G-Cloud Framework. Page 1. Document for Service Definition Audit management System. In response to G Cloud 6 Requirements



Similar documents
G-CLOUD FRAMEWORK SERVICE DEFINITION. Kofax Model Office Bundle Proposal ISSUE 1

PAAS Public Sector Managed Services

Marval Software Limited. G Cloud iii Framework Service Definition

Execview Outsourced Services Management

StratusLIVE for Fundraisers Cloud Operations

SmartImpact MS Dynamics CRM. Support Service Definition

Service Definition Nine23 MDM

G-CLOUD FRAMEWORK SERVICE DEFINITION. Microsoft Cloud Business Applications

G-CLOUD IIII FRAMEWORK SERVICE DEFINITION: SCHOOLS HOSTED SERVICE FOR SIMS

G-CLOUD FRAMEWORK SERVICE DEFINITION. Envault Data Protection Service Suite - Cloud Data Storage Protection

Tactical Cost Reduction

Agilisys G-Cloud Service V

Execview Project Portfolio Management

Software as a Service (SaaS) Online HR

SFW CRM for Stakeholders - MS Dynamics CRM

SERVICE DEFINITION DOCUMENT MANAGEMENT IN THE CLOUD

1 ForestSafe SaaS Service details Service Description Functional Non Functional

Documentum Document Management in the Cloud Service Definition

G-Cloud Service Definition. Atos Information Security Wireless Scanning Service

THOMSON REUTERS C-TRACK E-FILING SOFTWARE AS A SERVICE SERVICE DEFINITION FOR G-CLOUD 6

G-Cloud 6 SERVICE DEFINITION

Service: Contract Management (Software as a Service)

Firewall Administration and Management

GPG13 Protective Monitoring. Service Definition

INFORMATION ASSURANCE

Solution Overview. Our Solution employs two tiers of storage aligning costs of storage with the changing value of data over time.

Dropbox for Business. Secure file sharing, collaboration and cloud storage. G-Cloud Service Description

Service Management and ICT Monitoring and Reporting Advisory and Implementation Services

GPS G-Cloud Lot 4: Oracle Business Intelligence Cloud Consultancy Service Definition

Lot 4 Service Specification BUSINESS PROCESS MANAGEMENT (BPM) PROFESSIONAL SERVICES

Neocol E-Discovery Consulting Services

Cloud Brokerage. G-Cloud Service. Arcus Global

Lot 1 Service Specification MANAGED SECURITY SERVICES

G-Cloud 7 Service Definition. Atos Oracle Cloud ERP Implementation Services

Software Development for Cloud Implementations - Service Definition

Service Definition MMaaS Mobile Device Management. G- Cloud VII. Service Definition Nine23 MMaaS Mobile Device Management

Spektrix Service Definition

Open Source Sales Force Automation (SFA) in the Cloud SaaS

PSN Protective Monitoring. Service Definition

Big Data Analytics Service Definition G-Cloud 7

Specialist Cloud Services. Acumin Cloud Security Resourcing

Azeus Convene Paperless Board and EXECUTIVE Meetings

Methods - EpheSoft Intelligent Document Scanning Cloud Consulting Services Ixxus

GCloud Application Development Service Definition. Application Development

IPL Service Definition - Master Data Management for Cloud Related Services

RESPONSE TO RFP COMMITTEE MANAGEMENT SOFTWARE SOLUTION. Prepared for Brigham Young University. April 21, 2015

MDM & ENTERPRISE MOBILITY SERVICE DESCRIPTION G-CLOUD 7 OCTOBER 3, 2015

Amazon Relational Database Service (RDS)

ArcGIS Online School Locator

Service Definition Easysite Web CMS

Specialist Cloud Services Lot 4 Cloud EDRM Consultancy Services

Business Process Approval Workflow Manager. Services Definition Document

Secure Remote Backup (IL3) G-Cloud Lot3 IaaS

G-Cloud 6 brightsolid Secure Cloud Servers. Service Definition Document

Service Definition Document

G-Cloud Service Definition. Atos Oracle Cloud ERP Implementation Services

G-Cloud Service Definition. Atos Rapid Pilot Mobile Application Development Service SCS

Service Definition The following section provides a summary overview of the hosted Microsoft Exchange solution.

