INFOR (UNITED KINGDOM) LIMITED

Infor Travel & Expense Management

Infor Expense Management is a flexible and configurable travel and expense management solution. Easy to maintain, efficient to use, and supports mobile usage.

Automate expense-related processes, enforce compliance, cut costs, and reduce the risk of accidental errors and intentional fraud.

Infor uses Amazon Web Services as our cloud hosting provider.

Features

  • Full web based and/or mobile application
  • Automate credit card feeds
  • Flexible rules based engine
  • Full integration to back-end systems (AP/Payroll/HR)
  • Integration to GDS providers
  • Optional integrated reporting with pre-built reports

Benefits

  • Streamline end to end travel and expense process
  • Manage and Enforce policy compliance
  • Option to pre-approve travel plans and budget
  • Email receipts or scan via mobile application

Pricing

£2.84 per unit

Service documents

Framework

G-Cloud 11

Service ID

4 2 2 2 9 9 0 2 7 8 6 6 5 9 6

Contact

INFOR (UNITED KINGDOM) LIMITED

Lorant Horvath

07752065133

lorant.horvath@infor.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Infor Expense Management also has options for capturing timesheets and managing ad-hoc (non purchase order) payment requests
Cloud deployment model
Public cloud
Service constraints
As a multi-tenant subscription as a service cloud offering there are monthly software patching windows and an annual upgrade window pre-planned. All clients are advised of the planned downtime
System requirements
  • Full web browser support
  • Native mobile applications from Apple App Store or Google Market

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response times vary between 15 minutes and 4 business hours depending on the severity of the incident and the customer's support plan.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Chat is accessible through our support portal.
Web chat accessibility testing
This functionality is not available in the current version of the Webchat tool. No particular tests have been carried out in the area of usage.
Onsite support
No
Support levels
Infor offers two support levels, Infor Premium Support Plan and Customer Success Plus Program.  Both plans cover a lot of services by default, including 24/7 availability and usage of Support portal, Knowledge Base, and they differ predominantly on the responsiveness and some additional services which the Customer Success Plus Program includes. All customers have access to the Support Operation Handbook which fully documents these support plans. Further information is available upon request.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
At Infor, we recommend starting with a "Train-the-Trainer" approach. One to two "power-users" will be included in the implementation team to gain in-depth knowledge of the product. This assures an 'on-site' expert that can handle user questions as well as continued internal training.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
  • DOC
  • MP4
  • Via the Webportals: User Communities, Xtreme Support, Infor Education
End-of-contract data extraction
Infor will provide an sFTP site and help the Owner download all data back on site or to another Cloud provider. In the event that customer requires the return of customer Data in an alternate format or requires any other termination assistance services, Infor and customer shall mutually agree upon the scope of such termination assistance services and the fees and expenses payable for such termination assistance services.
End-of-contract process
Infor believes that the data belongs to the customer. Upon termination of the contract, all data will be returned to the customer.

Infor will provide an sFTP site and help the Owner download all data back on site or to another Cloud provider. In the event that customer requires the return of customer Data in an alternate format or requires any other termination assistance services, Infor and customer shall mutually agree upon the scope of such termination assistance services and the fees and expenses payable for such termination assistance services.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • MacOS
  • Windows
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The screen estate is formatted appropriately for the best possible mobile experience when using mobile devices. There is no functional differences between the mobile application and the desktop from a user experience. Administrators will also have access to a system admin tool only via desktop.
Service interface
No
API
No
Customisation available
Yes
Description of customisation
Infor provides extensibility tools within the applications to enable the users to personalise and configure.

No new code will be required for the customisations described above. Infor will be using proprietary, pre-existing software to provide the SaaS service and accordingly will not be publishing its code and data.

