ActiveOps Workware: Physical and Digital Operations Management, Optimisation and Reporting Suite
Underpinning leading financial and government organisations, BPOs and Shared Services globally, Workware is a cloud-based SaaS application, driving optimised performance in any physical/digital operations environment. Alongside BPM/workflow/digital platforms and supporting change/improvement initiatives, Workware provides visual, real-time productivity/utilisation data for people and robotic resource, enabling exceptional planning, efficiency and control.
- Real-time performance, volume, productivity, utilisation data at any business/individual level
- Visual dashboards/reporting of usage and efficiency of people/digital resource
- Sophisticated forecasting, capacity planning, resource, skill and load balancing
- Trend, business event or change impact analysis and predictions
- Targeted analytics, diagnostic and behavioural rigour reporting suite
- End-to-end process cost, effort, value, Lean, Continuous Improvement analytics
- Supporting methodology, coaching, behavioural change, management consultancy and best practice
- Operational deployment/benchmarking within two weeks, results within one month
- Role-based permissions and remote accessibility, mobile/tablet functions
- Up to 100% platform availability and 24/7 support
- Sustainable 15-25%+ productivity and throughput improvement achieved within months
- Easy identification/release of latent capacity for reinvestment, growth, cost-efficiency
- Exceptional control over Service performance, staff engagement, overtime and failure-reduction
- Behaviour transformation, knowledge/skills sharing, collaboration, visibility, consistency, control
- Support digital transformation, Lean, Six Sigma, Continuous Improvement initiatives (LCS-accredited)
- Identify RPA/BPM opportunity, internal/external failure demand, non-value-add activity, cost drains
- Enabling data-backed decisions about balancing, recruitment, skilling, overtime, diverted activity
- Single management view of work/capacity and people/robots independent of systems/complexity
- Complimenting, enabling, measuring change in BPM, workflow, robotic, manual processes
- IT-light, cloud-based solution, with typical ROI within 6-12 months
£91 to £644 per licence per year
- Free trial available
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Service constraints||Planned scheduled monthly maintenance cycle completed out of hours less than 30 mins monthly).|
|System requirements||Browser: IE11, Edge, Chrome or Firefox supported|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Incident and issues response and resolution times defined based on severity: P1- Major Impact – Acknowledge in 1 hour, Workaround 12 hours; P2 - High Impact – Acknowledge in 1 hour, Workaround 48 hours; P3- Medium Impact – Acknowledge in 24-hour, Workaround Reasonable and agreed; P4- Low Impact – Acknowledge in 48-hour, Workaround Reasonable and agreed. Helpdesk availability is 08:00 - 18:00 GMT (Monday to Friday) excluding UK national holidays. ActiveOps operates a 24x7x365 out-of-hours support for P1 and P2 incidents. Clients can reach a member of the Customer Services Team by calling the client’s nominated support centre phone number.|
|User can manage status and priority of support tickets||No|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||No|
|Onsite support||Onsite support|
ActiveOps customers have access to a 24/7 telephone support line with an on-call engineer for critical breakages and severe impact issues only.
For all service issues a telephone, email and ticket support desk operates within standard hours of Monday to Friday 08:00-18:00. The support desk should also be used for severe and critical issues during these standard hours.
The support levels/mechanisms described above are included in the standard pricing, and not at an extra cost.
Account management is provided by a dedicated point of contact per customer, who will liaise with technical, financial or other contacts internally as needed. In addition, the technical support management team is available to all customers for escalation where needed.
|Support available to third parties||Yes|
Onboarding and offboarding
We provide onsite training, online training and user documentation. We also offer off site training.
Fast deployment of Workware software is supported by a programme of coaching, on-the-job skills training and embedding of best practices. This includes usage of the software for all roles, interpretation and use of the data and reporting, and operational forecasting, planning and rigour coaching.
On-site operational coaches will work with team management, operational and senior management and floor staff to ensure maximum value is achieved.
Optional additional certification for members of staff as champions or practitioners of Active Operations Management methodology is offered.
|End-of-contract data extraction||We will provide extracts of data in a mutually agreed format at the time.|
|End-of-contract process||Reasonable assistance with data extraction.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Specific performance reports and dashboards are available for managers to monitor remotely via a mobile device (i.e. smartphone), allowing visibility when needed for travelling stakeholders. Data entry (using RTM) is available to users. Full Workware functionality is available on tablet screen size or higher.|
|What users can and can't do using the API||
API referred to as "Connect", accepts feeds of activity data for existing users to enable the input of work items / data from external systems.
User creation and other associated user changes can be carried out by automated "robots".
|API documentation formats||HTML|
|API sandbox or test environment||Yes|
|Description of customisation||
Organisation structure, hierarchy, teams, processes, tasks and timings are customisable, to allow for the nuances and complexities of individual environments and services.
ActiveOps will work with the buyer organisation to set up these specifics for their environment at the start of deployment, with authorised managers or administrators being trained to be able to add, delete or change tasks, processes and structures as necessary going forward.