2. Consultancy and Support

G-Cloud Service Definition. Canopy Remote Backup for Cloud SaaS

Involve Cloud Video Conferencing Service. VC:me (Video Conferencing: made easy) Service Definition

GiftWrap 4.0 Security FAQ

Platform as a Service

Hydrant E-Learning Management System (HELMS)

Client Security Risk Assessment Questionnaire

KeyLock Solutions Security and Privacy Protection Practices

RTS Communications G-Cloud Service Definition Video Conferencing as a Service (VAAS)

Amazon Compute - EC2 and Related Services

Project Management and Data Security

Legalesign Service Definition Electronic signature and contract management service

G-Cloud Service Definition. Atos infrastructure Vulnerability Scanning (Outpost24) SaaS

How To Use Egnyte

Specialist Cloud Services Lot 4 Cloud Printing and Imaging Consultancy Services

G-Cloud Service Definition. Canopy Remote Backup for Cloud SaaS

Application Management. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 05/02/2014. Classification: Open

Vodafone secure mail services

QAD CLOUD EDI PROGRAM DOCUMENT

Backup as a Service. Service Definition. G-Cloud VI. Information Security Management System

Transcription:

1 G-Cloud Framework Document for Service Definition Audit management System In response to G Cloud 6 Requirements 1

2 Table of Content Audit Management System Minimize the Risk 1.The Audit management System......... 2 1.1 Introduction... 3 1.2 Services Overview... 3 1.3. Information assurance... 4 1.4.. Backup/Restore and Disaster Recovery... 5 1.5 On-boarding and off-boarding... 5 1.6 Pricing... 6 1.7 Service Management Details... 6 1.8 Service constraints... 6 1.9 Service levels... 7 1.10 Financial recompense model for not meeting service levels... 7 1.11 Training... 7 1.12 Ordering and invoicing process... 8 1.13 Termination terms... 8 1.14 Data restoration / service migration... 8 1.15 Customer responsibilities... 8 1.16 Technical requirements... 8 1.17 Details of any trial service available... 9 1.18 Use of subcontractors and partners... 9 2. Quality assurance... 9 2

3 THE AUDIT MANAGEMENT SYSTEM Introduction: Audit Management System is perfect tool for risk management that helps minimize risk and gain maximum control over compliance. The System is easy to configure to suit the business processes of government organization. The system is scalable, agile yet flexible enough to match with work practice of government organization. Audit performing tool includes simple checklist and pre-loaded set of questions. The Audit performance tool comes with web and mobile version. So auditor can audit any department on the go. Once Audit is completed data can be synched with Cloud database. So the audit can be done offline as well where network strength is low or none at all. Audit system comes with bucket of other tools like Risk assessment, Corrective action preventive action, Team management, Task management, Skill management and collaboration, Document control and customer complain management. The system uses cloud database and it comes with configurable setup. Customer can design; define data collection forms to suit their business processes and day to day workflow. User management and hierarchy are also possible within setup and it is easy to manage as well. Service Overview: Risk Assessment: Map the processes of Organization Identify the Risk points or Hazards Create checklist for controlling Risk Audit Management: Perform internal audits Generate audit report in PDF, Excel and Word format Locate non-confirmations and expedite it by adding it to CAPA module Task Management: Manage team members List and Track member skills using Skill Matrix Create, manage and perform training in system Corrective action and preventive action: CAPA - Identify, eliminate or correct the re-occurrences of quality problems Form the team of problem solvers in Qsure system Perform Root cause analysis or containment process 3

