Infosys Limited

ITService Management Solution and Tool implementation for Cloud Management

The Service is for IT Service Management - End to end management of IT services,infrastructure through single cloud based platform. ServiceNow IT Service Management (ITSM) helps in consolidate fragmented tools, legacy systems while automating service management processes. Simple to configure, fast to deploy, can be scaled per the business requirement.

Features

  • IT governance, rick & compliance
  • Demand management
  • Application Integration
  • Real time reporting
  • Self Service Portal
  • Performance Reporting
  • Notification & Alerts
  • User Friendly Interface
  • Knowledge Base
  • Data import/Export

Benefits

  • Reduced maintenance requirement
  • Improved Scalability
  • Single System of record
  • Improved Transparency
  • Automation of Manual efforts
  • Single tool across business services
  • Better productivity
  • User Friendly Interface
  • Easy Access
  • Reduced Cost

Pricing

£275 per person per day

  • Free trial available

Service documents

G-Cloud 10

693272985688505

Infosys Limited

David Burgess

+44 7985663029

ukps@infosys.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Generally, ServiceNow covers almost all the areas in Service Management. But, we would like to understand the full requirements/landscape before confirming the same
System requirements
  • No, The service comes as "Software as a Service"
  • Where the software hosting is done by the vendor

User support

User support
Email or online ticketing support Email or online ticketing
Support response times The incidents/Service Requests are responded based on the priority of the request. Usually there are 4 priorities P1, P2 , P3 & P4. P1 being the highest priority. The respond time to each of the priority requests are discussed and documented as per the requirements and them made part of the Service Agreement.

Yes. User can manage the status and priority of the support ticket. however there are guidelines for managing the status and priority.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support Web chat
Web chat support availability 24 hours, 7 days a week
Web chat support accessibility standard None or don’t know
How the web chat support is accessible ServiceNow does support the web chat functionality and it comes out of the box. Users can get web chat support anytime based on the support hours agreement.
Web chat accessibility testing ServiceNow does support the web chat functionality and it comes out of the box. Users can get web chat support anytime based on the support hours agreement.
Onsite support No
Support levels ServiceNow support at Infosys mainly covers the Level 2 support where the incidents/requests are routed through Service Desk. The overall cost would be included in the overall deal level commercials but it mainly depends on the volume of tickets, user base and geography coverage.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Types of Trainings:

1. End Users/ Approver Training: Training for end users who would use ServiceNow tool for creating tickets, approving requests and checking status of their requests
2. Fulfiller Training: Training for end users who would work on fulfillment of services created for their groups. E.g. Service Desk teams. This includes super users as well within different groups
3. ServiceNow Admin Training: Technical ServiceNow training to users to enable them to perform admin activities, add catalog items and process templates, maintain foundation data and platform
4. Advanced ServiceNow training: Technical ServiceNow training for design and development of ServiceNow enhancements

Training Delivery Modes:

1. Classroom Training: In-person training for the users. Typically used for hands-on / technical trainings which involves simulation and use cases
2. Remote Training: Training via WebEx or other specific technologies
3. Open-Houses / Broadcast sessions: Sessions with large number of users. Usually used for functionalities overview (not to be used when collaborative discussions are required)
4. Train the Trainer: Training a set of super-users who further trains their teams
5. e-Learning: Online training content using multi-media techniques (online content and videos)
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Throughout the lifetime of subscription, data can be directly exported from the ServiceNow instance. This can be via the user interface, through integrations, or by using other ServiceNow components. We return all your data in an SQL dump format at the end of a contract. All hosted backed up data is automatically deleted and overwritten 45 days from the end of a contract.
End-of-contract process This information will be covered at the deal level contract

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Yes. ServiceNow can work on both desktop and mobile.
Accessibility standards None or don’t know
Description of accessibility ServiceNow is a Software-as-a-Service(SaaS) tool accessed through the Internet
Accessibility testing ServiceNow is a Software-as-a-Service(SaaS) tool accessed through the Internet
API Yes
What users can and can't do using the API Yes, ServiceNow does have an API. Through this API the buyers can integrate ServiceNow with any 3rd party application if the API is supported.
API documentation Yes
API documentation formats PDF
API sandbox or test environment No
Customisation available Yes
Description of customisation ServiceNow comes with loads of functionalities and features out of the box. However the buyer can customize ServiceNow based on the requirements.

Scaling

Scaling
Independence of resources A dedicated instance is provided to individual customer, which has no interference with any other instance.

Analytics

Analytics
Service usage metrics Yes
Metrics types Yes
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Form Export :An individual record from user interface. Choose PDF/XML format directly from form.
List export: Multiple records from user interface. Choose CSV, Excel, PDF, or XML format directly from list.
URL export: Multiple records from table using the CSV, Excel, PDF, or XML processor.
Web services: Multiple records from a table when external client makes a web services request. Create an external application or process to automate the retrieval of data from an instance via web services such as REST or SOAP.
Export sets: Create a file called an export set having all the data to export.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats The user can import in CSV, Excel or XML format.
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats The user can import : CSV, Excel or XML format.

