Axios Systems Plc

assyst (SaaS) ITSM/ITIL aligned service desk software solution

A cloud-based ITSM solution built on an integrated CMDB. Only SaaS enterprise solution to be Pink Verify accredited for all 16 ITIL processes in the world. Highly configurable enterprise service management evaluated champions by analysts Infotech. Codeless GUI, robust integrations and unparalleled success record in UK public sector.

Features

  • Management of ITSM events eg Incidents, Problems, Changes and Requests
  • IT asset and Financial management including life-cycle management of CI's
  • Self-service FAQ's ,ITSM Knowledge Management, Social Collaboration and Gamification
  • Service-Catalogue allowing users to request services directly via self-service portal
  • Service-Level Management including Internal, Operational and Underpinning Contracts
  • Secure Mobile access from any device for all users
  • Integrated ITAM reporting, Dashboards and Monitors all configurable by Role
  • Drag & drop graphical workflow engine to enusre ITIL Compliance
  • Complete configuration of all forms using a GUI
  • Graphical representation of relationships of CI's, assets, services and users

Benefits

  • Rapid time to value with increased ROI and reduced TCO
  • Simple configuration/administration means low over-heads
  • Non-modular, all ITIL principles within a single license
  • All data located in a single, integrated database, the CMDB
  • Award winning ITSM Service-Catalogue reduces service-desk calls
  • True mobility, cross-browser any device
  • Self-Service breaks down barriers between teams and customers
  • 28 years experience with a 100% project delivery record
  • Social Collaboration utilises subject matter experts within business users
  • Allows IT to deliver ITSM, SIAM across any business function

Pricing

£40 to £40 per licence per month

Service documents

G-Cloud 10

594062772940023

Axios Systems Plc

UK Sales

0131 220 4748

newuksales@axiossystems.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints Not Applicable
System requirements IE 8, Firefox 9 and above

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Response times start from 30 minutes. The standard support offering is 0800-1800, Monday to Friday. This can be extended to 24x5 or 24x7 at additional cost.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.0 A
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.0 A
Web chat accessibility testing The Self-Service Portal conforms to the W3C WCAG 2.0, Level A. This ensures that the application is still usable by people with varying degrees of disability, ranging from colour blindness or poor dexterity, to being completely blind. A pre-requisite for providing an accessible application is for it to be fully keyboard navigable, enabling use without a mouse. This is also a pre-requisite for Assistive Technologies, such as Screen Readers, which again must navigate the application using key strokes.
Onsite support Onsite support
Support levels The standard support offering is 0800-1800, Monday to Friday. This can be extended to 24x5 or 24x7 at additional cost. Additionally, each customer is assigned an Account Manager who works with them through the duration of the contract.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started The Axios philosophy is to mentor the assyst administration team before and throughout the implementation so that they are familiar with, not only how the system was configured, but will be completely self-sufficient once the system has gone live. Axios also provide classroom based assyst administrative training to all customers. The Train the Trainer course is designed to enable key assyst users to cascade training that will enable staff within their own organisation to get started with assyst. assyst comes with a wide range of ongoing in-house training materials:- - assyst itself comes with product help guides that connects to an assystWIKI (with context sensitive help), - assyst provides the ability to create bespoke Tutorials for the Service Desk and other Support Groups that can be displayed on a user’s Home Page. These Tutorials would be tailored to your Processes, - Axios maintain an up-to-date assystWIKI page for all customers as well as providing basic user support via our Service Centre. - Alternatively refresher training courses can also be provided so that customers are completely self-sufficient in the maintenance of their assyst solution.
Service documentation Yes
Documentation formats Other
Other documentation formats AssystWiki
End-of-contract data extraction At the end of the contract, Axios will provide the data in any format required to migrate to another system.
End-of-contract process We respect the importance of our clients’ data. As a result, we view the content of your assyst database as your property (minus the assyst license details). If termination of relationship should occur a copy of your data will be held for up to six months. At the end of that period, your data will be expunged from our systems and backups. If you would like this expunging to occur sooner you simply need to request and we will be happy to comply.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The mobile interfaces are designed specifically for smaller devices such as phones and tablets. Administrative functions are not accessible in the mobile interfaces.
Accessibility standards WCAG 2.0 A
Accessibility testing Assyst conforms to the W3C WCAG 2.0, Level A. This ensures that the application is still usable by people with varying degrees of disability, ranging from color blindness or poor dexterity, to being completely blind. A pre-requisite for providing an accessible application is for it to be fully keyboard navigable, enabling use without a mouse. This is also a pre-requisite for Assistive Technologies, such as Screen Readers, which again must navigate the application using key strokes
API Yes
What users can and can't do using the API Assyst has an open JAVA API and several tools to allow for easy integration to other interfaces. assyst, its utilities, and its schema are fully documented so customers can create their own integrations and extensions if they choose. Several of the utilities also come with sample test files to help aide deployment and our Axios Global Services Consultants can be made available if needed and charged on a per day basis.
API documentation Yes
API documentation formats Other
API sandbox or test environment Yes
Customisation available No

Scaling

Scaling
Independence of resources Assyst’s technology foundation is designed to meet enterprise-level application performance needs, even in the largest organizations with many thousands of users. The load-balanced application server environment and multithreaded server capability enables distribution of transaction workload intelligently and automatically across multiple server threads.

This maximizes the throughput, scalability and performance of the application to accommodate the evolution and expansion of business requirements. The same multithreaded capability can be configured such that server and database threads scale up and down dynamically to accommodate fluctuations with transaction volumes.

