HCM Back Office Modernisation
Hitachi Consulting is offering a solution to accelerate customers in realising the benefits that Cloud applications provide, but within predictable timeframe and costs. By choosing from a set of off-the-shelf pre-defined offerings, we can provide a pragmatic approach to your software implementation, delivered by a trusted, experienced and professional team.
- Business Case Development.
- Cloud Readiness Assessment.
- Industry Specific Solutions and Processes.
- Standardisation on Best Practice Processes.
- Templated configurations and best practice processes across different industries.
- Pre-developed content and tools to accelerate implementation.
- Deployment of specific bolt-on modules or full HCM implementations.
- Packaged offerings for a range of options and scenarios.
- Deployed via the Oracle Public Cloud.
- Change management support for organisation structure design and workforce engagement.
- Accelerated implementation timescale with reduced costs.
- Reduced cost of ownership of HR systems.
- Improved HR productivity by leveraging self-service and automation.
- Access to timely, accurate people data to improve decision making.
- Improve talent acquisition and on-boarding.
- Transformation of back-office processes.
- Increased ability to react to changing business conditions.
- Allows the retirement of legacy systems.
- Improved ability to react to legislation changes.
- Support for aggressive expansion plans including eased integration of acquisitions.
£110000 per unit
- Pricing document
- Skills Framework for the Information Age rate card
- Service definition document
- Terms and conditions
- Modern Slavery statement
Hitachi Consulting UK Ltd
020 7947 4500
|Software add-on or extension||Yes, but can also be used as a standalone service|
|What software services is the service an extension to||Any other Oracle Cloud SaaS.|
|Cloud deployment model||
|Email or online ticketing support||Email or online ticketing|
|Support response times||As per standard SLA's.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
|Support levels||We provide 2nd and 3rd line support. Costs vary according to the nature and extent of services supplied. We provide various roles, including support engineer, lead support engineer, service delivery manager and technical account manager.|
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||All training options are available and would be agreed with the client as part of the change management plan.|
|Other documentation formats||
|End-of-contract data extraction||Data can be extracted into Excel or other similar formats.|
|End-of-contract process||There are no specific end of contract services included in the standard contract as extracting any necessary data can be done by the client themselves.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Some user self-service tools have specific mobile applications but most elements are supported via web browser. Capability dependant on mobile device.|
|What users can and can't do using the API||There are an extensive set of API's allowing integration with the majority of transaction types and static data.|
|API documentation formats||
|API sandbox or test environment||Yes|
|Description of customisation||Can be extended but not customised.|
|Independence of resources||The Cloud subscription will guarantee a consistent level of service for each subscriber.|
|Service usage metrics||Yes|
|Metrics types||Service status and service usage.|
|Reporting types||Real-time dashboards|
|Supplier type||Reseller providing extra support|
|Organisation whose services are being resold||Oracle|
|Staff security clearance||Conforms to BS7858:2012|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||In-house|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Explicit overwriting of storage before reallocation|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Via API's or into Excel.|
|Data export formats||
|Other data export formats||Excel|
|Data import formats||
|Other data import formats||Excel|
|Data protection between buyer and supplier networks||Private network or public sector network|
|Data protection within supplier network||IPsec or TLS VPN gateway|
Availability and resilience
|Guaranteed availability||Oracle works to meet a Target System Availability Level of 99.5% of the production service, for the measurement period of one calendar month, commencing at Oracle’s activation of the production environment. Oracle measures the System Availability Level by dividing the difference between the total number of minutes in the monthly measurement period and any Unplanned Downtime by the total number of minutes in the measurement period, and multiplying the result by 100 to reach a percent figure.|
|Approach to resilience||Oracle deploys the Oracle Cloud Services on resilient computing infrastructure designed to maintain service availability and continuity in the case of an incident affecting the services. Data centres retained by Oracle to host Oracle Cloud Services have component and power redundancy with backup generators in place, and Oracle may incorporate redundancy in one or more layers including network infrastructure, program servers, database servers, and/or storage. Oracle periodically makes backups of Your production data in the Oracle Cloud Services for Oracle's sole use to minimise data loss in the event of an incident. Backups are stored at the primary site used to provide the Oracle Cloud Services, and may also be stored at an alternate location for retention purposes. A backup is typically retained online or offline for a period of at least 60 days after the date that the backup is made.|