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Other
Other protection between networks As a customer, browser-based sessions to your ServiceNow cloud instance(s) are encrypted over the internet via Transport Layer Security (TLS) using AES‑128 or AES‑256 block ciphers. These ciphers are subject to the browser versions in use and may be influenced by customer's Internet proxy infrastructure. one can also force specific cipher suites via your own browser or proxy if desired. All end-user access to a ServiceNow instance is always automatically redirected to HTTPS if attempted
over HTTP.
Data protection within supplier network Other
Other protection within supplier network He ServiceNow Nonstop Cloud was designed to support the availability and scalability requirements of Global 2000 enterprises. We operate eight data center pairs for a total of 16 data centers across 4 regions to meet our customers’ location and data sovereignty needs. Each data center pair operates in an active-active mode
providing highly performant and available instances for our customers. Our data centers span five continents: Asia, Australia, Europe, North America, and South America.

Availability and resilience

Availability and resilience
Guaranteed availability He ServiceNow Nonstop Cloud was designed to support the availability and scalability requirements of Global 2000 enterprises. We operate eight data center pairs for a total of 16 data centers across 4 regions to meet our customers’ location and data sovereignty needs. Each data center pair operates in an active-active mode
providing highly performant and available instances for our customers. Our data centers span five continents: Asia, Australia, Europe, North America, and South America.
Approach to resilience The ServiceNow Nonstop Cloud was designed to support the availability and scalability requirements of Global 2000 enterprises. We operate eight data center pairs for a total of 16 data centers across 4 regions to meet our customers’ location and data sovereignty needs. Each data center pair operates in an active-active mode
providing highly performant and available instances for our customers. Our data centers span five continents:
Asia, Australia, Europe, North America, and South America.
Outage reporting ServiceNow provides the industry’s only Real Availability Dashboard that shows availability of all your instances running in the cloud.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication 2-factor authentication
Access restrictions in management interfaces and support channels Local database - Username, password in their user record in the instance database.
Multifactor - Username, password in the database and a passcode sent to the user's mobile device that has Google Authenticator installed.
LDAP - Username, password in their LDAP account, which has matching user account in the database.
SAML - Username, password configured in SAML identity provider account, which has a matching user account in the database.
OAuth 2.0 - Username, password of OAuth identity provider, which has matching user account in the database.
Digest Token - An encrypted digest of the username, password in the user record.
Access restriction testing frequency Never
Management access authentication 2-factor authentication

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 EU Safe Harbor Framework/U.S. – Swiss Safe Harbor Framework
ISO/IEC 27001 accreditation date N/A
What the ISO/IEC 27001 doesn’t cover Yes, the Proposed Cloud Service Management tool - ServiceNow is compliant on following security requirements –
- Ownership and control of data remains with customer all the time
- Complies with U.S. – EU Safe Harbor Framework and U.S. – Swiss Safe Harbor Framework
- All Data Centers maintain SAS70/ SSAE16/ SOC1 Type II attestation and ISO/IEC 27001:2005 certified
- Annual Third Party Penetration Testing
- SSLv3, TLS1.0 or TLS 1.2 encryption while in Transit. AES128, AES256, or 3DES encryption at Rest
- NIST 800‐88 data destruction methods used while retiring Hard drives
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • Infosys is aligned and certified to ISO 27001:2013
  • Infosys Limited - assessed for SSAE 18 SOC 1Type II

Security governance

Security governance
Named board-level person responsible for service security No
Security governance certified No
Security governance approach Not Applicable in context to Service Management tool - ServiceNow. This would be answered at the overall deal level
Information security policies and processes Not Applicable in context to Service Management tool - ServiceNow. This would be answered at the overall deal level

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Provides systematic approach to control life cycle of all changes, facilitating beneficial changes to be made with minimum disruption to IT services. Change Management offers ITIL-aligned processes for normal, standard, and emergency change types.
Normal change: Follows complete change lifecycle including peer or technical approval, management, Change Advisory Board (CAB) authorization before being implemented, reviewed, closed.
Standard change: Frequently implemented, repeatable implementation steps, low risk, proven history of success.
Emergency change: Covers fix on fail or retroactive situations where impact to service has been experienced or fail situations where the impact to service is imminent if action is not taken.
Vulnerability management type Undisclosed
Vulnerability management approach ServiceNow uses the Vulnerability Response module to compare security data pulled from internal and external sources, such as National Vulnerability Database, to vulnerable CIs ,software identified in the Asset Management module. If CIs or software are found to be affected by a vulnerability, Client can create changes, problems, and security incidents from those vulnerable items.

It also views common weakness enumeration (CWE) records from the NVD to understand how they relate to the vulnerabilities (CVEs) identified in Vulnerability Response. As needed, Client can update your system from the vulnerability databases on an on-demand basis or by running user-configured scheduled jobs.
Protective monitoring type Undisclosed
Protective monitoring approach Not Applicable - ServiceNow integrates with monitoring tools to cover the Service management aspect of monitoring like automated ticket generation though alerts etc.
Incident management type Undisclosed
Incident management approach Supports the ability to log incidents, classify according to impact urgency, assign to appropriate groups, escalate, manage through to resolution, reporting. Any ESS user can log in to an instance to record incident, track it through entire incident life cycle until service has been restored, issue has been completely resolved.
incidents are handled with task record system. Each incident is generated through methods as task record, populated with pertinent information in individual fields. These tasks can be assigned to appropriate service desk members, who will deal with task as appropriate. Once incident has been properly dealt with, it is closed.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £275 per person per day
Discount for educational organisations No
Free trial available Yes
Description of free trial We will work with the client and agree on a POC based on the business requirements.

Documents

Documents
Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