Fincastle Partners

TBM Technology Business Management

Supporting clients to get started with TBM or realise the benefits of an existing TBM deployment in your organisation


  • Cost Transparency - IT cost reporting using ATUM
  • IT Financial Management - for budgeting and tracking
  • Cloud Cost Management - for AWS Azure etc.
  • Vendor Insights - supplier spend reporting and governance
  • IT Benchmarking - infrastructure benchmarking
  • IT Planning - service demand and project financial planning
  • Bill of IT - showback and chargeback automation
  • Business Insights - Infrastructure, Apps and SaaS analysis


  • Transparency and metrics to manage technology costs and performance
  • Fact-based decision making in line with business priorities
  • Regaining control of technology costs, with significant cost take-out
  • Accurate and faster budget and forecasting cycles (days, not months)
  • Metrics-driven performance-aware culture across IT and the business
  • Partnership between IT and Business to drive innovation and agility


£650 to £1395 per person per day

  • Free trial available

Service documents


G-Cloud 11

Service ID

3 2 7 2 4 5 9 9 5 2 3 4 7 2 8


Fincastle Partners

Rafil Khatib


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints None
System requirements None. Apptio SaaS solutions use standard internet browser access

User support

User support
Email or online ticketing support No
Phone support No
Web chat support No
Onsite support Onsite support
Support levels Our service packages provide support for scoping and implementation of TBM and Apptio SaaS solutions, configuration, in-life management and TBM Office as a Service. Services are priced on a bespoke basis, as required by the client
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Fincastle Partners, backed by Apptio UK technical support capability, provide a full range of getting started consulting, set-up, embedding and change management services to ensure successful TBM and Apptio delivery, including:
- Executive Value Workshops
- Business Value Discovery
- Proof of Concept
- Roadmap design and strategy
- Data quality and sources assessment
- Implementation and configuration
- KPIs, Reporting and communications
- Anlaysis, insight and recommended actions
- TBM best practice coaching and advisory
- User guidance and training, skills and knowledge transfer
- TBM Office as a Service or TBMO establishment
- Cost take-out and service optimisation support
- Programme management to ensure benefits realisation
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Details can be found on
Apptio collates, processes and transforms an organisation's existing data from in-house systems and sources. Any resulting analysis and data can be viewed via the Apptio SaaS service and in most cases data can be downloaded in standard formats.
End-of-contract process Depending on the scope of work, Fincastle Partners will deliver the agreed service. The objective will ultimately be to ensure the client is able to operate and manage their TBM and Apptio service independently once Fincastle Partnets have completed their work.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Apptio is accessible from mobile devices. Desktop/laptop screens provide a richer user experience.
Service interface No
Customisation available Yes
Description of customisation Apptio reporting studio allows for not only out-of-the-box persona designed reports but also the ability to fully customise in house-reports. Fincastle Partners are able to support fully with this capability or to provide training to client expert users to create reports, to the clients requirements.

The Apptio platform can be configured to work with an extremely wide variety of data sources within an organisation and to process and map costs and KPIs flexibly as applicable to the clients' specific requirements.


Independence of resources Apptio have highly scaled systems, currently supporting over 400 major organisations worldwide. Fincastle Partners are able to scale and manage the level of support provided to clients via a team of accredited associates and Apptio UK technical support teams as required.


Service usage metrics Yes
Metrics types Apptio provides a full spectrum of API and metrics through the SaaS platform, accessible by all users of the Apptio service within an organisation. Fincastle Partners are able to provide customised reports and cadence cycles as per client requirements.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Reseller providing extra features and support
Organisation whose services are being resold Apptio

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach See
Data export formats CSV
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • Any standard database or spreadsheet formats
  • For cloud data may be uploaded directly from cloud providers

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks Details can be found at
Data protection within supplier network Other
Other protection within supplier network Details of how data is handled within the Apptio SaaS platform can be found at

Fincastle Partners works with clients to ensure data is handled in accordance with their own data security policies and criteria.

Availability and resilience

Availability and resilience
Guaranteed availability Details can be found at
Approach to resilience See and
Outage reporting Apptio reporting, see

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Other
Other user authentication Apptio provide provide robust authentication security by controlling log-off times for inactivity, password strength rules, and supporting federated Single Sign-On (SSO) based on industry-standard SAML 2.0
Access restrictions in management interfaces and support channels Fincastle and Apptio will consult with the client on best practice and compliance with client requirements and policies
Access restriction testing frequency At least every 6 months
Management access authentication Other
Description of management access authentication Apptio provide provide robust authentication security by controlling log-off times for inactivity, password strength rules, and supporting federated Single SignOn (SSO) based on industry-standard SAML 2.0

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification Yes
CSA STAR accreditation date 16/09/2016 for Apptio
CSA STAR certification level Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover See
PCI certification No
Other security certifications Yes
Any other security certifications See

Security governance

Security governance
Named board-level person responsible for service security No
Security governance certified No
Security governance approach Details of Apptio security governance can be found on
Fincastle Partners manage client data, information security and compliance in accordance with client policies and agreement.
Information security policies and processes As required by the client, on a case by case basis.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Fincastle Partners work within client processes and policies.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Fincastle Partners comply with client policies and requirements. Details of Apptio vulnerability management can be found at
Protective monitoring type Supplier-defined controls
Protective monitoring approach Fincastle Partners works with clients to ensure we comply with client policies and processes. Apptio details can be found at
Incident management type Supplier-defined controls
Incident management approach See

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £650 to £1395 per person per day
Discount for educational organisations No
Free trial available Yes
Description of free trial Fincastle Partners can provide Proof of Concept or Business Value Discovery services on a trial basis if required.

Service documents

Return to top ↑