Sandhill Consultants Ltd

erwin EA Agile

erwin DG allows organisational stakeholders to discover, understand, govern and socialize data assets to mitigate risk and improve performance. Integrating traditional data governance capabilities (business glossary, data dictionary and catalog, linage mapping, policy authoring) with data modeling, EA and BP modeling for strategic value with data impact analysis.

Features

  • SAAS-based platform for rapid deployment and lower TCO Data
  • Lineage analysis for business terms, data elements and data sources
  • Integrated data, EA and business process modeling for DG
  • Automated Integration with DG ecosystem of people, processes and technology
  • Universal data-source harvesting and lifecycle management
  • Streamlined workflows, including notifications and task assignments
  • SAAS-based platform for rapid deployment and lower TCO of Data
  • Impact Analysis to manage the risk and scope of changes

Benefits

  • Provides visibility and governance for any data, anywhere
  • Enables enterprise data governance collaboration and organisational empowerment
  • Identifies data integrations, implications and impacts across the enterprise
  • Integrated ecosystem of people, processes and technologies to manage data
  • Breaks down business and IT silos for visibility across domains
  • Mitigates risk to provide regulatory peace of mind

Pricing

£24 to £2531 per user per year

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

3 6 7 8 9 1 0 6 3 6 3 1 4 2 1

Contact

Sandhill Consultants Ltd

Andrew Carter

01476 568708

andrew.carter@sandhill.co.uk

Service scope

Service scope
Software add-on or extension Yes
What software services is the service an extension to Data Modeling
Enterprise Architecture
Business Process
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints No
System requirements Web browser

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Sandhill provide 1st line email support and if required erwin will provide ticketed support. Bug issue resolution, provision of standard fixes and workarounds to known problems, managing your erwin relationship and issue escalations, license key assistance and management, rapid response on 'How to Support', Direct access to erwin experts by email, telephone, and remote desktop, guidance on upgrades, guidance on 'known issues', model testing, Answering product installation configuration and usage questions, in depth product knowledge of erwin and complimentary products. 24 x 7 technical support provided by vendor. All of the above in included within cost of product and maintenance.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 AA or EN 301 549
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Free of charge upgrades, bug issue resolution, provision of standard fixes and workarounds to known problems, managing your erwin relationship and issue escalations, license key assistance and management, rapid response on 'How to Support', Direct access to erwin experts by email, telephone, and remote desktop, guidance on upgrades, guidance on 'known issues', model testing, Answering product installation configuration and usage questions, in depth product knowledge of erwin and complimentary products. 24 x 7 technical support provided by vendor. All of the above in included within cost of product and maintenance.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Full education and training quick start programmes
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction CSV export.
End-of-contract process Service ends at end of license subscription period. Data can be made available for 30 days after end of contract. No additional costs at end of contract.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install Yes
Compatible operating systems
  • Linux or Unix
  • Windows
Designed for use on mobile devices No
Service interface Yes
Description of service interface Browser based, easy to use, configurable user interface.
Accessibility standards WCAG 2.1 AA or EN 301 549
Accessibility testing N/a
API Yes
What users can and can't do using the API Import files. Create, read, update, delete objects and relationships
API documentation Yes
API documentation formats
  • Open API (also known as Swagger)
  • PDF
API sandbox or test environment No
Customisation available Yes
Description of customisation Fully customisable metamodel.
View based UI that can be limited to access controlled roles.
Customisable user experience.
Professional license users can customise.

Scaling

Scaling
Independence of resources Fully monitored service through Amazon Cloudwatch

Analytics

Analytics
Service usage metrics No

Resellers

Resellers
Supplier type Reseller providing extra features and support
Organisation whose services are being resold Erwin Inc

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Encryption of all physical media
Data sanitisation process No
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach CSV export.
Data export formats CSV
Data import formats
  • CSV
  • Other
Other data import formats XML

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Erwin shall make the Service available twenty-four (24) hours per day, seven (7) days a week with a minimum uptime level of ninety-nine and nine tenths of a percent (99.9%) measured on an aggregate monthly basis, with no single unscheduled outage exceeding four (4) consecutive hours in a single seven (7) day period. Should Erwin incur an unscheduled outage in excess of four (4) hours or more than two (2) unscheduled outages in excess of two (2) hours or more in duration within a single billing month, upon notice by Customer and confirmation by Erwin, Customer will be credited 10% of that month’s monthly recurring payment. Such service availability does not, however, include regularly scheduled maintenance or any unscheduled downtime due to failures beyond Erwin’s control (such as errors or malfunctions due to Customer’s computer systems, local networks or Internet connectivity).
Approach to resilience Daily back-up of application and database server.
RTO (Recovery Time Objective) of 24 hours.
AWS Multi-AZ to ensure database is synchronised.
Outage reporting Email alerts.
Public dashboard in roadmap.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels There is an option within the account section of the tool, where the client administrator can allow erwin support access, to log into a client’s area and test the issue they are seeing, or test fixes once applied. This access is completely controlled by the customer and is turned off by default.
For server maintenance, a Jump server is used to access any AWS remote production environments, including connecting through a provisioning server, requiring private key access. The Jump server is locked to the corporate network ip address and the provisioning server(s) can only be accessed using the Jump server.
Access restriction testing frequency At least once a year
Management access authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Description of management access authentication API tokens for users who need access to the data API if using identity federation

Audit information for users

Audit information for users
Access to user activity audit information No audit information available
Access to supplier activity audit information No audit information available
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 British Assessment Bureau
ISO/IEC 27001 accreditation date 31/12/2017
What the ISO/IEC 27001 doesn’t cover Scope of certification is the provision of SaaS and Hosting Services
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes ISO 27001 Standards and Procedures. Reporting structure is Senior Vice President of Products of erwin managed through the Cloud Services teams.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach All changes are raised via the support ticketing system, Zendesk, and will be added into the development tracking system. Code changes are implemented with build script - we do use automated deployment tools for code movement and roll-backs from our beta, staging and live environments. Changes are approved by Development and Product Manager before being pushed.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Vulnerability scanning tool generates reports, tested against a known database of issues. Rule sets use common vulnerabilities and exposures (CVE), center for internet security (CIS) Operating System configuration benchmarks, and security best practices.
High and Medium issues resolved as quickly as possible. Low and Informational issues worked into the normal sprint plans.
Security pack covers whole platform of solutions:
- Intrusion Detection/Prevention and hosting of agents and manager within remote environment
- Security Information and Event Monitoring (SIEM – Manage Engine EventLog Analyzer) - and the hosting of the agents and manager within the remote environment
- Quarterly vulnerability testing.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach If the advanced security pack is chosen (on single tenant environments), we utilise an IDS/IPS tooling and all events are sent to a central management console, managed by DevOps team.
The IPS software will remediate and block issues where they are found.
Any alerts will quickly be responded to and remediated by the DevOps team, depending on criticality.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Incident record is created in the Quality Log
Incident Manager assigned to co-ordinate resolution and communications . Incident manager will work with the account manager to keep the customer informed.
Issues will be escalated to Product Management and Development Management.
Escalation beyond this is to the senior management team
Customer is notified of the issue/incident and the plans to resolve it by the account manager.
Development Manager will review the issue, any knock-on effects and devise the best fix method
Change management process follows attempts at resolving the issue.
Incident Report completed afterwards detailing the cause, lessons learned.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £24 to £2531 per user per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Full access to software for 30 day trial period

Service documents

Return to top ↑