4 Skill Management and Collaboration: Manage team members List and Track member skills using Skill Matrix Collaborate with team with notifications and email updates Document Control: Create, Manage and Track controlled documents Maintain version and change history of forms or documents as part of compliance requirements Reports: Generate reports for non-confirmations Generate reports for department performances Generate report to highlight Risks Information Assurance: At Niftysol we understand the importance of data and consider the data is the highest value for any organization. We take utmost care of data security and privacy. The data center complies with Data Protection Act 1998, Computer Misuse Act 1990, and Electronic Communications Act 2000 and other information acts applicable. The datacenter is managed and run by industry leader Rackspace Cloud data center. The data center from Rackspace is compliant with ISO 9001:2008 (Quality Management), ISO 27001:2005 (Information Security), ISAE 3402 Type II Service Organization Control (SOC3), PCI Data Security Standard (DSS), BS ISO 14001:2004 (Environmental Management) and BS OHSAS 18001:2007 (Occupational Health & Safety). The data center has all necessary facilities such as: HVAC (Heating Ventilation Air Conditioning) systems are N+1 redundant to ensure that, even in the event of an entire HVAC system failure; there is a duplicate system on standby to take over. All air is circulated and filtered every 90 seconds to remove dust and contaminants. An advanced fire-suppression system is in place to prevent any fire from spreading - in the unlikely event that one could start. Access is restricted by two-factor authentication including Biometric hand scanners. The data center is physically isolated from everyone but level three technicians. Public access is strictly forbidden. All entrances and common areas are monitored 24x7 via closed-circuit cameras. 4

5 Backup/Restore and Disaster Recovery: We use cloud data center of Rackspace - existing G cloud supplier. Service Level agreement with Rackspace assures security and privacy of all the files and databases. We provide complete backup, storage and retrieval services All backups follow certain automatic scheduling process. Staging servers are used for intermediary data processing. All servers are subject to backup and restore services with content restoration within 24 hours. If there is requirement. We can also increase the frequency and scope of data backup. On Boarding: Onboarding process Consist of three main areas: Consultancy: The consultancy phase includes discussion on how the system can be implemented to minimize the risk and complexity of data migration if any. This may include the assessment of existing business processes and technical workflow of existing system in place subject to pricing as described in RFIA document. A quick phone call and couple of meetings should be arranged at this stage. Customers are also expected to play around the existing system and familiarize with all the options available in system. Project management and Deployment: At end of the consultancy stage we will have clear guideline on how the project needs to be managed and deployed. We will implement the private cloud and start configuring the system as per the business logic. The customer can directly jump in with deployment stage and get early experience of the system. The feedbacks can be instantly taken care of to secure the usability of the system. Training and Support: In this phase the total focus will be on transferring the control of the system to customer s chosen team. The key person of the team will be trained to configure the system and maintain it for long term. Training and support may include user training, Administrator training, Champion user (trainer) training and detailed documentation to help each stakeholder. Off boarding: Provide full details of all of the processes that need to be followed with milestone. Provide complete backup all customer data. Data deletion and server close-down, and staff de-briefing process to be followed. 5

6 Pricing: As provided in nifty SFIA Rate Table.doc file Service Management Details Technical Scope: Datacenter is provided by Rackspace, an existing approved G-Cloud supplier. The service is operated and isolated in the UK. Backups are maintained at Rackspace s facilities in UK. While the application code resides in remote server, the data is fetched and presented to user with secure connection via secured internet session. The technical boundary of the service includes all aspects of it that are running on the data center, the remote data center, which contains a full copy of the environment and the secure copying procedure between the two data centers. It does not include the delivery of the service via the internet or its delivery via the customer s corporate network to end users PCs that are not subscribed to or agreed. Support Scope: All bugs and issues within the existing system with consideration of technical scope should be rectified. Any additional help to system administrator, users or Master user will be provided. Internet related issues, firewall and network issues at client end is not covered. General Support: Provision of remote administrative and application management services such as managed backup, database administration and data migration. Includes the provisioning, testing and deployment of security patches, service packs, upgrades and revisions. standard support operations is available Monday to Friday 08:30 to 17:30 Support through emails, phone and ticket system Max 24 hours timeline to respond to any issues during business days. Service Constraints: Planned Maintenance Planned Maintenance means periods of maintenance of which the customer has been given seven days prior notification by Licensor and which may cause disruption of Service due to non-availability of the specific service(s). Planned Maintenance shall not accumulate to more than eight hours per calendar month and in any case shall not take place between 08:00 and 18:00. Wherever possible, Planned Maintenance will be carried out without affecting the Service. This will generally be achieved by carrying out Planned Maintenance during periods of anticipated low traffic and by carrying out Planned Maintenance on part, not all, of the network at any one time. Data center provider - Rackspace server maintenance ensures that the latest security patches are installed as they're released 6

