cloudbaSE Requirements Management

SyntheSys CloudbaSE RM utilises the flexibility and versatility of cloud computing to provide IBM Rational DOORS in a more economical, adaptable way. We take a mix of powerful IBM tools, flexible licensing options, and sound experience to manage, support, and enhance your development life cycle.


  • Share the vision and unify vision
  • Enable collaboration at requirements definition stage
  • Rapid requirements capture
  • Integrated requirements across development lifecycle


  • Builds agility and customer focus
  • Reduces time to market
  • Aligns requirements, development, change, and quality management
  • Scalable across lifecycle
  • Minimises rework


£900 per user per month

Service documents


G-Cloud 11

Service ID

4 5 8 0 3 8 5 4 9 7 0 3 2 1 1



Mark Williamson

01947 821464

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to CloudbaSE Design Manager, CloudbaSE Project Manager, CloudbaSE Validation Manager
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints The Hosting service is subject to planned maintenance to ensure an optimum service. Any planned maintenance will be announced in advance and scheduled for minimum disruption to the service.
System requirements
  • Application licensing can be rented through the service.
  • Clients can bring their own (BYO) licensing to be hosted
  • Options for Bare metal, private and public virtual servers
  • Anti-virus and intrusion detection services are available
  • Hardware or software firewall
  • Back up and disaster recovery options

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Monday - Friday 0900 - 1700
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels SyntheSys provide level 2 support to the hosted applications in the cloud environment. SyntheSys will deploy the Cloud environment and also the application layer providing support to users along with training if requested in the operation of the solutions. Each client will be provided with a technical account manager for interface
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started CloudbaSE Services is our tailored model, which gives you access to our expert consultants and architects in the deployment, maintenance, enhancement, and support stages of your CloudbaSE project.

We understand that value delivery from your CloudbaSE project is your priority. Our training and consultancy services allow you to release this value quickly and seamlessly. We offer a range of different services to support your system integration and process delivery.

We have a proven track record of providing training and consultancy services across technical, financial, and government organisations and we are proud of the quality of these services. We can assist in the following areas:

•CloudbaSE set-up.
•Staff training and development.
•Ad hoc support.
Service documentation No
End-of-contract data extraction The termination element of our service ensures your data is safe, secure and complete. We will provide you with a full copy of your data upon request when the contract ends.
End-of-contract process We aim to leave a positive lasting impression with all of our Clients. The termination element of our service is included in the price and ensures your data is safe, secure and complete and we will back up your full database and give you unrestricted access to your archive or destroy it as you wish.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Firefox
  • Chrome
Application to install No
Designed for use on mobile devices No
Service interface No
Customisation available Yes
Description of customisation The IBM Collaborative lifecycle Management tools are configurable by the user for structure, dashboards, access rights and role based access, via the web browser interface.


Independence of resources Each client is set up in a new virtual machine environment. Performance is scaled on each individual instance to ensure performance is not compromised


Service usage metrics No


Supplier type Reseller providing extra features and support
Organisation whose services are being resold IBM

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency Never
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach SyntheSys will support the client in the export or reporting of data held within the application
Data export formats
  • CSV
  • Other
Other data export formats
  • HTML
  • PDF
  • Word
Data import formats
  • CSV
  • Other
Other data import formats
  • Word
  • RTF

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability The service level agreement is contained within Schedule 1 of the SyntheSys SaaS Terms in conditions. SyntheSys shall use all reasonable endeavours to ensure platform is available 99% during each calendar month, subject to scheduled maintenance.
Approach to resilience This data is available on request. It is managed by IBM as the IaaS provider.
Outage reporting Outages on the environment are provided to SyntheSys by email. These will be passed on to the client.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels The hosted applications are configured by user role providing discrete access restrictions to specific areas of functionality
Access restriction testing frequency Less than once a year
Management access authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information No audit information available
Access to supplier activity audit information No audit information available
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Coalfire ISO
ISO/IEC 27001 accreditation date 15/04/2016
What the ISO/IEC 27001 doesn’t cover The ISO/IEC 27001 certification is provided by SoftLayer, an IBM company. We are unaware of what, if anything, is not covered by this certification.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes SyntheSys has a security officer responsible for the management, isolation and dissemination of data within our business and clients.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Configuration and change management of the IaaS is managed by IBM's processes and provided as standard. We do not have details of these processes.
In addition, SyntheSys are subject to ISO 9001 Quality certification and as such have processes in place for configuration and change management of service components.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Vulnerability management of the IaaS is controlled by IBM's processes and provided as standard. We do not have details of these processes.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Protective monitoring of the IaaS is managed by IBM's processes and provided as standard. We do not have full details of these processes.
However, intrusion detection is active on the Virtual machine and is monitored by IBM for action.
Incident management type Supplier-defined controls
Incident management approach Incident management of the IaaS is managed by IBM's processes and provided as standard. We do not have details of these processes.
Users report incidents they identify via their technical account manager.
Incidents on the hosting environment will be communicated to any user or client affected as they arise.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £900 per user per month
Discount for educational organisations No
Free trial available No

Service documents

Return to top ↑