cloudbaSE Requirements Management

SyntheSys CloudbaSE RM utilises the flexibility and versatility of cloud computing to provide IBM Rational DOORS in a more economical, adaptable way. We take a mix of powerful IBM tools, flexible licensing options, and sound experience to manage, support, and enhance your development life cycle.


  • Share the vision and unify vision
  • Enable collaboration at requirements definition stage
  • Rapid requirements capture
  • Integrated requirements across development lifecycle


  • Builds agility and customer focus
  • Reduces time to market
  • Aligns requirements, development, change, and quality management
  • Scalable across lifecycle
  • Minimises rework


£900 per user per month

Service documents


G-Cloud 11

Service ID

4 5 8 0 3 8 5 4 9 7 0 3 2 1 1



Mark Williamson

01947 821464

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
CloudbaSE Design Manager, CloudbaSE Project Manager, CloudbaSE Validation Manager
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
The Hosting service is subject to planned maintenance to ensure an optimum service. Any planned maintenance will be announced in advance and scheduled for minimum disruption to the service.
System requirements
  • Application licensing can be rented through the service.
  • Clients can bring their own (BYO) licensing to be hosted
  • Options for Bare metal, private and public virtual servers
  • Anti-virus and intrusion detection services are available
  • Hardware or software firewall
  • Back up and disaster recovery options

User support

Email or online ticketing support
Email or online ticketing
Support response times
Monday - Friday 0900 - 1700
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
SyntheSys provide level 2 support to the hosted applications in the cloud environment. SyntheSys will deploy the Cloud environment and also the application layer providing support to users along with training if requested in the operation of the solutions. Each client will be provided with a technical account manager for interface
Support available to third parties

Onboarding and offboarding

Getting started
CloudbaSE Services is our tailored model, which gives you access to our expert consultants and architects in the deployment, maintenance, enhancement, and support stages of your CloudbaSE project.

We understand that value delivery from your CloudbaSE project is your priority. Our training and consultancy services allow you to release this value quickly and seamlessly. We offer a range of different services to support your system integration and process delivery.

We have a proven track record of providing training and consultancy services across technical, financial, and government organisations and we are proud of the quality of these services. We can assist in the following areas:

•CloudbaSE set-up.
•Staff training and development.
•Ad hoc support.
Service documentation
End-of-contract data extraction
The termination element of our service ensures your data is safe, secure and complete. We will provide you with a full copy of your data upon request when the contract ends.
End-of-contract process
We aim to leave a positive lasting impression with all of our Clients. The termination element of our service is included in the price and ensures your data is safe, secure and complete and we will back up your full database and give you unrestricted access to your archive or destroy it as you wish.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Firefox
  • Chrome
Application to install
Designed for use on mobile devices
Service interface
Customisation available
Description of customisation
The IBM Collaborative lifecycle Management tools are configurable by the user for structure, dashboards, access rights and role based access, via the web browser interface.


Independence of resources
Each client is set up in a new virtual machine environment. Performance is scaled on each individual instance to ensure performance is not compromised


Service usage metrics


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
SyntheSys will support the client in the export or reporting of data held within the application
Data export formats
  • CSV
  • Other
Other data export formats
  • HTML
  • PDF
  • Word
Data import formats
  • CSV
  • Other
Other data import formats
  • Word
  • RTF

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
The service level agreement is contained within Schedule 1 of the SyntheSys SaaS Terms in conditions. SyntheSys shall use all reasonable endeavours to ensure platform is available 99% during each calendar month, subject to scheduled maintenance.
Approach to resilience
This data is available on request. It is managed by IBM as the IaaS provider.
Outage reporting
Outages on the environment are provided to SyntheSys by email. These will be passed on to the client.

Identity and authentication

User authentication needed
User authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
The hosted applications are configured by user role providing discrete access restrictions to specific areas of functionality
Access restriction testing frequency
Less than once a year
Management access authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
Coalfire ISO
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
The ISO/IEC 27001 certification is provided by SoftLayer, an IBM company. We are unaware of what, if anything, is not covered by this certification.
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes
SyntheSys has a security officer responsible for the management, isolation and dissemination of data within our business and clients.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Configuration and change management of the IaaS is managed by IBM's processes and provided as standard. We do not have details of these processes.
In addition, SyntheSys are subject to ISO 9001 Quality certification and as such have processes in place for configuration and change management of service components.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Vulnerability management of the IaaS is controlled by IBM's processes and provided as standard. We do not have details of these processes.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Protective monitoring of the IaaS is managed by IBM's processes and provided as standard. We do not have full details of these processes.
However, intrusion detection is active on the Virtual machine and is monitored by IBM for action.
Incident management type
Supplier-defined controls
Incident management approach
Incident management of the IaaS is managed by IBM's processes and provided as standard. We do not have details of these processes.
Users report incidents they identify via their technical account manager.
Incidents on the hosting environment will be communicated to any user or client affected as they arise.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£900 per user per month
Discount for educational organisations
Free trial available

Service documents

Return to top ↑