Scaling

Independence of resources
Infor Cloud based offerings (Software as a Service – SaaS) are designed to ensure the end user experience is maintained at optimal performance levels for all licensed users. Infor Cloud solutions can easily adjust to changes in processing volumes or shifting capacity requirements as the business demands fluctuate by utilising auto scaling mechanisms. Infor carries out extensive monitoring through automated tools to guarantee such performance is optimised at all times across the Infor Cloud.

Analytics

Service usage metrics
Yes
Metrics types
Users and all activities undertaken can be monitored for a complete audit trail of activity.
Reporting types
Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Other
Other data at rest protection approach
Infor encrypts data at rest using AES-256.
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Clients of Infor XM have a couple of options for data import/export, however the lowest common denominator is through the use of the XMDB Tool .

The XMDB Tool is an application used to:
•Import data to XM.
•Export data from XM.

The application is also used to generate the ETL files that run the XM background processes and other related processes.
XMDB Tool is available as a standalone client and also as a background process where client installation is not required.
Data export formats
  • CSV
  • Other
Other data export formats
Business Object Documents (OAGI)
Data import formats
  • CSV
  • Other
Other data import formats
Business Object Documents (OAGI)

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Infor commits to 99.5% uptime for our cloud solutions subject to our supplier terms and service level description. Details of service credits for non-performance are set out in our supplier terms attached to this application.
Approach to resilience
Infor application and database servers are installed across multiple AZ’s to provide the highest availability possible. If a data center or AZ partially or completely fails, the work load is automatically redistributed across the other AZ’s within the region by the AWS Elastic Load Balancers (ELB) and Auto Scaling services. Relational database servers employ synchronous or near-synchronous replication to duplicate data in multiple AZ’s to minimize or eliminate any transaction loss due to a system, data center, or AZ failure.
Outage reporting
Automated Notifications.

Any services which has service degradation or service outage, an automated notification is sent out.

Identity and authentication

User authentication needed
Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Other user authentication
Our applications are capable of integrating customer Active Directory system (through an ADFS trust) to provide consistency with customer user management systems. The customer IdP must be SAML 2.0-compliant. If multi-factor authentication for customer's users already exists, it can be supported.
Access restrictions in management interfaces and support channels
Infor Cloud Operations adheres to the security principles of “least privilege and need-to-know” and has implemented several security controls to ensure the confidentiality, integrity and availability of data. These security controls include database-level segregation, roles based access controls and role-based application level controls. Infor offers a multitude of profiles for our customers. It is the responsibility of the customer to designate privileges.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
13/06/2017
CSA STAR certification level
Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover
The CSA STAR self-assessment is only for single tenant and multi-tenant Infor products hosted through AWS.
PCI certification
No
Other security certifications
Yes
Any other security certifications
SSAE 18 SOC 1 / SOC 2

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
SSAE18 SOC 2 Type 2 and SOC 1 Type 2
Information security policies and processes
SSAE 18 SOC 2 Type 2 certified.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Infor's SaaS Cloud Services Change Management process aligns with ITIL v3 ITSM best practices. All the changes will be tested before deploying.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Infor ISO performs the following security scans to identify OWASP security threats: source-code scanning, vulnerability scanning, penetration testing, and system hardening scans. The security items identified in the scans are triaged and the proper remediation are added to the Development process for resolution (for application related issues) or provided to the Cloud Operations team (for infrastructure related issues).
Members of the Security team receive updates from the Center for Internet Security (CIS).
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Infor leverages the AWS security tools as the first layer of defense against unauthorized access. Infor Cloud Operations and Infor Security Office (ISO) then deploy host-based malware and IDS/IPS protection to provide an additional layer of protection. This host-based protection is managed from a centralized location, pushing updates on a daily basis and centrally managing all security. Alerts are reviewed on a daily basis and appropriate action is taken upon review.
Incident management type
Undisclosed
Incident management approach
Infor has an incident management process in place. Further details will be part of master service agreement.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£2.84 per unit
Discount for educational organisations
No
Free trial available
No

Service documents

Return to top ↑