Computacenter (UK) Ltd

Computacenter - Software Lifecycle Services

Computacenter's Software Lifecycle Management (SLM) services enables customers to gain visibility of software assets to drive control, reduce risk, identify cost savings and enable better investment decisions. We have developed a broad set of tactical solutions and a fully outsourced SLM service to support customer’s in the transitional journey.

Features

  • Renewals portal
  • Integration with existing tools
  • Visibility
  • Control

Benefits

  • Cost Savings
  • Control
  • Visibility
  • Efficiencies
  • Enhanced investment decisions
  • Reduced risk

Pricing

£5500 per unit

Service documents

G-Cloud 10

277169327803607

Computacenter (UK) Ltd

Frameworks Team

+44 (0) 1707 631000

government@computacenter.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints N/A
System requirements N/A

User support

User support
Email or online ticketing support Email or online ticketing
Support response times As defined by agreed SLAs
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels As defined by agreed SLAs
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Provide a one off vendor baseline or a monthly reconciled licence position for selected software vendors deemed as in scope.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction N/A
End-of-contract process At the end of the contract between Computacenter and the customer where the customer does not wish to renew or extend the existing agreement, then the customer will be returned all data in either XLS or CSV format.  Should the customer wish to migrate the data onto a locally installed software asset management solution, then Computacenter can provide additional project services as a chargeable option.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices No
Accessibility standards None or don’t know
Description of accessibility N/A
Accessibility testing N/A
API No
Customisation available Yes
Description of customisation This will be defined and agreed in workshops with Customer and Computacenter representatives

Scaling

Scaling
Independence of resources N/A

Analytics

Analytics
Service usage metrics No

Resellers

Resellers
Supplier type Reseller providing extra features and support
Organisation whose services are being resold N/A

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach N/A
Data export formats Other
Other data export formats N/A
Data import formats Other
Other data import formats N/A

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability As defined by agreed SLAs
Approach to resilience As defined by agreed SLAs
Outage reporting N/A

Identity and authentication

Identity and authentication
User authentication needed No
Access restrictions in management interfaces and support channels When a user is set up, they are assigned a role. You can use system default roles or create bespoke roles. Each role then has a specific set of activities that they can perform. This is controlled by our Administrator of which there are normally 2. A formal approved request is required prior to any changes being implemented.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information No audit information available
Access to supplier activity audit information No audit information available
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 BSI
ISO/IEC 27001 accreditation date 28/05/2016
What the ISO/IEC 27001 doesn’t cover Our ISO/IEC 27001 certification covers all our managed service people, processes and IT systems. The areas of our business not covered are those that fall outside the following:
The scope of Certificate number IS 516767 is for the Group Information Security Management System in relation to UK based Information Services Division encompassing datacentre, telephony, system development, implementation, operations, administration and maintenance functions for Computacenter Group Systems, UK Corporate IT Systems and Customer Facing IT Systems including the Managed Services – Service Management Tool Suite (SMTS). This is in accordance with the Statement of Applicability v4.0 dated 10/02/2016.
The scope of Certificate number IS559935 is for the protection of Computacenter and customer information that is accessed, processed or stored by personnel of the Service Operations Division Operational Support and Data Centre Services teams. This is in accordance with the Statement of Applicability v6.5 dated 19/07/2016.
The scope of Certificate number IS 621751 is for protection of information that is accessed, processed or stored by personnel providing Computacenter contracted Desktop Infrastructure Services including Service Management, ITIL Service Lines, Supply Chain Services, Service Operations Engineering Support, Project Support and Operational Security.
This is in accordance with the Statement of Applicability v3.4 dated 09/11/2015.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification GemServ
PCI DSS accreditation date January 2017
What the PCI DSS doesn’t cover Only the data centres for the specific controls of Requirements 9 – Restrict physical access to cardholder data and 12 - Maintain a policy that addresses information security for all personnel of PCI DSS v3.1, which is not relevant for this service.
Other security certifications Yes
Any other security certifications Various which can be discussed

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes The Group ISMS contains a consistent security assurance framework and accompanying baseline set of Information Security Policies that are to be used throughout the Computacenter Group.
Information Security Policies define the minimum security standards for the Computacenter Group. They consist of technical, procedural and staff behavioural rules that work in concert to preserve the security aspects of Computacenter IT Systems and the information that they process.
The Group ISMS Information Security Policy set is divided into categories covering topics such as Information Security Management, End-user responsibilities and Acceptable Usage plus technology specific security requirements.
An 'Acceptable use Policy' (AUP) document is included in the Policy set, as a minimum, which must be read and understood, for ensure employee’s know their obligations and comply with this and any other Security Policies that relate to their role in the organisation.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Our Group Change Management service is based on ITIL best practice and has the primary objective of protecting the client production services from outage and disruption resulting from change. Our Group Change Management team acts as the primary interface for the client to control changes to IT Infrastructure. The process is applied and governed to ensure that changes are recorded, evaluated, prioritised, planned, tested, authorised, implemented, documented and reviewed in a controlled manner with minimal or no disruption to the service.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We have in-house vulnerability management processes to cover scheduled and ad-hoc scanning, identification, notification, remediation and reporting. Customer specific programs are also deployed.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Our protective monitoring processes are based and run in accordance with the service and customer requirements.
Incident management type Supplier-defined controls
Incident management approach Our incident management processes are based on the requirements of each service and interface with our customer, as required by the contract

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £5500 per unit
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