Cantium Business Solutions

ServiceNow Implementation

Phased or big-bang implementation of the ServiceNow Enterprise Cloud Platform for new customers of ServiceNow. Design workshops. Requirement (story) capture under an Agile project framework. Process definition and documentation. Transformational best practice. Configuration of the route to live instances. Promotion of configuration into Production in line with customer's change process


  • ServiceNow IT Service Management implementation
  • ServiceNow IT Operations Management implementation
  • ServiceNow HR Implementation
  • ServiceNow CSM Implementation
  • ITIL v3 modelled ITSM process transformation


  • ServiceNow SaaS delivers enterprise level class leading ITSM/ITOM, HR, CSM
  • ISO27001 accredited organisation
  • Leverage all the benefits of the ServiceNow enterprise cloud platform
  • A fully project managed implementation
  • Technical development expertise on the ServiceNow platform
  • ITILv3 Expert accredited ITSM process transformation
  • Accesses global technical talent pools, avoiding local ServiceNow resource shortages
  • Link and liaise with 3rd parties


£295 to £950 per person per day

  • Education pricing available

Service documents


G-Cloud 11

Service ID

2 7 3 0 2 4 4 9 7 5 1 2 0 5 0


Cantium Business Solutions

Bids Cantium


Service scope

Software add-on or extension
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
Customer must have purchased ServiceNow licences from ServiceNow or from a registered ServiceNow sales partner. Cantium can facilitate this if required
System requirements
Client must own ServiceNow enterprise licences

User support

Email or online ticketing support
Email or online ticketing
Support response times
P1 - Entire site/multiple site outage: Network, Telephony or Internet Target Response - 20 Minutes Target Resolution - 6 Hours P2 - Critical Support Incident, Service Affecting over 50% users down Target Response - 1 Hour Target Resolution - 10 Hours P3 - Urgent support incident, service affecting more than 1-50% of users Target Response - 1 Working Day Target Resolution - 3 Working Days P4 Target Response - 1 Working Day Target Resolution - 4 Days Support incident, single user down P5 - Non-service affecting fault Target Response - 2 Working Days Target Resolution - 5 Working Days
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
We provide a standard support service delivering to the following SLA: P1 - Entire site/multiple site outage: Network, Telephony or Internet Target Response - 20 Minutes Target Resolution - 6 Hours P2 - Critical Support Incident, Service Affecting over 50% users down Target Response - 1 Hour Target Resolution - 10 Hours P3 - Urgent support incident, service affecting more than 1-50% of users Target Response - 1 Working Day Target Resolution - 3 Working Days P4 Target Response - 1 Working Day Target Resolution - 4 Days Support incident, single user down P5 - Non-service affecting fault Target Response - 2 Working Days Target Resolution - 5 Working Days Onsite support may be required with response times varying depending on location and priority level
Support available to third parties

Onboarding and offboarding

Getting started
This is a professional services engagement to implement third party software (ServiceNow). ServiceNow platform training and documentation is available and can be arranged in line with your requirements. As part of the implementation we will highlight and address all user (operator) learning requirements and complete full operational readiness to ensure your organisation is prepared for go-live.
Service documentation
Documentation formats
  • PDF
  • Other
Other documentation formats
  • Word
  • Hard copy
End-of-contract data extraction
This is provided in an agreed format at the end of the contract through our established off boarding process.

The data is usually provided in excel format as standard although other formats may be available upon request.
End-of-contract process
Following notification of cancellation we will engage with the customer to confirm the termination date and agree timeframes for supplying the customers information to them.

If additional/bespoke reporting requirements are requested this would be costed on a POA basis and provided as required.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Designed for use on mobile devices
Service interface
Customisation available
Description of customisation
Best practice is not to "customise" the ServiceNow platform but to "configure" it to model your organisation's processes. Cantium will work with your organisation to understand your processes (and help improve where recommended) and identify all configuration to support the new processes. This configuration set will be delivered in line with your priorities via Agile as part of the overall project scope.


Independence of resources
We operate robust contingency and workforce plans to ensure peak demand is covered.

Customer usage and staff time is recorded and analysed to ensure effective workforce planning is undertaken in advance.

Our workforce is multi-skilled and trained to provide support where required at peak times to enable us to meet customer demand.


Service usage metrics


Supplier type
Not a reseller

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Other
Other data at rest protection approach
We do not encrypt customer information at rest as standard although this can be offered as a separate service on request by the customer at an additional charge
Data sanitisation process
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Users can export their data via a standard reporting suite accessible via the manager self service portal.

Reports are previewed via the browser before being downloadable in excel format.

Custom/bespoke reports can be created to customer specification however these would incur additional development costs.
Data export formats
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
ServiceNow commits to 99.8% monthly availability for customer live environments but typically achieves over 99.99% . Their High Availability design covers the whole ServiceNow platform and application layers.
Approach to resilience
Both the ServiceNow data centres and their SaaS infrastructure operate as high availability. The buyer's live environment data is held across paired data centre instances which are aligned via asynchronous database replication techniques. This is an Active/Active set up. Continuous asynchronous replication is maintained from the primary (read-write) to the secondary (read-only).
Outage reporting
Incident tickets, requests and queries can be raised to ServiceNow via their HI portal. However there are no SLA resolution commitments only response commitments.

Cantium offers a Service Desk service enabling incidents, requests, off-catalogue chargeable services and other requirements to be requested and managed under full and competitive SLAs.

Identity and authentication

User authentication needed
User authentication
Username or password
Access restrictions in management interfaces and support channels
Access is password protected with dedicated usernames and passwords issued to key personnel only.

Users can only reset access via the support helpdesk where additional information is required before access is provided.

Cantium's systems are password protected and accessible only via our secure network or via 2 factor authentication into a secure VPN when working outside of our network.
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
British Assessment Bureau
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications
Any other security certifications
Cyber Security Essentials

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
This is available on request

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
We follow an ITIL framework best practice approach in regards to configuration and change management. We are ISO27001 accredited and our procedures meet all the requirements needed to fulfil this obligation.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Infrastructure within the datacentres are regularly scanned using QuallysGuard. Authenticated scans on servers are performed to identify vulnerabilities and required patches.

The infrastructure running the services is patched as required in the quarterly maintenance windows. Systems are regularly scanned by Qualys suite to ensure all devices are at the required patch levels
Annual CREST penetration test of the software, hosted service and corporate network.
Protective monitoring type
Protective monitoring approach
We have a dedicated Network Security team who work in collaboration with our 3rd party hosting provider to monitor infrastructure in our networks.

Our processes meet all of the requirements needed to fulfill our obligations for ISO27001 accreditation and are based on ITIL best practice.
Incident management type
Supplier-defined controls
Incident management approach
This is based on ITIL best practice and adheres to all of the requirements needed to meet ISO27001 accreditation.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks


£295 to £950 per person per day
Discount for educational organisations
Free trial available

Service documents

Return to top ↑