Infosys Limited

ITSM Solution and Tool implementation for Cloud Management

The Service is for IT Service Management - End to end management of IT services,infrastructure through single cloud based platform. ServiceNow IT Service Management (ITSM) helps in consolidate fragmented tools, legacy systems while automating service management processes. Simple to configure, fast to deploy, scalable.Our Services focus on RPA, Bots etc

Features

  • IT governance, risk & compliance
  • Demand management
  • Application Integration
  • Real time reporting
  • Self Service Portal
  • Performance Reporting
  • Notification & Alerts
  • User Friendly Interface
  • Knowledge Base
  • Data import/Export

Benefits

  • Reduced maintenance requirement
  • Improved Scalability
  • Single System of record
  • Improved Transparency
  • Automation of Manual efforts
  • Single tool across business services
  • Better productivity
  • User Friendly Interface
  • Easy Access
  • Reduced Cost

Pricing

£1100 per unit

  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

1 1 1 0 1 9 2 7 0 4 6 3 0 0 5

Contact

Infosys Limited

Manish Malhotra

+44 7958 024225

manish_malhotra@infosys.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Generally, ServiceNow covers almost all the areas in Service Management. But, we would like to understand the full requirements/landscape before confirming the same
System requirements
  • No, The service comes as "Software as a Service"
  • Where the software hosting is done by the vendor

User support

Email or online ticketing support
Email or online ticketing
Support response times
The incidents/Service Requests are responded based on the priority of the request. Usually there are 4 priorities P1, P2 , P3 & P4. P1 being the highest priority. The respond time to each of the priority requests are discussed and documented as per the requirements and them made part of the Service Agreement.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
ServiceNow does support the web chat functionality and it comes out of the box. Users can get web chat support anytime based on the support hours agreement.
Web chat accessibility testing
ServiceNow does support the web chat functionality and it comes out of the box. Users can get web chat support anytime based on the support hours agreement.
Onsite support
No
Support levels
ServiceNow support at Infosys mainly covers the Level 2 support where the incidents/requests are routed through Service Desk. The overall cost would be included in the overall deal level commercials but it mainly depends on the volume of tickets, user base and geography coverage.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Types of Trainings:

1. End Users/ Approver Training: Training for end users who would use ServiceNow tool for creating tickets, approving requests and checking status of their requests
2. Fulfiller Training: Training for end users who would work on fulfillment of services created for their groups. E.g. Service Desk teams. This includes super users as well within different groups
3. ServiceNow Admin Training: Technical ServiceNow training to users to enable them to perform admin activities, add catalog items and process templates, maintain foundation data and platform
4. Advanced ServiceNow training: Technical ServiceNow training for design and development of ServiceNow enhancements

Training Delivery Modes:

1. Classroom Training: In-person training for the users. Typically used for hands-on / technical trainings which involves simulation and use cases
2. Remote Training: Training via WebEx or other specific technologies
3. Open-Houses / Broadcast sessions: Sessions with large number of users. Usually used for functionalities overview (not to be used when collaborative discussions are required)
4. Train the Trainer: Training a set of super-users who further trains their teams
5. e-Learning: Online training content using multi-media techniques (online content and videos)
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Throughout the lifetime of subscription, data can be directly exported from the ServiceNow instance. This can be via the user interface, through integrations, or by using other ServiceNow components. We return all your data in an SQL dump format at the end of a contract. All hosted backed up data is automatically deleted and overwritten 45 days from the end of a contract.
End-of-contract process
This information will be covered at the deal level contract

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Yes. ServiceNow can work on both desktop and mobile.
Service interface
Yes
Description of service interface
Users will access the ServiceNow software through internet enabled devises as its Software-as-a-Service(SaaS) tool
Accessibility standards
None or don’t know
Description of accessibility
ServiceNow is a Software-as-a-Service(SaaS) tool accessed through the Internet
Accessibility testing
NA
API
Yes
What users can and can't do using the API
Yes, ServiceNow does have an API. Through this API the buyers can integrate ServiceNow with any 3rd party application if the API is supported
API documentation
Yes
API documentation formats
PDF
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
ServiceNow comes with loads of functionalities and features out of the box. However the buyer can customize ServiceNow based on the requirements.

Scaling

Independence of resources
A dedicated instance is provided to individual customer, which has no interference with any other instance.

Analytics

Service usage metrics
Yes
Metrics types
Standard service metrics are provided
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Form export
Export an individual record from the user interface. Choose PDF or XML format directly from a form.

List export
Export multiple records from the user interface. Choose CSV, Excel, PDF, or XML format directly from a list.

URL export
Export multiple records from a table using the CSV, Excel, PDF, or XML processor. Specify the table form or list you want to export in the URL.

