BoardEffect

BoardEffect

BoardEffect drives efficiency, effectiveness and engagement among board directors, executives and administrators.

More than 2,500 leading organisations and over 180,000 users rely on BoardEffect which allows truly easy management of board information, while also enabling board directors to fulfill their responsibilities of elevating organisational performance.

Features

  • Device Agnostic - annotate documents which sync across platforms
  • Intuitive, easy to use with the same interface across platforms
  • Survey & Poll functionality
  • Additional library to store additional content
  • Easily create, manage users and permissions
  • Approvals (with Signature)
  • Scheduling
  • Task management
  • Archives
  • Integration with Single Sign On and API

Benefits

  • One place to manage all board governance activities
  • Easy, secure access to all relevant board information
  • Quickly create and securely disseminate meeting content
  • Collaborate securely on the go
  • Effortlessly on board new users
  • 24 x 7 365 support
  • Breakdown barriers with other solutions through the API
  • Additional module for digital minutes and action management
  • Additional module for secure messaging

Pricing

£375 per user per year

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

6 8 2 8 2 1 6 9 3 3 6 9 7 9 7

Contact

BoardEffect

Sales

0207 1474580

Sales-UKIA-BE@boardeffect.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
The server and network system (BoardEffect Platform and Website) will be available for a minimum of 99.7% on a calendar quarterly basis, provided that unavailability shall not be deemed to have occurred from service interruptions due to regularly scheduled maintenance, emergency maintenance the BoardEffect determines is reasonably necessary, or a force majeure event.
System requirements
Not applicable.

User support

Email or online ticketing support
Email or online ticketing
Support response times
The BoardEffect platform is supported by phone, email and online ticketing. This support is also supplemented by our knowledge base which gives access to videos, guides and FAQ's which is accessible through the web browser and mobile applications.

Support response times are dependent on severity class -

All Severity 1 requests will be responded to within 30 minutes
All Severity 2 requests will be responded to within 2 hours
All Severity 3/4 email and phone inquiries will be responded to within 1 business day of reporting
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Support (24x7 365), maintenance and upgrades are included in the annual subscription fee. There is a one off deployment fee for set up and all training which is delivered remotely.

If a client requires onsite support during the deployment for training there will be a charge of £1,000 per day plus expenses.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
BoardEffect’s approach to training and onboarding is to provide a comprehensive review of the client’s current governance workflow processes, and then align the training for administrators and board members around the best practices for using the BoardEffect platform to support the organization’s goals.
Dedicated implementation specialists will work with the Client to provide individual assistance with organizing and uploading documents and data as well as consultation on the development of a portal roll-out & training plan for the board.
Ongoing training and support is available in the form of regular webinars, online user guides, tips/tricks, videos, community forums, and contextual in-line help.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Clients of BoardEffect are able to download content from the platform.
End-of-contract process
BoardEffect provides clients with subscription-based access to its software and associated services, including: securely hosting the clients’ data, customer service, and support for the application. We are committed to the ongoing operation, support, maintenance, improvement, and enhancement of our board portal solution. Our processes include identifying and constantly recommending new enhancements and changes to the system. Our customers are always looking for more features and benefits – we are in a continuous cycle of improvements.

Included within contract:
- Unlimited Storage
- Unlimited Product Upgrades
- Unlimited 24x7x365 Support

Additional cost:
BoardEffect works in a modular fashion, enabling organisations to add on supporting modules as and when they require. This modules are continuously evolving and currently the list of modules
- Minutes & Actions Management
- Messenger

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
BoardEffect offers a consistent look and feel for users that are accessing through a web browser or through our mobile applications for iOS, Android & Kindle.
Service interface
Yes
Description of service interface
The service is accessed through a web browser of through our mobile applications for iOS, Android and Kindle
Accessibility standards
None or don’t know
Description of accessibility
BoardEffect supports accessibility features and we would be pleased to provide a completed Voluntary Product Accessibility Template® (VPAT™) to demonstrate this point.
Accessibility testing
BoardEffect does not currently adopt this as part of our testing process
API
Yes
What users can and can't do using the API
We focus relentlessly on being the best board portal in the world, but also on enabling easy integration of BoardEffect with any solution that supports the work that is critical to your business..