Analytics

Analytics
Service usage metrics Yes
Metrics types 200+ out of the box reports and Dashboards. Option to configure reports and dashboards. Ability to export report as excel or PDF. Ability to schedule reports. Ability to e-mail the report (one off and scheduled). Ability to drill down on charts.
Reporting types
  • Real-time dashboards
  • Regular reports

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Reports and queries can be exported to CSV, XLS, XML or PDF. assyst’s Open Database Connectivity (ODBC) allows a range of 3rd Party reporting tools to extract data from the assyst database including Business Objects and SAP BI.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • XLS
  • PDF
  • HTML
Data import formats
  • CSV
  • Other
Other data import formats
  • XLS
  • XML

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability 99.98%
Approach to resilience Axios provides a highly resilient, high availability architecture to customers with the hosted assyst solution. This is also replicated down through the datacenter with for example: multiple ISP connections and redundant power capable of uninterrupted supply. The datacentre provides Axios and our customers with more than just a hosting infrastructure. Their secure and highly available networks allows us to guarantee the highest SLA in the industry (99.98%) as well as meet regulatory compliance guidelines around the world. To ensure high availability of the service, CenturyLink ensures:- • The only bandwidth that is used is high performance bandwidth, which usually isn't the case with cheaper hosting providers. • To provide multiple redundancies in the flow of information to and from our data centers, we partner with nine network providers. • Backup generators and electrical controls at each data centre capable of 30 hours operation, • N+1 Application Servers providing additional redundancy.
Outage reporting Axios provide its customers with an award winning Edinburgh-based Service Centre. The Centre is a 24x7 operation supporting all our multi lingual customers around the world. Outages are escalated and communicated through the Axios Incident Management process which includes email alerts and reporting.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels The technical measures taken to restrict access to electronic systems are governed by the concept of segregation of duty. The primary mechanisms used to enforce segregation of duties are the physical and logical access controls in place to control access to the company’s and/or its customers’ data and assets. Physical access restrictions for employees are enforced with the use of proximity access cards, and biometric access devices. Logical access to core networking equipment and customer resources requires password access and is granted only to those employees in roles that require such access.
Access restriction testing frequency At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 BrightLine
ISO/IEC 27001 accreditation date 21/06/2016
What the ISO/IEC 27001 doesn’t cover Included in the certification is the management of information security in the design, implementation and support of hosting solutions at our United State of America Data Centres (DFW1, DFW2, DFW3, IAD2, IAD2, IAD3 and ORD1), United Kingdom Data Centres (LON1, LN3 and LON5).
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • ISAE 3402 Type II – SOC3 reporting
  • ISAE 3402 Type II – SOC1 & SOC2 reporting
  • PCI Data Security Standard
  • ISO/IEC 27001:2005
  • ISO/IEC 9001:2008
  • ISO 14001:2004 (Environmental Management)
  • BS OHSAS 18001:2007 (Occupational Health & Safety)

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards ISAE 3402 Type II Service Organisation Control – SOC3 reporting ISAE 3402 Type II Service Organisation Control – SOC1 & SOC2 reporting PCI Data Security Standard ISO/IEC 27001:2005 ISO/IEC 9001:2008 ISO 14001:2004 (Environmental Management) and BS OHSAS 18001:2007 (Occupational Health & Safety)
Information security policies and processes The following list represents the security policies that currently make up the Hosting and Security Policies and a brief description of what they cover: • Personnel Security - outlines security requirements associated with the Hosting workforce. • Physical Access - defines requirements for physical security controls and processes. • Asset Controls - outlines expectations that establish control for physical assets within the company. • Information Sensitivity - defines the categories of information that support CenturyLink business and controls to protect them. • Business Continuity - defines the corporate approach to ensuring that the CenturyLink customer support infrastructure is always available. • Acceptable Use - establishes requirements and prohibitions for the appropriate use of CenturyLink’s services by customers. • Security Awareness and Training – establishes requirements for a corporate security-training program for the CenturyLink workforce. • Protection against malicious code and viruses – defines Anti-virus solution requirements

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Third party access is strictly limited to defined security / access levels and any change of those requires previous approval. All devices are continuously monitored and maintained under change control and reviewed annually and also as a result of major infrastructure changes. We fulfil risk assessment at minimum annually for general services and undergo risk assessments before changes are implemented. There is a defined process and policy to inform customers on changes made to our security and/or privacy policies.
Vulnerability management type Supplier-defined controls
Vulnerability management approach The Security and Internal Audit departments undertake regular compliance checking activities including formal scheduled audits, spot checks and risk assessments. However, these activities are considered confidential, and unfortunately cannot be shared with external parties. We perform bi-annual penetration tests with an external consulting organization. We assess the front-end application through the network layer as well as the operating system and application builds. Vulnerabilities from both penetration tests and security incidents are assessed for impact, likelihood, and seriousness and this drives the priority of fixes.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Intrusion Detection (IDS), Prevention (IPS) Systems and anti-DDoS are provided by best-in-class Juniper hardware as standard. Alerts are monitored and logged by the hosting provider and escalated accordingly. Escalation paths will be agreed with the customer at contract stage. Axios does not mine or monitor the internal content of the customer's databases.
Incident management type Supplier-defined controls
Incident management approach Axios Systems must have a 24x7-response plan for the management of information security incidents. The reporting of an incident will normally trigger the management process. In nearly all cases this will be initiated by the completion of a Security Incident Report Form, as documented in the Security Incident Reporting section of Acceptable Use and Guidance document.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £40 to £40 per licence per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Axios offers a free SaaS trial environment of assyst. The time period can be extended by the user as desired.
Link to free trial http://forms.axiossystems.com/free-trial?utm_source=axiossystems.com&utm_medium=referral&utm_content=red-header-button&utm_campaign=saas-trial

Documents

Documents
Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