Bramble Hub Limited

Bramble Hub Aspire - Align Digital PMO

The Align Digital PMO enables an organisation to enhance their portfolio and/or programme and/or project delivery through a cloud based framework which acts as a self-service virtual Portfolio/Programme/Project Management Office ('PMO')

Features

  • A cloud-based site under the domain alignframework.com
  • A framework with technique pages
  • Document store
  • Portfolio, programme or project lifecycle guidance

Benefits

  • Improve your project management performance
  • Reduce the cost of your training
  • Learning in byte sized chunks will improve knowledge retention
  • Multi-platform format means you can learn anywhere, anytime
  • Fully supported by our course management team
  • Easy structure enables you to structure your learning
  • Availability 24/7 puts you in control
  • Example papers help you prepare fully for the exam

Pricing

£5000 per licence per year

Service documents

G-Cloud 11

263535854354571

Bramble Hub Limited

Roland Cunningham

+44 (0) 2077350030

contact@bramblehub.co.uk

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Planned maintenance means any pre-planned maintenance relating to framework content or any known critical updates that we schedule. The customer will be receive notification of any planned maintenance, which must be completed during normal working hours, at least 48 hours in advance.
System requirements Browser and internet connectivity

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Support from Aspire will be available Monday-Friday between the hours of 9am-5pm UK time (not including bank holidays). Issues are taken very seriously and given paramount priority. They will be acknowledged via email within 2 working hours and aimed to be resolved as quickly as our best endeavors.
This support is in place for as long as the customer has annual maintenance cover.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Please refer to the Service Definition Document for more information.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Please refer to the 'on-boarding process' with the Service Definition Document
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats
  • Doc
  • Xls
End-of-contract data extraction At the end of any agreement with a Customer, Aspire would export a MySQL database of the data input by the customer. The database would then be deleted from our server. Backups of the Customer’s databases would be stopped on the date of termination.
End-of-contract process The off-boarding procedure consists of receiving written confirmation that the framework is to be removed, revoke general access to the site, ensuring any sensitive guidance held by the framework is returned to the relevant contact in the organisation, confirm that the framework is no longer required and should be closed. Aspire Europe will close the framework. This can take up to 2 weeks.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices No
API No
Customisation available Yes
Description of customisation Align allows the Customer’s Align Administrator to customise the following elements:
i. Title, colour, number of and location of process groups
ii. Title, colour, number of and location of processes
iii. Title, colour, number of and location of milestones
iv. Title, colour, number of and location of tasks
v. Guidance as part of processes, milestones or tasks
vi. Add, edit or remove Documents (templates, how2guides or customer specific documents)
vii. Add, edit or remove Links
viii. User accounts

Scaling

Scaling
Independence of resources The service availability of the Data Centre (Memset) used by Aspire is 99.95% 24 x 7 x 365.

Analytics

Analytics
Service usage metrics Yes
Metrics types Real-time web analytics that show users usage and journeys of the the site.
Reporting types
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Aspire will provide a copy of a customer’s database within 10 working days on request. Aspire will remove any data from the customer database upon receipt of an official request to do so.
Data export formats
  • CSV
  • Other
Other data export formats SQL
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network Memset the server hosting company are ISO9001, ISO27001 and ISO14001 accredited and are recognised G-Cloud suppliers themselves.

Availability and resilience

Availability and resilience
Guaranteed availability The service availability of the Data Centre used by Aspire is 99.95% 24 x 7 x 365.
Approach to resilience The data provided by our product is hosted by the UK server ‘Memset’ which stores its data in two UK sovereign data centres. This company provides the highest degree of fault tolerance, data durability, resilience against disk failures, regular maintenance to critical systems, gigabit fibre between the two data centres providing a bomb proof resilient system ensuring no single point of failure.

The servers are backed up on a daily basis using a secure service provided by our server hosting company. In the unlikely event of disk failure, recovery of data would take no more than 1 working day. A copy of the customer individual database is also made on a daily basis. Therefore, it is possible to roll back to the database of the previous day. This recovery may take up to 1 working day.
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Administration access to management interfaces is only given to Aspire Europe staff, and requires username and password authentication.
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials Plus

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards Cyber Essentials Plus
Information security policies and processes Cyber Essentials Plus

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Memset the server hosting company maintains an extensive policy and control set to manage the security, privacy, quality and environmental impact of our operations and services. An overarching integrated Compliance Management System is supported by an ISO27001:2013 accredited ISMS, ISO14001:2105 EMS and an ISO9001:2015 QMS. Additional PSN CoCo and PCI-DSS Merchant and Service Provider controls over and above ISO27001 requirements are managed from within these standards.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Memset has continually evolving controls in place to reduce the risk of cybersecurity attack on our network, infrastructure and personnel and to protect us from risk of compromise via our systems.

Tools include intrusion detection systems, strong network security and audit controls, privileged user access control systems to manage our system administrator access to customer solutions and regular security testing.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Memset has continually evolving controls in place to reduce the risk of cybersecurity attack on our network, infrastructure and personnel and to protect us from risk of compromise via our systems.

Tools include intrusion detection systems, strong network security and audit controls, privileged user access control systems to manage our system administrator access to customer solutions and regular security testing.
Incident management type Supplier-defined controls
Incident management approach Memset maintains an integrated Incident Management system based on ISO 27001:2013 requirements and ITIL processes for all internal minor and major incidents. These processes interact with any further chance or problem management processes required on a case-by-case basis.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £5000 per licence per year
Discount for educational organisations No
Free trial available Yes
Description of free trial A limited free service is provided through the provision of the Align demo site. Access is available to evaluate the system, please contact us for more information.
Link to free trial https://demo.alignframework.com/welcome.php

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