Export sets
Create a file called an export set that contains all the data you want to export."
Data export formats
CSV
Data import formats
  • CSV
  • Other
Other data import formats
  • PDF
  • XML

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
ServiceNow Nonstop Cloud was designed to support the availability and scalability requirements of Global 2000 enterprises. We operate eight data center pairs for a total of 16 data centers across 4 regions to meet our customers’ location and data sovereignty needs. Each data center pair operates in an active-active mode
providing highly performant and available instances for our customers. Our data centers span five continents: Asia, Australia, Europe, North America, and South America.
Approach to resilience
ServiceNow Nonstop Cloud was designed to support the availability and scalability requirements of Global 2000 enterprises. We operate eight data center pairs for a total of 16 data centers across 4 regions to meet our customers’ location and data sovereignty needs. Each data center pair operates in an active-active mode
providing highly performant and available instances for our customers. Our data centers span five continents: Asia, Australia, Europe, North America, and South America.
Outage reporting
ServiceNow provides the industry’s only Real Availability Dashboard that shows availability of all your instances running in the cloud.

Identity and authentication

User authentication needed
Yes
User authentication
2-factor authentication
Access restrictions in management interfaces and support channels
"ServiceNow uses several different methods to restrict access.
Local database - The user name and password in their user record in the instance database.
Multifactor - The user name and password in the database and a passcode sent to the user's mobile device that has Google Authenticator installed. See Multifactor authentication.
LDAP - The user name and password in their LDAP account, which has a matching user account in the database. See LDAP integration.
SAML - The user name and password configured in a SAML identity provider account, which has a matching user account in the database. See SAML 2.0.
Access restriction testing frequency
Never
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
EU Safe Harbor Framework/U.S. – Swiss Safe Harbor Framework
ISO/IEC 27001 accreditation date
NA
What the ISO/IEC 27001 doesn’t cover
Yes, the Proposed Cloud Service Management tool - ServiceNow is compliant on following security requirements –
- Ownership and control of data remains with customer all the time
- Complies with U.S. – EU Safe Harbor Framework and U.S. – Swiss Safe Harbor Framework
- All Data Centers maintain SAS70/ SSAE16/ SOC1 Type II attestation and ISO/IEC 27001:2005 certified
- Annual Third Party Penetration Testing
- SSLv3, TLS1.0 or TLS 1.2 encryption while in Transit. AES128, AES256, or 3DES encryption at Rest
- NIST 800‐88 data destruction methods used while retiring Hard drives
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • ISO 27001:2013
  • SSAE 18 SOC 1Type II

Security governance

Named board-level person responsible for service security
No
Security governance certified
No
Security governance approach
Not Applicable in context to Service Management tool - ServiceNow. This would be answered at the overall deal level
Information security policies and processes
Not Applicable in context to Service Management tool - ServiceNow. This would be answered at the overall deal level

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
"The ServiceNow Change Management application provides a systematic approach to control the life cycle of all changes, facilitating beneficial changes to be made with minimum disruption to IT services. Change Management offers ITIL-aligned processes for normal, standard, and emergency change types.
Normal change
Normal change follows the complete change lifecycle including peer or technical approval, change management, and Change Advisory Board (CAB) authorization before being implemented, reviewed, and closed.
Standard change
Standard changes are often considered routine. This is a change that is frequently implemented, has repeatable implementation steps, is considered low risk, and has a proven history of success.
Vulnerability management type
Undisclosed
Vulnerability management approach
"ServiceNow uses the Vulnerability Response module to compare security data pulled from internal and external sources, such as the National Vulnerability Database, to vulnerable CIs and software identified in the Asset Management module. If CIs or software are found to be affected by a vulnerability.
It also views common weakness enumeration (CWE) records from the NVD to understand how they relate to the vulnerabilities (CVEs) identified in Vulnerability Response. As needed, Client can update your system from the vulnerability databases on an on-demand basis or by running user-configured scheduled jobs."
Protective monitoring type
Undisclosed
Protective monitoring approach
Not Applicable - ServiceNow integrates with monitoring tools to cover the Service management aspect of monitoring like automated ticket generation though alerts etc.
Incident management type
Undisclosed
Incident management approach
"The ServiceNow platform supports the incident management process with the ability to log incidents, classify according to impact and urgency, assign to appropriate groups, escalate, and manage through to resolution and reporting. Any ESS user can log in to an instance to record the incident and track it through the entire incident life cycle until service has been restored and the issue has been completely resolved.

Within the platform, incidents are handled with the task record system. Each incident is generated through a variety of methods as a task record, and populated with the pertinent information in individual fields.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£1100 per unit
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
We will be happy to arrange a demo of the solution and also consider a use case for POC based on business requirements

Service documents

Return to top ↑