All dashboards, reports and functions are available out-of-the-box and are automatically plugged in with the customised data structure at the start. Any changes to tasks, teams or business structure are automatically fed through into reports and dashboards, with no requirement to reconfigure or rebuild.
Individual users are also able to customise their application interface for usability preference on an ongoing basis, for example to see items/tasks they use most first, or to hide what they do not need to use.
|Independence of resources||Performance is monitored constantly and capacity planned and reviewed as necessary. Infrastructure is segregated by client where contractually mandated or where we deem it appropriate for performance reasons, otherwise by region with load actively managed to ensure no adverse impacts.|
|Service usage metrics||Yes|
|Metrics types||Metrics provided by account management team on request, including usage statistics (number of users, number of tasks logged, average tasks per user), performance (average page response time), incidents (number, severity, time to respond and time to resolution) and per-customer comparisons of outcomes against industry norms.|
|Reporting types||Reports on request|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||In areas of the software where user export would be relevant, we provide the ability to export data to CSV/Excel format from within the application.|
|Data export formats||
|Other data export formats||Excel (XLS/XLSX)|
|Data import formats||
|Other data import formats||Excel (XLS/XLSX)|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||
Availability and resilience
Event: Fail-over incident declared in Primary Data Centre.
Recover service in Primary Data Centre – Service Availability Target = 99.8%, RTO = 4 Hours, RPO < 1 minute
Event: Disaster Recovery declared in Primary Data Centre.
Recover service in Secondary Data Centre RTO = 12 hours, RPO < 15 minutes
|Approach to resilience||
Application hosted on load-balanced web servers and SQL Always-On clusters, on Windows Azure in independent fault and update domains which provide redundant hardware and fault-tolerance with redundant power, connectivity and cooling.
Further details available on request.
|Outage reporting||Alerts by email, with telephone follow-up for severe outages.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||
Management interfaces within the application are rights-controlled within the application itself, anditself and secured by username & password.
Support channels are available for all application users to access; the support team will route any ticket which requires the disclosure of data or extension of privileges to appropriate client contacts for authorisation.
Management access by our staff is via VPN and secured by 2FA, and actions are audited.
Note that our application does not hold any data which would be considered sensitive or confidential.
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||Between 6 months and 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||DAS Certification (part of SN Registrars (Holdings) Ltd|
|ISO/IEC 27001 accreditation date||13/07/2018|
|What the ISO/IEC 27001 doesn’t cover||Nothing relevant to the service provision.|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||
Regular internal audits coordinated by and reporting to our Chief Security Officer, who in turn reports to Chief Technology Officer, who sits on exec board.
External audits to ISO/IEC27001:2013 as required by standard.
Development processes are aligned to OWASP guidelines, regular training to all staff on GDPR, InfoSec and other content appropriate to role.
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||Production system changes require a change requests must be risk assessed and approved by the Change Advisory Board (CAB) and must successfully exit the UAT test process. Production software will have completed a normal development and packaging release cycle, be independently installed and tested in a User Acceptance Test (UAT) environment (which is based on a production environment configuration) and finally deployed to Production where it's first customer is ActiveOps. Microsoft Windows Operating system patching follows a similar UAT testing process prior to deployment on the Production systems. Product lifecycle management operates for all software components. ISO27001:2013 controls (A12/A14/A15).|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||ActiveOps use Dark Trace for real time monitoring, detection and response to events. The Microsoft Azure Global Service platform provides monitoring and protection against known attacks, including against the virtual infrastructure. Critical/high impact Microsoft patches deployed once they are released. Threat information provided by Microsoft (ActiveOps is a Microsoft Gold Partner), Sophos (anti-virus/malware solution) and other resources monitored. Site24x7 used to monitor and detect capacity issues in real time.|
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||ActiveOps use Dark Trace for real time monitoring, detection and response to events. Firewall logs, Windows Server Security log, Windows Server Application logs, IIS logs, Workware logs, Dark Trace logs are monitored. The Microsoft Azure Global Service platform provides monitoring and protection against known attacks, including against the virtual infrastructure. Incident severity levels (P1 – P4), response times for workarounds and fix are defined as well as escalation procedures. Responses follow the defined incident management process. Staff available 24x7 to respond to critical/high impact incidents.|
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||Incident severity levels (P1 – P4), response times for workarounds and fix are defined as well as escalation procedures. Customers report incidents using email, phone or ticket portal. Incidents are tracked using a ticket management system with SLA structured against incident severity level. Escalations procedures where service levels are breached include informing customer’s nominated responsible person or team. Incident reports provided via email and ticket based on incident severity to agreed SLAs. Operational security controls are aligned with the ISO27001:2013 framework. ISMS governance managed by senior management team including monitoring, measuring, management of actions and contact point for breaches/escalations.|
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£91 to £644 per licence per year|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||For larger organisations, ActiveOps may, at its discretion, offer reduced-price trial access to Workware, for an agreed limited period, to a targeted subset of users. ActiveOps will work with the buyer to define the trial scope, measures and success criteria prior to deployment.|