Assai Software Services B.V.

Electronic Document Control and Management System

A document management system is a system used to track, manage and store documents. It is capable of keeping a record of the various versions created and modified by different users. It is related to digital asset management, document imaging, workflow systems and records management systems.

Features

  • out of the box
  • workflow management
  • document control
  • document management
  • concurrent engineering
  • reporting, dashboards, KPIs
  • integration with many systems

Benefits

  • high accessibility
  • cost savings
  • market proven product (30 years experience)
  • flexiblity in developing new features
  • high quality services (24/7 support)
  • available worldwide

Pricing

£0 per licence per month

  • Free trial available

Service documents

G-Cloud 10

473270542875443

Assai Software Services B.V.

Martin Tomsik

+31345 516 663

sales@assai.nl

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints N/a
System requirements
  • Internet Access
  • Windows computer

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Max. within 4 hours during office hours in the Netherlands. 24/7 support available for severe issues
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Level 1 Support - basic support provided internally by client

Level 2 Support
Answer queries from the clients centralized helpdesk;
Investigates such queries on clients settings and specific hardware platform(s) to application level;
Determines the probable underlying cause of any problem reported that can reasonably be believed to be attributable to a fault in the Programs
Identifies and provides operational work around whenever possible;
If the problem can be duplicated by Assai or is reported on more than one installation of the software system and is determined not to be operational, procedural or hardware related then an Error exists;
If the problem requires modification of the Software System such changes will be implemented and distributed by Assai in accordance with the standard release procedures.

Level 3 Support
Isolates the cause of common problems across the Software System;
Provides an acceptable work around or fix

Level 4 Support
Ensures that programming and technical resources are in place and in line with the agreed service levels including the provision of a suitable system configuration;
Schedules “Software Fix” releases;
Ensures that the relevant source code is updated and held securely;
Provides and maintains supporting documentation;
Ensures that all software fixes are tested.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started On-site, online training and manuals.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction At the end of the service contract, the Client is entitled to all its data stored in the AssaiCLOUD environment, including file, metadata, and database exports.
On client request Assai will provide the following data:
• All files in a folder structure organized per project
• Excel sheets containing the metadata for all object types as documents, document revisions, correspondence and technical queries
• Excel sheets containing information on distribution history.
• Other information specifically asked for by the client.

Information will be provided when all outstanding non-disputed invoices have been paid.

The information will be provided within 10 working days after the latter of the payment of the invoices or the issue of the client request.
The information will be provided on external hard disks sent by courier.
The costs of the delivery of the data will be invoiced on a time and material basis. The time charged will not exceed 5 working days, unless complicated reports are required by the Client.
End-of-contract process At the end of the service contract, the Client is entitled to all its data stored in the AssaiCLOUD environment, including file, metadata, and database exports.
On client request Assai will provide the following data:
• All files in a folder structure organized per project
• Excel sheets containing the metadata for all object types as documents, document revisions, correspondence and technical queries
• Excel sheets containing information on distribution history.
• Other information specifically asked for by the client.

Information will be provided when all outstanding non-disputed invoices have been paid.

The information will be provided within 10 working days after the latter of the payment of the invoices or the issue of the client request.
The information will be provided on external hard disks sent by courier.
The costs of the delivery of the data will be invoiced on a time and material basis. The time charged will not exceed 5 working days, unless complicated reports are required by the Client.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install Yes
Compatible operating systems Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Mobile app has a basic read-only functionality.
Accessibility standards None or don’t know
Description of accessibility -
Accessibility testing -
API Yes
What users can and can't do using the API Assai usually assists in any services requiring handling of API.
API documentation No
API sandbox or test environment No
Customisation available Yes
Description of customisation Upon consultancy, only Assai's staff is able to customize the product.

Scaling

Scaling
Independence of resources Internal procedures ensure proper demand management.