This is accomplished through the BoardEffect Integration Panel. The easy-to-configure, flexible integration framework comes standard with the BoardEffect platform and gives you unparalleled control over integrations with other software solutions. Through the Integration Panel, you’ll be able to:

• Enable Single Sign-On (SSO) with other applications or solutions
providers

• Connect applications you already use to BoardEffect through
flexible, documented web services and API’s • Take advantage of
prepackaged integrations with numerous popular applications
API documentation
Yes
API documentation formats
PDF
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
One of the guiding principles of BoardEffect is giving Control to our clients. Through the Settings interface Top level administrators for the solution are able to

- customise the look and feel of the platform, including uploading logos

- Create/manage unlimited committees (workrooms) and the functionality available to each group

- Customise security settings (such as passwords, mobile access, on/off line access for content and much more)

- Create customised fields for reporting

- And so much more.....

Scaling

Independence of resources
BoardEffects’ Software as a Service (SaaS) architecture allows us to scale up (i.e., adding more powerful servers/ storage/network devices) and scale out (i.e., adding more servers/storage/ network devices to the system).

BoardEffects' environment is monitored using commercial monitoring tools as well as internally developed tools to continuously monitor resource usage and application performance.

Our infrastructure is well positioned for growth and we are confident that we can easily accommodate our clients’ needs

Analytics

Service usage metrics
Yes
Metrics types
Through the settings interface, Administrators are able to access login activity, device login information, Up time reports and user activity reports are available through the support team
Reporting types
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Content on the BoardEffect platform may be downloaded/exported in PDF format (and Excel for reports and survey results). It is important to note that administrators have the option to control whether or not meeting books can be printed or downloaded outside the BoardEffect platform. These options can be controlled on a user, group or document level.
Data export formats
  • CSV
  • Other
Other data export formats
PDF
Data import formats
  • CSV
  • Other
Other data import formats
  • PDF
  • XLS
  • PPTX
  • Docx
  • Gif
  • Mp3/mp4
  • Jpeg
  • Png
  • Ics
  • Full list of file types available on request

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
The server and network system (BoardEffect platform and website) will be available for a minimum of 99.7% on a calendar quarterly basis, provided that a service interruption during regularly scheduled maintenance shall not be deemed unavailability.

If guaranteed levels of service are not met then service credits will be used to compensate. Service credit means the following -

Annual Up-time Percentage Days of Service added to the end of the
service term, at no charge

95% - 99.9% 15 days

90% - 94.9% 45 days

<89.9% 90 days

Licensee Must Request Service Credit. In order to receive any of the Service Credits described above, Licensee must notify BoardEffect within thirty days from the time Licensee becomes eligible to receive a Service Credit. Failure to comply with this requirement will forfeit Licensee’s right to receive a Service Credit.
Approach to resilience
Available on request
Outage reporting
Email alerts

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Access, both logical and physical, to critical assets and the authorizations on those assets have to be requested by the employee's line manager, reviewed and approved by security group and implemented by MIS/ProdOps (as appropriate).​ All access is provided with consideration for least privilege and separation of duty. Privileged access changes are tracked and approved in accordance with the change management process. Changes in access permissions due to reassignment follow the above “Change in Position” process.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Schellman & Company
ISO/IEC 27001 accreditation date
30/07/2019
What the ISO/IEC 27001 doesn’t cover
The scope of the of the ISO/IEC 27001:2013 certification is limited to the information security management system (ISMS) supporting the Diligent Corporation Platform System to its customers, and prevailing managed information technology services best practices including people, processes, and facilities for Diligent Boards Services, BoardEffect Services, Board Level Consulting Services, Concierge-level Training and Support Services, and Electronic Hosting Services business units, and in accordance with the Statement of Applicability, version 1.7 dated May 15, 2019.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • Currently undertaking the ISO27001 certification
  • Type 2 SOC 1 & SOC 2
  • Data Centers are UK Tier 3 Level, ISO27001 certified

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
BoardEffect is hosted in Tier 3 level, UK based, ISO27001 accredited data centers and is Type 2 SOC 1 & SOC 2 .

BoardEffect is currently undergoing its ISO27001 accreditation.
Information security policies and processes
Security process descriptions and incident management policies are available upon request.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Processes are assured by independent validation. Further details available upon request.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Processes are assured by independent validation. Further details available upon request.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Processes are assured by independent validation. Further details available upon request.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Processes are assured by independent validation. Further details available upon request.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£375 per user per year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
A two week free trial is available (up to 5 users) a mutual non disclosure agreement would be required.

Service documents

Return to top ↑