G-Cloud 11 services are suspended on Digital Marketplace

If you have an ongoing procurement on G-Cloud 11, you must complete it by 18 December 2020. Existing contracts with SyntheSys are still valid.
SyntheSys

cloudbaSE Validation Management

SyntheSys cloudbaSE Validation Manager (VM) facilitates management of testing and validation, transforming the way teams work together to deliver quality across the systems engineering life cycle from requirements capture, verification, validation to deployment utilising the IBM Rational toolset.

Features

  • Customisable Test Plans
  • Test cases linked across engineering lifecycle
  • Real time project metrics
  • Author and execute manual test scripts
  • Launch automatic test execution tools

Benefits

  • Automate your Validation Management & test procedure.
  • Track, schedule and execute tests more effectively.
  • Increased team visibility.
  • Enhances manual test authoring procedure.
  • Automate your Validation Management & test procedure.

Pricing

£900 a user a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mark_williamson@synthesys.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 11

Service ID

2 9 2 2 4 2 2 7 0 0 5 2 2 5 1

Contact

SyntheSys Mark Williamson
Telephone: 01947 821464
Email: mark_williamson@synthesys.co.uk

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
CloudbaSE Design Manager, CloudbaSE Requirements Manager, CloudbaSE Project Manager
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
The Hosting service is subject to planned maintenance to ensure an optimum service. Any planned maintenance will be announced in advance and scheduled for minimum disruption to the service.
System requirements
  • Application licensing can be rented through the service.
  • Clients can bring their own (BYO) licensing to be hosted
  • Options for Bare metal, private and public virtual servers
  • Anti-virus and intrusion detection services are available
  • Hardware or software firewall
  • Back up and disaster recovery options

User support

Email or online ticketing support
Email or online ticketing
Support response times
Monday - Friday 0900 - 1700
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
SyntheSys provide level 2 support to the hosted applications in the cloud environment in accordance with a Service Level Agreement (SLA).
SyntheSys will deploy the Cloud environment and also the application layer providing support to users along with training if requested in the operation of the solutions.
Day to day operational support is covered by the monthly rental. Additional support, outside the scope of the SLA, can be provided upon request in accordance with the rate card supplied.
Each client will be provided with a technical account manager as their point of contact.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
CloudbaSE Services is our tailored model, which gives you access to our expert consultants and architects in the deployment, maintenance, enhancement, and support stages of your CloudbaSE project.

We understand that value delivery from your CloudbaSE project is your priority. Our training and consultancy services allow you to release this value quickly and seamlessly. We offer a range of different services to support your system integration and process delivery.

We have a proven track record of providing training and consultancy services across technical, financial, and government organisations and we are proud of the quality of these services. We can assist in the following areas:

•CloudbaSE set-up.
•Staff training and development.
•Maintenance.
•Enhancements.
•Ad hoc support.
Service documentation
No
End-of-contract data extraction
The termination element of our service ensures your data is safe, secure and complete. We will provide you with a full copy of your data upon request when the contract ends.
End-of-contract process
We aim to leave a positive lasting impression with all of our Clients. The termination element of our service is included in the price and ensures your data is safe, secure and complete and we will back up your full database and give you unrestricted access to your archive or destroy it as you wish.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Firefox
  • Chrome
Application to install
No
Designed for use on mobile devices
No
Service interface
No
API
No
Customisation available
Yes
Description of customisation
The IBM CLM software is fully configurable to user requirements.

Scaling

Independence of resources
Each client is set up in a new virtual machine environment. Performance is scaled on each individual instance to ensure performance is not compromised

Analytics

Service usage metrics
No

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
IBM

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
Never
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
SyntheSys will support the client in the export or reporting of data held within the application
Data export formats
  • CSV
  • Other
Other data export formats
  • HTML
  • PDF
  • Word
Data import formats
  • CSV
  • Other
Other data import formats
  • Word
  • RTF

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
The service level agreement is contained within Schedule 1 of the SyntheSys SaaS Terms in conditions. SyntheSys shall use all reasonable endeavours to ensure platform is available 99% during each calendar month, subject to scheduled maintenance.
Approach to resilience
This data is available on request. It is managed by IBM as the IaaS provider.
Outage reporting
Outages on the environment are provided to SyntheSys by email. These will be passed on to the client.

Identity and authentication

User authentication needed
Yes
User authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
The hosted applications are configured by user role providing discrete access restrictions to specific areas of functionality
Access restriction testing frequency
Less than once a year
Management access authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Coalfire ISO
ISO/IEC 27001 accreditation date
15/04/2016
What the ISO/IEC 27001 doesn’t cover
The ISO/IEC 27001 certification is provided by SoftLayer, an IBM company. We are unaware of what, if anything, is not covered by this certification.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes
SyntheSys has a security officer responsible for the management, isolation and dissemination of data within our business and clients.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Configuration and change management of the IaaS is managed by IBM's processes and provided as standard. We do not have details of these processes.
In addition, SyntheSys are subject to ISO 9001 Quality certification and as such have processes in place for configuration and change management of service components.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Vulnerability management of the IaaS is controlled by IBM's processes and provided as standard. We do not have details of these processes.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Protective monitoring of the IaaS is managed by IBM's processes and provided as standard. We do not have full details of these processes.
However, intrusion detection is active on the Virtual machine and is monitored by IBM for action.
Incident management type
Supplier-defined controls
Incident management approach
Incident management of the IaaS is managed by IBM's processes and provided as standard. We do not have details of these processes.
Users report incidents they identify via their technical account manager.
Incidents on the hosting environment will be communicated to any user or client affected as they arise.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£900 a user a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mark_williamson@synthesys.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.