Execview

Execview Service and Operations Governance

Execview Service and Operations Governance brings visual performance management for service delivery managers. Execview is multi-organisational. It incorporates powerful integration to any data source (e.g., Databases, help desk, CRM, ERP, PPM) for performance reporting. Execview provides workflows for managing actions, risks, change requests, innovation, assurance. Easy to use, low cost.

Features

  • Service and operations reporting
  • Online SLA and service definitions
  • CSF and KPI definitions
  • Data integration with any service, ERP and operations systems
  • Customisable reporting
  • Intrvention, task and action management
  • Operational risk and issue management
  • Mobile app for productivity
  • Workflows fro change requests, innovation, RFPs,
  • Audit and assurance review functions

Benefits

  • powerful visibility and control of processes
  • Easy to use processes and reports
  • Rapid and easy deployment
  • Strong buy-in from users and management
  • Easy integration (model external sources to 3-5 days to integrate)
  • Self sufficient in most organisations
  • Faster/lower cost to deploy than most solutions
  • Rapid prototyping of governance solutions

Pricing

£1000 to £1000 per licence per month

  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

4 5 9 2 4 0 7 4 8 4 7 6 7 2 6

Contact

Execview

Sales

+44 (0)207 754 3737

info@execview.com

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Execview will act as an add-on for reporting and governance to provide exec reporting and visibility. Most data file types can be integrated in a few days (mostly secure FTP, but also Web Services, Manual file loads). Multi-organisational, Execview will integrate many organisational inputs into a single governance view
Cloud deployment model Private cloud
Service constraints No specific constraints. For government-sensitive secure applications, there are options to install Execview on private government networks or connect via secure networks. A number of existing government outsourcers can also supply Execview directly.
System requirements
  • Any modern browser will provide the user interface
  • Mobile web app works on most HTML devices (download required)
  • Data transfer requires a Secure FTP server or VPN connection
  • Optionals to integrate to Authentication Server for single-sign-on

User support

User support
Email or online ticketing support Email or online ticketing
Support response times The Issue Prioritisation definitions are as follows:
• P0/Critical – “Site Down” or >50% customer users cannot use the platform in any way
• P1 – Major Functionality Unavailable, e.g. lack of reporting, >20% users unable to access, data corruption
• P2 – Minor Functional Problem, but workaround available
• P3 – Enhancement Request, “How To” Question or Minor Bug

The target Response Times (within the Support hours) are as follows:
• P0 – 30 mins
• P1 – 1 hour
• P2 – 4 hours
• P3 – 8 hours
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels These support services re included in the service cost:-
1.First Line support, including bug logging, technical advice, liaison with clients for operational issues.
2. Software support including reaction to system outage, downtime or high importance issues, technical expert, bug resolution.
3. Account management, escalation for operational, and performance issues.
4. Account management and Service Delivery Manager are escalation points.
5. Nominate Solution Consultant(s) will be allocated to each service to provide client support on major accounts with 100+users.
6. Each government service has a nominated Contact Director with accountability of service assurance.
7. Most clients are pretty self-sufficient. Where needed, On-site Support is normally chargeable for training, solution set-up and bespoke integration with other systems.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Execview provide a set-up service of typically 5-30 days initial support depending on the client needs.
Most users can expect to learn to access and use Execview in an hour of training for project and service reporting (90% of users say this is sufficient!). The training is either on-site or via a WebEx session.
Either Execview of Client Administrator(s) are responsible for Execview set-up, data integration, and mapping, user and
security management, resource and cost management, etc. This set-up capability requires more formal training and
support (3 - 5 days). it is normally done as a by-product of the Execview Set-up whilst working alongside our solution consultants. Alternatively, they can take a formal Admin course – see details later in this section.
We run a range of training and courses – for larger roll-outs, we would ‘Train the Trainer’.
Execview typically provide on-site early life support services for larger implementations, and email/phone support thereafter.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Execview commits to provide an open and fast way of customer data extraction. A core part of the Execview technology will provide an import /export facility that customers can use at any time. For all other data items Execview will provide data extracts in Microsoft Excel, Microsoft SQL or comma separated file formats, as preferred by the customer. There will be no charge for these type of extracts – other requested formats may, however, have a charge. Execview commits to purge all such customer’s data at the termination point. Execview may charge for bespoke data extraction services at our normal daily rates if needed.
End-of-contract process Execview commits to provide an open and fast way of customer data extraction. A core part of the Execview technology provide an import/export facility that customers can use at any time. For all other data items Execview will provide data extracts in Microsoft Excel, Microsoft SQL or comma separated file formats, as preferred by the customer. There will be no charge for these type of extracts – other requested formats may however have a charge. Execview commits to purge all such customer’s data at termination point. Execview will not expect to help with the migration to other systems, but if requested may charge for this service at our normal daily rate

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Execview is available through any modern desktop browser. It works well on mobile devices as well, and even the more complex reports render well. Additionally, a new mobile app (HTML based - no download) works on mobile browsers and provide productivity tools, task management and reporting for users.
Service interface No
API Yes
What users can and can't do using the API Execview connects to any system, including ERP (SAP, Oracle etc), MS Project Server, Business Objects, Jira, ticketing systems, CRM).

