OneView is an organisational design and resource management solution. It enables maximum effectiveness of skilled personnel, assets and surety of compliance in complex and diverse environments. Our customers exploit it to ensure that resources are applied with maximum efficiency in the right place and at the right time.
- Manages multi-skilled workforce competencies, training requirements and qualifications
- Enables collaborative Workforce Management, Deployment, Compliance and Business Planning
- SaaS application providing scalability and flexibility with self-service capability
- Provides a single central database for global visibility
- Interfaces with leading HR and ERP solutions
- Accurate forecast of resource demand across key business areas
- Faster informed decision-making - personnel efficiencies and planning activities
- Sophisticated security levels to control user access to data
- Consistent, accurate Management Information at all times
- Effective operational cost management and changes to workforce optimisation
- Removes duplicative effort, reducing administrative costs therefore increasing profitability
- Competence management and alerts minimises risk, ensuring regulatory compliance
- Accurately generating information to vary resource demand over time
- Highlights current/future critical issues allowing timely, cost-effective remedial action
- Provides personnel and planning efficiencies through faster informed decision-making
- Sophisticated audit trail provides evidence aiding regulatory requirements compliance
- Cross-organisational collaboration – including personnel, logistics, HR, Health Safety, Security
- Eliminating paper-based manual processes – reducing administration, optimising internal resources
- Early identification of training requirements reducing time lost on projects
- Operational success through comprehensive, strategic personnel planning and optimisation
£16800 per licence per year
6 3 8 5 1 3 2 9 4 8 2 7 8 5 1
Dynama Solutions Ltd
0207 355 5463
|Software add-on or extension||Yes, but can also be used as a standalone service|
|What software services is the service an extension to||HR and logistic planning via interfaces.|
|Cloud deployment model||Private cloud|
|Service constraints||Second line support provided during normal working hours and outside public holidays. Planned maintenance for version releases, likely every 3 months. The support team requires visibility of configuration.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||There is a minimum response time of 1 working hour and a maximum response time of 4 working hours. Working hours are 9am-5.30pm except UK public holidays and weekends.|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Support levels are set out in the attached SLA. The support levels and resolution targets are:
- Severity (1) is Cloud Infrastructure service down – response 1 hour, resolution 4 hours
- Severity (2) is Cloud Infrastructure service seriously degraded – response 1 hour, resolution 8 hours
- Severity (3) is Cloud Infrastructure service impaired - response 1 business day, resolution 4 business days
- Severity (4) is Cloud Infrastructure service not affected- response 1 business day, resolution 10 business
All Resolution Times shall be measured from the time and date of the logging of the relevant Incident. In the case of an Incident reported Out of Hours, the Incident shall be measured from the start of the next period of Service Desk Support unless the incident is Severity 1, when it shall be measured from the point of first response.
|Support available to third parties||No|
Onboarding and offboarding
|Getting started||Dynama provides bespoke onsite training and online training according to customer requirements. Documentation is standard.|
|End-of-contract data extraction||Dynama will provide on request an extract of data in accordance with our standard terms and conditions and certify deletion where required using HMG approved data destruction tools.|
Within 14 days of an Agreement end, the rights and licenses granted to Customers shall terminate. Customers shall cease all use of relevant Services and return all related copies of Documentation and other Confidential Information in its possession provided by Dynama. Customers shall furnish Dynama with a certificate verifying that this has been done.
- 2.1 Services will become inoperative and the Users will be unable to access any data stored or used by the Services;
- 2.2 all rights granted to the Customer and Users under this Agreement shall cease;
- 2.3 Customers shall ensure that the Users cease all authorized activities by the Agreement.
- 2.4 Customers shall destroy or return to Dynama all copies of Documentation or Confidential Information in its possession or that of the Users and certify to Dynama that it has complied.
- 3 Where practical, Dynama shall provide the necessary tools for the Customers’ extraction of its data using the Services prior to or on termination or expiry of the Agreement. It shall be Customers’ responsibility to extract all such data.
- 4 On request by Customers, Dynama shall provide one backup copy of the Customers’ database for no additional charge.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||There is no difference to end-users between mobile devices and workstations.|
|Description of service interface||To be confirmed.|
|Accessibility standards||None or don’t know|
|Description of accessibility||
As a complex data management tool, and as such representing the required quantity of information in a fully accessible way is impractical.
The UI is designed to be simple, clear and consistent to use. It works with standard Windows accessibility tooling such as high contrast and magnifier tools.
