Project Solution Ltd

Microsoft SharePoint and Project Server Hosting

Microsoft Project Server/Online is an end-to-end collaborative project, portfolio, and resource management environment. It helps organizations gain visibility, insight, and control to enhance decision making, improve alignment of project and work initiatives with the business strategy, maximize resource utilization as well as measure and increase operational efficiency.

Features

  • Project demand management for new Initiatives and Proposed Work
  • Project portfolio definition and optimisation to drive best value selection
  • Enterprise Resource Management with Timesheeting (Optional)
  • Project schedule management for improved tracking and delivery
  • Project financial management for budget, planned and actual costs
  • Consolidated View of Projects, Programmes, and Portfolio
  • Project team collaboration
  • Business intelligence reporting for better decision making
  • Securely hosted in UK datacentres
  • Standardisation of Project Management Processes

Benefits

  • Centralised repository of projects for different types
  • Centralised/Common Enterprise Resource Pool
  • Manage your portfolio of Projects
  • Manage Programs with interdependent projects
  • Slice across project and resource data for detailed analysis
  • Improve quality of your projects, timeliness and cost effectiveness
  • Manage Project Risks and Issues along with Schedule/plan
  • Capture actuals and progress tracking on the move
  • Frame work for standardisation and rolling out your PM processes
  • Delivery by Microsoft Certified Partner with 15+ years field experience

Pricing

£5.30 to £41.50 per user per month

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 10

335290201793222

Project Solution Ltd

PJ Mistry

01223 7898 44

pj@projectsolution.co.uk

Service scope

Service scope
Service constraints There are no foreseeable constraints to the Services.
System requirements
  • Windows7, 8 or 10 for Projct Professional
  • Microsoft Internet Explorer, Firefox, Chrome, Safari
  • Mac or Windows for Project Web App

User support

User support
Email or online ticketing support Yes, at extra cost
Support response times Within One business day
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Yes, at an extra cost
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard None or don’t know
How the web chat support is accessible Helpdesk webchat is accessible via any of the main browsers.
Web chat accessibility testing Helpdesk webchat is accessible via any of the main browsers.
Onsite support Yes, at extra cost
Support levels Each support request receives a Priority level depending on the type of issue reported;
Urgent: A full system outage , the system is not working and this is affecting all users.
High: A major element of either the Microsoft PPM / EPM or Project solution is not working at all and affecting all users
Normal: A single or small element of the Microsoft PPM / EPM or Project solution is not working and affecting some users
Low: There is a problem which is affecting one or limited numbers of users and there is an alternative workaround
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started The approach to getting started is as follows;
- Envisioning & Planning Workshops
- Training for key users to understand the full capabilities of the system
- Support where needed

Implementation approach is;
1) Quick Start Program - fixed price (for simple standard small-business deployments with no bespoke or heavy customisations/configuration)
2) Standard Deployment (for medium/large businesses with complex processes and requirement for bespoke or heavy customisations/ configuration and reporting needs)
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Project data can be exported manually or by using our Tool to save project data locally along with configuration for custom attributes for Project, Resource and Tasks.
End-of-contract process At the end of the contract, all customer information will be securely destroyed and confirmation will be provided. Also, Microsoft implements destruction and confirmation of destruction of all data upon exit of contract.

If you terminate a cloud subscription or it expires (except for free trials), Microsoft will store your customer data in a limited-function account for 90 days (the retention period) to give you time to extract the data or renew your subscription. During this period, Microsoft provides multiple notices, so you will be amply forewarned of the upcoming deletion of data.
After this 90-day retention period, Microsoft will disable the account and delete the customer data, including any cached or backup copies. For in-scope services, that deletion will occur within 90 days after the end of the retention period.

Using the service

Using the service
Web browser interface Yes
Using the web interface All basic functions of managing projects and resources can be performed via Project Web App.

For advanced project assignments and programs with interdependent projects, users must use the client application (Microsoft Project Professional)
Web interface accessibility standard WCAG 2.0 AA or EN 301 549
Web interface accessibility testing Refer to: https://www.microsoft.com/en-us/accessibility/office
API Yes
What users can and can't do using the API Microsoft Project Server/Online has an Open API that allows integration with other systems.
API automation tools Other
Other API automation tools Any tool that can use Web services/REST API
API documentation Yes
API documentation formats HTML
Command line interface Yes
Command line interface compatibility Windows
Using the command line interface Administrative changes to Project Web App can be made using PowerShell Commands.

