RMS Services Limited

Wendia Service Management

Service Management System that while based on ITIL, enables any department to customise the solution to benefit their customer service, asset management and Process Management within one environment.

Features

  • Incident Management
  • Service Request Management
  • Problem Management
  • Resource Management
  • Asset Management
  • Change Management
  • Process workflows
  • KPI Reporting

Benefits

  • Flexible
  • Vanilla solution for Best Practice
  • Mobile Optimised
  • Restful API's

Pricing

£70 a user a month

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at J.bull@wendia.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

3 9 3 1 9 9 2 9 1 5 9 1 9 7 3

Contact

RMS Services Limited James Bull
Telephone: 03333200513
Email: J.bull@wendia.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
No set constraints. Maintenance will always be carried out in windows agreed with the Customer.
System requirements
  • .Net4.5
  • Gateway through Firewalls
  • DMZ Server if publishing externally

User support

Email or online ticketing support
Email or online ticketing
Support response times
We aim to respond within one hour during the normal working week. Weekends are not covered so response to questions raised over weekends will be Monday.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Monday to Friday 9:00 - 17:30 as standard, with Cloud monitoring tools available to alert our team should the system experience issues.

We do allocate an Account Manager to help support the relationship.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We would start with On -Site training for the Key users, accompanied with relevant documentation. These key users would then either carry out the user training internally, or assist us in the training to help explain the processes to the teams.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Data will be extracted from the SQL database and passed to the customer in csv format. This would be in a secure zip file which would only be accessible from the Customer to import onto an on premise storage facility.
End-of-contract process
At the end of the contract, the application becomes unavailable to the Customer in any format. The data if requested by the customer is extracted and passed to them in secure files. The Servers and Application are turned off and not accessible. we will keep the system for a period of three months in case the Customer requires any access, but this would be chargeable based on the requirements. At the end of the period, the Solution would be destroyed.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Mobile Optimised version has been introduced to allow a cut down version of the full application to be accessible to those user on the move. Full access can be made via a mobile device but due to the nature of the software some things would be difficult to read on the smaller screens.
Service interface
Yes
Description of service interface
Our Service Desk uses a mixture of GUI and Form based screens which link together to produce a streamlined product
Accessibility standards
WCAG 2.1 A
Accessibility testing
Several of our Customers, both Academic and Local Government have tested the product with Assistive Technologies and have given positive feedback. Where any issues were found we have been able to quickly rectify.
API
No
Customisation available
Yes
Description of customisation
The solution can be fully customised, and this is usually carried out at point of implementation. However, with training, access can be granted to the Enterprise section of the application and screens, user access, data actions can all be modified. This is carried out by users who have the correct privileges and is done through the application itself.

Scaling

Independence of resources
The Service Desk instance is built based against the maximum number of analyst users. Much of the data processing occurs on the Client machines so there is little impact from other users affecting the system performance,

Analytics

Service usage metrics
No

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Wendia

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
There are options within the application to allow Customers to export their data into csv files. Access to the Database is restricted, and if required we are able to extract the data from the SQL for them.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
99.99% Availability, Users are refunded by way of Service Credits should the level drop below this threshold.
Approach to resilience
Available on Request
Outage reporting
We receive email alerts to the technical team.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Access is controlled by User privileges. These are discussed with the Vendors at the point of deployment and configured accordingly.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Jane
Information security policies and processes
The Wendia Cloud is hosted on AWS EC2 environments, these hosting environments are audited and compliant with ISO27001, 27017, 27018, SOC3, and Cyber Essentials Plus.

The Wendia Cloud platforms are hardened to CIS Level 1 standards and are architect-ed to cloud web application best practices. All customer data is encrypted in transport and at rest. Internal policies are aligned to ISO 27001 and EU GDPR as Data Processors. Change, configuration and incident response follow ITIL best practice. Administrative access is limited to analysts assigned to work on Wendia Cloud, who are as a minimum BPSS verified. All Accepted network traffic, platform and application logs are stored for a minimum of 90 days. We use Qualys Cloud, AWS CloudWatch, GuardDuty, WAF and DuoSecure for multiple layers of protection and reconnaissance to enhance and maintain the security and stability of the Wendia Cloud service.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All changes to configuration or Servers is raised through the Service Desk as an RFC. These are then reviewed. Once approved, back ups are taken of all the environments that will be affected. Customers made aware of down times. The work is then carried out on Test environments where the Customer can fully test before sign off. The Live system would then be backed up and changed. All changes are documented so can be rolled back if necessary.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
The Service is monitored 24/7 for any abnormalities that will flag to the Support team should anything occur. Using AWS we are able to utilise their security features to help detect any potential threats.

We aim to resolve issues to the Software within a three week cycle, however this is assessed based on severity.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
We use Amazon's monitoring tools to alert us to any potential compromises, and we aim to respond immediately to any alerts.

Al incidents are prioritised and according to the Priority they are given, the response can be between an hour to 4 hours. The majority of incidents are responded to within the hour if during the working day.
Incident management type
Supplier-defined controls
Incident management approach
Users can report incidents via Phone, Email or Portal, all will result in a ticket being raised for them. The Incident will be triaged and assigned to the relevant team.

Users can see their reports via the Portal, and also request feedback from their dedicated Account Manager.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£70 a user a month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Access to the Software for an agreed period. Access is given to the Service Management module along with documentation. A demo of the remaining modules is available on request.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at J.bull@wendia.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.