; with additional confirmation by a third party using a little more inputs. This can act as a quick guide to confirm the security posture.