Scaling

Scaling
Scaling available Yes
Scaling type Automatic
Independence of resources Availability reports are available via the Admin Portal of Office 365, for the overall platform and by service. There is a separation in services between consumers; users are not affected by the demand of other users. By using Office 365 API, further monitoring is possible. The service is based on Microsoft architecture which is fully scalable.
Usage notifications Yes
Usage reporting
  • Email
  • Other

Analytics

Analytics
Infrastructure or application metrics No

Resellers

Resellers
Supplier type Reseller providing extra features and support
Organisation whose services are being resold Microsoft

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Other
Other data at rest protection approach Every Microsoft datacentre is protected by cutting-edge enterprise-grade perimeter security. Stateful firewalls and other inspection tools monitor traffic flowing in and out of each datacentre, automatically detecting and blocking suspicious activity for instance.

Further protection is provided through encryption of data in transit and at rest. In the unlikely event that hackers do breach defences, they will be unable to read, let alone use, any of the information they manage to acquire.
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Project Schedules
  • Project Sites
Backup controls Individual Project schedule backup is initiated by user. Project Site is backed up automatically by Microsoft Services.

Site level Backup, disaster recovery is provided by Microsoft Data Centre.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Supplier controls the whole backup schedule
Backup recovery
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection between networks All customer-facing servers negotiate a secure session by using TLS/SSL with client machines to secure the customer data. This applies to protocols on any device used by clients. See also http://aka.ms/Office365CE
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection within supplier network Microsoft supports versions 1.0, 1.1, and 1.2 of the Transport Layer Security (TLS) protocol. This protocol is an industry standard designed to protect the privacy of information communicated over the Internet. TLS assumes that a connection-oriented transport, typically TCP, is in use. The TLS protocol allows client/server applications to detect the following security risks:
• Message tampering
• Message interception
• Message forgery

For further information, please refer to: https://msdn.microsoft.com/en-us/library/windows/desktop/aa380516(v=vs.85).aspx

Availability and resilience

Availability and resilience
Guaranteed availability Microsoft provides a contractually backed SLA to a minimum of 99.9%.
Backup, disaster recovery and resilience plan in place
Approach to resilience Unlike other datacentre, Microsoft Office 365 spreads your information across several geographically-dispersed datacentres. Should one (or more) of these hubs goes offline, your data remains available at all times.

In the age of the always-open business, you need guaranteed access to your tools and information.
Outage reporting Office 365 reports outages via the service status portal

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Username or password
  • Other
Other user authentication Usernames and password control remain under the buyers control.
Access restrictions in management interfaces and support channels Access can be restricted based on the role of the user (administrator, team member with edit right, or only viewer).
In addition, if the user does not have a O365 licence, they are restricted from the service.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device over multiple services or networks
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for Less than 1 month
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for Less than 1 month
How long system logs are stored for Less than 1 month

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 BSI
ISO/IEC 27001 accreditation date 11/02/2017
What the ISO/IEC 27001 doesn’t cover Control: The organisation shall supervise and monitor the activity of outsourced system development.
ISO 28000:2007 certification No
CSA STAR certification Yes
CSA STAR accreditation date 29/04/2016
CSA STAR certification level Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover NA
PCI certification No
Other security certifications Yes
Any other security certifications
  • Cyber Essentials Plus
  • EU Model Clauses
  • EU-US Privacy Shield
  • ISO 27001, ISO 27018
  • SOC 1, SOC 2
  • FIPS 140-2
  • HIPAA/HITECH
  • CCSL (IRAP)

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards We have internal processess to manage the security of our assets such as financial information, intellectual property, employee details or information entrusted to you by third parties.
Information security policies and processes EU Model Clauses,
HIPAA/HITECH,
ISO 27018

Reporting: Team Leader > Department Head > Director

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We have developed formal standard operating procedures (SOPs) governing the change management process. These SOPs cover both software development and hardware change and release management, and are consistent with established regulatory guidelines. All change is assesed for impact on service, users and security.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Configuration, change management, incident response and protective monitoring are all demonstrated in Microsoft’s compliance with the ISO-27001 information security standard.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Configuration, change management, incident response and protective monitoring are all demonstrated in Microsoft’s compliance with the ISO-27001 information security standard.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Configuration, incident response and protective monitoring are all demonstrated in Microsoft’s compliance with the ISO-27001 information security standard.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart No

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes

Pricing

Pricing
Price £5.30 to £41.50 per user per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial 30day free trial

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