7 Emergency maintenance: We take care of all the preventive action, but should the need arise and if we have to do emergency maintenance, we will notify each stake holder on priority basis. Service Levels: Niftysol services are offered via the Cloud Store and comply with the GCloud VI framework terms and conditions. These GCloud terms and conditions are accompanied by our own Master Services Agreement, which has been made available on the Cloud Store Financial Recompense Model: All of our services will be measured in compliance with the GCloud VI framework terms and conditions. Any diminution of service away from the agreed Service Levels will be the subject of recompense in accordance with the GCloud VI framework terms and conditions. The performance measurement for each agreed Service Level (SLA) will be the aggregate of all events for that given SLA. Each month, each activity falling in an SLA category will be measured to determine if it has met the SLA target or not. The total number of missed events for the month will be subtracted from the total number of events for the month, and that result will then be divided by the total number of events for the month. The result will be expressed as a percentage. Where the measured service falls below the SLA, an agreed Service Credit will be payable. Training: As per our Standard support policy, we provide training for users, administrators and those performing train-thetrainer services. We have a pre-defined approach to knowledge transfer which maximises the skills transfer the client receives from working alongside our specialists Administrator Training: Training on adding new users to the system, routine management activities and monitoring, how to administer preventative measures. This will be achieved by selecting from the most appropriate approach i.e. workshops, e- learning, coaching; supported by training manuals. Master User (Train the Trainer): Skills and knowledge transfer on subjects such as lessons learned, best practice, how to address future requirements, how best to manage the system, project documentation. End user training: Training on the new system to ensure users had in-depth understanding in their respective functional areas of the new system. This will be achieved by selecting from the most appropriate approach i.e. classroom courses, e- learning, coaching; supported by training manuals and e-learning modules 7

8 Ordering and invoicing process: Clients will be expected to follow the GCloud VI ordering process as outlined in the Framework s Terms and Conditions. This will ensure that the scope, timeline and technical requirements are understood, agreed and can be delivered. Purchase order to commence a contract. Invoicing is in line with the agreed terms of the contract. The customer s initial payment shall consist of one of charges identified in the order. Termination Terms: Licensor expect a bi-lateral 1-3 month termination period, which means that either party can choose to terminate the contract. Both parties would comply with the governance arrangements set out in the GCloud Framework Agreement. Other reasons for termination, such as performance, breach of contract, default on payment, etc. would be expected to be dealt with as set out by the GCloud framework agreement s governance arrangements Data restoration and service migration When the decision has been taken to terminate the contract, Licensor will support all steps to restore the client s data and ensure successful migration of the service back to the client, or to an alternative third party service provider. Licensor will prepare an Exit Plan setting out the activities that need to be performed by each party, and the nature and required elements of termination assistance to be provided by us in the event of a termination notice being issued by the client. Licensor can confirm that we will purge and destroy all customer data from any computers, storage devices and storage media after the end of the subscription period. Consumer Responsibilities: Typically consumer responsibility includes providing a main point of contact, provision of working facilities, making staff available for training and workshops and project meetings, and timely approval and acceptance of all key deliverables. 8

9 Technical requirements: Internet enabled PC with internet browser. Supported browsers are IE, 9, 10, Google Chrome, Firefox, Safari and Opera. Detailed technical requirements, service dependencies and technical interfaces will be defined and agreed with the client at the project initiation stage. Details of any Trial service available: Limited trials may be available subject to negotiation. Any trial will be limited in functionality and serviceability. Data entered during Trial period may be deleted later. Use of subcontractors and partners These services are delivered by Sainath Solution Limited with support from Niftysol, division of Dasinfomedia Private Limited QUALITY ASSURANCE: The delivery processes used by us are ISO certified through an accredited ISO certifications agency. Operates a Quality Management System that is accredited to BS EN ISO 9001:2008. This defines a structured process by which all of our engagements are managed in the UK. The audits are done regularly for compliance. 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information