Execview will connect to ANY data source, and receive most data file formats. Any CSV, Excel or XML file can be uploaded to Execview via the API. This can be used for connecting external systems for reporting integration. And extract transform and load (ETL) program allows data to be selected and imported using user-defined processing rule sets. Web services interfaces can be created on request
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation 1. User reports and templates are customisable
2. Many screens, field names, drop downs, can be customised on forms according to the requirement.
3. Workflow stages, gateways, reports, all customisable.
4. Administrator users can assign custom access levels for users through the use of role based permissions
5. Data can be restricted or suppressed for specific users or user types through functionality within the application
6. Execview can custom-develop functionality based on the client needs to replace manual processes, spreadsheets and disparate applications.
7. Any data, from any source, can be imported to Execview.
8. Fully customisable bespoke reports can be produced by users and administrators.

Scaling

Scaling
Independence of resources We use tools to constantly monitor the performance (New Relic) of the servers, ensuring they do not pass certain thresholds, that would affect performance / user experience

Analytics

Analytics
Service usage metrics Yes
Metrics types 1. Client Administrators can access a log of user activities.
2. Scorecards detailing numbers of project/service activities, with many metrics on risks, cost, delivery are either standard or can be quickly configured
3. A range of usage metrics are captures for use in bespoke reports
4. Execview will write additional reports on usage if required by a customer (at cost).
Reporting types
  • Real-time dashboards
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach A export facility built into the product - allows users to export (in Excel format)
Data export formats
  • CSV
  • Other
Other data export formats
  • Excel
  • PDF
Data import formats
  • CSV
  • Other
Other data import formats Excel

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Application availability is designed to be 99.5% within the operating hours above. There are two UK-based data centres, with 15 minute updates between mirrored systems. Our data centre hosting provider, RackSpace, provides data storage, all physical and logical security and all backup and restore operations. Increments backups are taken nightly, with full backups weekly. Backups are stored off-site in the back-up datacentre. Execview test restores on a regular basis to assure that backups will provide valid recovery.
Approach to resilience Our data centre hosting provider, RackSpace, provides data storage, all physical and logical security and all backup and restore operations.
Backups are taken nightly, with full backups weekly. Backups are stored off-site. Execview test restores on a regular basis to assure that backups will provide valid recovery.
RackSpace provide business continuity and disaster recovery measures which, in the unlikely event of them being needed, would see an alternative hosted service restored within a maximum of 5 days. In practice, the mirrored servers should allow recovery within a day.
Outage reporting Email alerts - our service desk provides email notification to client Execview Administrators in the even of an outage or major service problem.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Username or password
  • Other
Other user authentication Users currently authenticate using ID (not email address) and strong password. Authentication Server validation and single sign-on is also available (with a set-up cost). Execview can optionally be implemented on government servers if required, limited access to government networks. Note that 2-factor authentication is being added in 2Q17.
Access restrictions in management interfaces and support channels A secure VPN is used for support interfaces to the application from the support team. Access is from nominated secure computers and other devices with encryption All IDs and strong passwords are centrally managed.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 British Assessment Bureau
ISO/IEC 27001 accreditation date 23rd February 2017
What the ISO/IEC 27001 doesn’t cover None: ISO27001 covers all critical areas of our service, including hosting, applications management, security management.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Execview security and controls policy standards are validated and accredited to ISO27001. These security documents are available on request where appropriate to government services. All Execview staff are validated to BPSS standards and a number of key staff are vetted to SC level.
Security is owned at Board level and managed by the Execview Security and Controls Manager.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Formal CM processes are used for all changes to production systems. A full range of dev/test/UAT/Beta/Production environments are used, and each client has its own 'Beta' copy of their production system for UAT of changes (if required - a subset of clients choose to do this). Execview operates quality processes to ISO9001 standard with accreditation.
Changes are prioritised and agreed by a weekly review process.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Regular risk assessment processes.
Server hardware and security updates applied directly by RackSpace in line with their processes. All user hardware is Windows 10 based and updated as patches become available .
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Images for both Windows and Linux deployments to serve as a baseline for hosted systems. However these images should not be considered to be 'hardened,' as customer requirements differ. When a server is set-up, hardening is done by assigning strong default passwords, non-essential services turned off by default, FTP access being disabled, and default accounts disabled by default.
All internal and external vulnerability assessments of the customer solution are the responsibility of the customer, and should be performed according to the 'Logical Security Testing Consent Agreement' form.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Execview will respond to incidents as we become aware of them, and advise customers by email notification. Incidents affecting a single solution will be managed by the relevant Service Delivery Manager, incidents affecting multiple customers will be managed by the Global Incident Management team.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £1000 to £1000 per licence per month
Discount for educational organisations No
Free trial available Yes
Description of free trial We offer the ability for prospective clients to explore Execview (EV) via a limited POC where we give access to a contracted Service that allows clients to explore EV over an agreed time. There is often a configuration / training / service provided with this, charged at standard day rates.

Service documents

Return to top ↑