Analytics

Analytics
Service usage metrics Yes
Metrics types Reports can be run
Reporting types
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency Never
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach PDF and Excel available
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Other
Other protection between networks Handled by Microsoft - see details on MS Azure https://www.microsoft.com/en-us/trustcenter/security/azure-security
Data protection within supplier network Other
Other protection within supplier network See MS Azure security - https://www.microsoft.com/en-us/trustcenter/security/azure-security

Availability and resilience

Availability and resilience
Guaranteed availability Assai Software Services guaranties depending on the type of contract an up time of 99.5% excluding planned and communicated downtime for system maintenance and upgrades.

All servers are monitored continuously and some of their key performance parameters, such as CPU usage, memory usage and disk usage. Indications of possible performance issues will also be monitored and if they arise corrective action is taken, with relevant advice on whether the cause is likely to stem from application issues or hardware limits. Additional hardware will be added if needed. Assai can provide clients with a monthly report on server uptime if required.
Approach to resilience Available on request
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Username or password
  • Other
Other user authentication Various options depend per requirements of a given client.
Access restrictions in management interfaces and support channels Up to client - various way of restricting access in AssaiADMIN.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password
  • Other

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • SOC 2 Type 1
  • Hosted by MS Azure - have almost all major certificates

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Developed, documented, executed and confirmed set of Security Governance standards. Security Management and its policy and guidelines at Assai Software Services B.V. focus on the preservation of the confidentiality, integrity and availability of information that is stored, processed, transported and represented by our IT systems.
Information security policies and processes • Assai will apply its Quality Management Framework as a basis for setting up and maintaining a system of measures for guaranteeing the availability, integrity and confidentiality of data and information systems;
• Assai will comply with prevailing legislation and guidelines when drafting this policy.
The Personal Data Protection Act [Wet Bescherming Persoonsgegevens] (WBP) and
the guidelines issued by the Data Protection Board [College Bescherming
Persoonsgegevens] (CBP),
• The Security Policy is binding upon all people who work within Assai;
• All Assai employees are required to protect data and information systems against
unauthorized access, use, modification, disclosure, destruction, loss or transfer;
• Assai will actively promote the awareness of security among its employees;
• Assai will ensure that all elements of this policy are elaborated into actual guidelines
and measures, which are geared to the tasks and responsibilities of the employees
concerned;
• The Security Policy will be binding upon affiliated companies that use the IT
infrastructure. In the case of deviations from this policy, explicit written agreements
will be made;
• This Security Policy is a baseline: it defines a minimum system of essential measures
for responsible operational management.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach The ITIL Change Management process is used as a basis to implement the change management process at Assai. Flowcharts are provided for each of the following main processes:
• Register Request for Change (RfC)
• Review RfC
• Approve RfC
• Implement change
• Test change
• Review and close out
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach The approach is based on input from other disciplines such as strategic planning, project
management, technical design work, Stakeholder analysis and risk reporting. The RMP
encompasses not only the risk assessment methodology so fundamental to security risk
management, but also the environment that the methodology has to operate within.
In the case of Software Infrastructure, the goal of security is to take prevention, mitigation
and responsive measures in order to:
• The integrity of the product and services
• The reliable support and delivery of products and services
• The health of the workers
• The respect of the environment
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Assai obliges itself to continuously apply impact reducing factors. Making daily back-ups,
remote storage of the back-ups, test runs on restore are measures to reduce risks.
Depending on the risk, different measures are taken by Assai. If in doubt, Assai
Management can be consulted.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Assai has created this simple yet purposeful Incident Management process, which is
supported by the Incident Management system. Following this process leads to:
• Timely resolution of incidents, minimising business impact;
• More efficient resource utilisation of Helpdesk and other staff;
• Enhanced ability to measure and monitor performance relative to the SLA;
• Better data to support senior management decisions regarding service quality;
• Proactive identification of process enhancements.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £0 per licence per month
Discount for educational organisations No
Free trial available Yes
Description of free trial Based on agreement - can vary from showing an online demo to granting access to demo / specially setup test instance of AssaiCLOUD.

Documents

Documents
Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