|Outage reporting||Oracle will provide You with access to a Customer notifications portal. This portal will provide metrics on the System Availability Level for Cloud Services purchased under the ordering document. For those Cloud Services for which such metrics are not available via the Customer notifications portal, Oracle will provide metrics on the System Availability Level upon receipt of a Service Request submitted by You to Oracle requesting the metrics.|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||Access to the Cloud Customer Support Portal is limited to Your designated technical contacts and other authorised users of the Cloud Services.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
|Description of management access authentication||We can also provide single sign on.|
Audit information for users
|Access to user activity audit information||You control when users can access audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||You control when users can access audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||BSI Assurance UK Ltd|
|ISO/IEC 27001 accreditation date||03/08/2016|
|What the ISO/IEC 27001 doesn’t cover||Not applicable.|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||Responsibility for our Information Security Policy lies with the Head of Information Security (HIS) and the UK Leadership Team. We deliver our security objectives through our Information Security Management System which takes account of legislation and best practice, including: Data Protection Act 1998; Sarbanes Oxley; ISO 27001 and 9001; and Computer Misuse Act 1990. We routinely identify all assets, assess the threats and risk levels and define what action needs to be taken to protect those assets. All security incidents, breaches, “near-misses” or concerns are required to be reported immediately to the HIS and Information Security Manager. In case of a breach, all critical IT systems are tied into a monitoring system which notifies IT personnel of any breach or anomaly. Our IT security and governance practices are reviewed annually by the Hitachi Ltd auditors. These reviews are cover all key systems utilising a framework based on the COBIT standards.|
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||Oracle performs changes to cloud hardware infrastructure, operating software, product software, and supporting application software to maintain operational stability, availability, security, performance of the Oracle Cloud. Oracle follows formal change management procedures to review, test, and approve changes prior to application in the production service. Changes made through include system and service maintenance activities, upgrades and updates, and customer specific changes. The change management procedures are designed to minimise service interruption during the implementation of changes. Oracle works to ensure that change management procedures are conducted during scheduled maintenance windows, while taking into consideration low traffic periods and geographical requirements.|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||Oracle Software Security Assurance (OSSA) encompasses every phase of the product development lifecycle and is Oracle's methodology for building security into the design, build, testing, and maintenance of its products. It’s goal is to ensure that Oracle's products remain as secure as possible and is a set of industry-leading standards, technologies, and practices aimed at fostering security innovations and reducing the incidence of security weaknesses in Oracle products. Key programs include Oracle's Secure Coding Standards, mandatory security training for development and the use of automated analysis and testing tools. Oracle has adopted transparent security vulnerability disclosure and remediation policies.|
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||Oracle has adopted security controls and practices that are designed to protect the confidentiality, integrity, and availability of all customer data. Oracle continually works to strengthen and improve its security controls and practices which are aligned with the ISO/IEC 27002 Code of Practice. Oracle Oracle personnel are subject to the Oracle information security practices which govern their employment. Rather than focusing on individual components, Oracle Cloud takes a holistic approach to information security, implementing a multi-layered defence security strategy where network, operating system, database, and software security practices and procedures complement one another with strong internal controls, governance, and oversight.|
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||Support Services consist of: Diagnosis of problems or issues with the Oracle Cloud Services, Reasonable commercial efforts to resolve reported and verifiable errors, Support during Change Management activities, Assistance with technical service requests 24 hours per day, 7 days a week, 24 x 7 access to a Cloud Customer Support Portal, Live Telephone Support to log service requests, Access to community forums, Non-technical Customer service assistance during normal Oracle business hours (8:00 to 17:00) local time. The severity level of a service request is selected by both you and Oracle, and is based on 4 severity levels.|
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£110000 per unit|
|Discount for educational organisations||No|
|Free trial available||No|