eTST™ manages the production, allocation, tracking and completion of test scripts. This is achieved by maintaining all scripts within a single repository, in a consistent format and ensuring that project members conduct testing within the prescribed process. Enforcing a standard testing approach is vital to successful project delivery.
- Monitoring of project performance
- Planning, resource allocation and scheduling
- Real time reporting and validation
- Integrated Egress solution or licence for use
- Best practice, industry standard techniques
- Repeatable solutions for any and every project
- Support and ongoing maintenance
- Issues Management
- Test script management
- Enforce best practice
- Reduce time and significant cost
- Improve planning and resource allocation
- Provide real time monitoring of progress
- Reduce timescales and project risk
- Improve effectiveness of testing
- Increase confidence in testing outcomes
- Improve reporting
- Reduce downstream risks
£875 to £2300 per licence per month
Egress Group Ltd
|Software add-on or extension||No|
|Cloud deployment model||Hybrid cloud|
|System requirements||No specific requirements|
|Email or online ticketing support||Email or online ticketing|
|Support response times||4 hour response, Mon to Fri (excl UK public holidays), between 8:30am and 4:30pm.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Single level of support provided.
Support provided via email, telephone and online facilities.
"Support tickets" will be allocated to a team of technical support engineers, with escalation to the Support Manager.
Cost of support is included in cost of software use.
|Support available to third parties||Yes|
Onboarding and offboarding
Online user guides and tutorials are provided.
On-site training can be arranged, if required.
|End-of-contract data extraction||We provide a standard set of extract files.|
Data extract files are provided to customer.
Service is terminated and all user access disabled.
All data is destroyed.
Using the service
|Web browser interface||No|
|Application to install||No|
|Designed for use on mobile devices||No|
|Accessibility standards||None or don’t know|
|Description of accessibility||
Increase/decrease font sizes, from 100% to 200%.
Colour is not used as a visual means of conveying information.
Audio is not used as a means for conveying information or prompting the user to take any action.
Clear labels are provided when content requires user input.
Any items in in error are identified and the error is clearly explained.
No controls flash.
|Independence of resources||Automatic monitoring, load balancing and infrastructure scaling.|
|Service usage metrics||No|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||In-house|
|Protecting data at rest||Physical access control, complying with SSAE-16 / ISAE 3402|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||The software contains export routines.|
|Data export formats||CSV|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
Detailed SLAs are agreed with the customer at point of contract negotiation.
As a standard, service availability is guaranteed at 99%, during core business hours (08:30-16:30).
|Approach to resilience||Available on request.|
|Outage reporting||Public dashboard|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||Role Based Access Control is employed.|
|Access restriction testing frequency||At least once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||No audit information available|
|Access to supplier activity audit information||No audit information available|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||No|
|Security governance certified||No|
|Security governance approach||Internal security policies, procedures and training.|
|Information security policies and processes||
Internal policy and procedures are followed. These are available on request.
The policy dictates Account and Password management requirements; Data handling procedures and Responsibilities; and Employee responsibility and issue escalation.
The Egress security policies are disseminated to staff via internal training and any Information Security concerns are raised via the internal service desk software and escalated to the Operations Director for immediate review. Egress management reserve the right to conduct an internal audit on projects to ensure that best practice is being followed and policy is being adhered to.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
Software versioning tools are employed.
A document management system is used to archive all version of system documentation.
There is an internal Change Control policy (available on request).
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
As part of pre-implementation testing, a risk assessment is conducted and reviewed, with any vulnerabilities addressed.
Non urgent software patches are released as scheduled upgrade. Any urgent software updates are applied as soon as regression testing is completed and in conjunction with the customer.
Potential threats are either identified via a risk assessment process or via the service support helpdesk.
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||
Compliance with the ISO-27001 information security standard.
In addition to our ISO-27001 compliance, and our use of independent 3rd party penetration tests, we operate an assumed breach model and use active red-team penetration testing and vulnerability management as part of our Operational Security Assurance (OSA).
Any potential compromise follows internal policy.
|Incident management type||Supplier-defined controls|
|Incident management approach||
Incidents are reported by email, phone or via our online support desk system. The status and updates on progress of incidents (or linked groups of incidents) can be accessed online with updates provided as per the SLA.
Issue resolution is supported by internal documentation and Knowledge Base for resolution of common problems. This documentation is reviewed by the service desk management.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||Yes|
|Connected networks||New NHS Network (N3)|
|Price||£875 to £2300 per licence per month|
|Discount for educational organisations||No|
|Free trial available||No|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|