Additionally, the UI uses alt text for images and ensures no data is represented purely through colour.
|What users can and can't do using the API||The API is for data loading and data export purposes.|
|API documentation formats|
|API sandbox or test environment||Yes|
|Independence of resources||At setup user resource requirements are determined and configured accordingly. Usage is managed though load balancing and monitoring. Hosting is on an elastic cloud basis and additional resources can be provisioned for peak loads or as required. Those users having high levels of usage may be provided with discrete servers. Additional switches can be provided at cost.|
|Service usage metrics||Yes|
|Metrics types||OneView tracks usage in terms of server metrics (CPU, disk, network) and at an application usage level via Splunk. These are monitored continuously to ensure performance and to guide application development. There is a real time register with RAG indicators showing the number of transactional items queued in the process. These items relate to individual user usage and can be aggregated on demand.|
|Reporting types||Real-time dashboards|
|Supplier type||Not a reseller|
|Staff security clearance||Conforms to BS7858:2012|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||Physical access control, complying with SSAE-16 / ISAE 3402|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||Using standard Microsoft Office tools.|
|Data export formats||Other|
|Other data export formats||
|Data import formats||CSV|
|Data protection between buyer and supplier networks||Private network or public sector network|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
|Guaranteed availability||The planned service availability is 99.8% availability, which equates to 87 minutes downtime per month. This is the total availability of Cloud Services measured on the successful response of virtual servers, which is continually measured over each month. If the service is unavailable through Force Majeure in excess of two months the customer may terminate the agreement.|
|Approach to resilience||Datacentre resilience is available on request.|
|Outage reporting||In the event of an outage or failure of the service, Dynama will endeavour to provide the Customer advance notification if possible and be managed in such a way as to have minimum impact on the Customer's operations via email.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||
Access to the Cloud is controlled by means of individual user log-ins and Passwords through Infrastructure Manager/ Operations Administrators.
Access to client and Operations software is controlled by log-in and Password, given only to users needing to work on respective packages; their level of access is controlled by permissions in log-in identities.
Managers limit user rights to those necessary for efficient working. All systems are monitored, recording log-in attempts, failures, successful log-ins and changes.
Remote access to the Cloud is addressed in the Remote Access and Mobile Computing Policy. No third party has any access rights to the Organisation's networks.
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||DNV GL Business Assurance Ltd|
|ISO/IEC 27001 accreditation date||19/11/2016|
|What the ISO/IEC 27001 doesn’t cover||Head Office, Richmond|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||
The company executes security procedure under direction of the Board Level Security Contact: CEO with the following appointments:
- Chief Information Officer
- Company IT Installation Security Officer: Infrastructure Manager
- Company Security Controller & Company Clearance Contact
- Access Controller: Office Coordinator
The company has a published Policy and Procedures. Security warnings and updates are provided at log on and off. Security training is provided as part of induction training with updates notified by email to all staff when they occur. Company security manuals include:
- Company Security Policy
- Company Security Instructions
- Risk Management and Accreditation Document Set
- Employee Handbook.
- Disaster Recovery Plan (DRP).
- Information Security Management System (ISMS)
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||New items are subject to penetration testing.|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||Threat to Dynama's services are assessed and responded to in accordance with ISO27001 and PCI accreditations. In the event of the discovery of a vulnerability Change Advisory Board may execute an unscheduled change to remediate the situation. Every change to the Dynama Cloud Infrastructure, including operating systems, computer hardware, networks, and applications, is subject to the Change Management Policy and follows Change Management Procedures. Patches can be deployed in less than 24 hours. Information from potential threats is derived from open source material and the National Security Secretariat on cyber security.|
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||Antivirus and malware protection is in place on all systems. Dual layers of firewalls secure the network layer from intrusion and provide a basic form of IDS in accordance with Cloud ISMS Policy, Antivirus Protection. Automated alerts are in place for Antivirus alerts. Daily reports show updates process.|
|Incident management type||Supplier-defined controls|
|Incident management approach||
Dynama has a defined process for incident management set out in Cloud information Security Policy. This sets out a hierarchy of responsible persons and action to be taken. The Software’s Data Controller’s notification registration number is available on the public register of data protection notifications at www.ico.gov.uk.
Incident reports and action are provided by telephone, email. Thereafter action approving the procedure should be received in writing or approved verbally and confirmed in writing during the incident follow-up.
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£16800 per licence per year|
|Discount for educational organisations||No|
|Free trial available||No|