In order to prove the consistency of our processes with the best domestic and international standards, Intesa Sanpaolo obtained various types of certification from recognised external organisations.
SCOPE OF APPLICATION
International standard dedicated to the integration of corporate social responsibility in business practice. These are not certifiable guidelines, in keeping with the concept of responsibility that does not provide obligations but guidance. The areas covered by ISO 26000 are: organisation governance, human rights, workers’ protection, environment, fairness in operating practices, customer issues, community involvement and development
Certification relating payment card data security for Setefi systems managed by Intesa Sanpaolo Group Services
Development, delivery and management of applications by Risk Technology group, in support of business processes managed by the Market Risks and Financial Evaluation Unit of the Risk Management Department
This initiative aims at supplying clients with simple and reliable tools that make it easier to understand banking products and to compare offers from various banks enabling them to choose the product most suited to meet their needs. In this way clients, who become more conscious, can take on a more active role in their relations with the bank. For information on the various agreements and certifications of the banks in the Group please consult the following site: www.pattichiari.it
* certification initially standard ISO/IEC 27001:2005, upgraded to version 2013
In addition to the certifications listed above, there are two other areas which, while not having a certificate issued by an independent body, are in any case subject to conformity assessment ("self-certification") conducted by the Planning and IT Security Standard Unit in compliance with international standards of reference:
TARGET 2: is the technical platform for the Europagamenti, launched in November 2007. The Critical Participants (including Intesa Sanpaolo) have a commitment to self-certify annually that the security of TARGET2 infrastructure is aligned with ISO / IEC 27002:2005 standard;
CAI: the Banca d’Italia regulation requires that the Banks must ensure the security of the computer archive, called Centrale d’Allarme Interbancaria (Interbank Alarm HEADQUARTERS); this result is obtained through the verification of compliance of the archive with the standard ISO / IEC 27002 : 2005.