Ernst & Young LLP (EY)

RPA, Intelligent Automation, Cognitive RPA, Digital Automation, Digital Workforce as a Service

The EY Digital Workforce is a SaaS Robotic Process Automation (RPA), Digital and Artificial Intelligence (AI) platform, allowing end-to-end digitisation/automation of processes.
EY's service can be configured to deliver a wide range of processes including those detailed in the service category list and many others. Please contact EY to discuss.


  • Robotic Process Automation (RPA)
  • Omni-Channel Self-Service
  • Agent Productivity (RDA)
  • Human-in-loop RPA-to-human interaction
  • Workflow and BPM Integration
  • Machine-Learning OCR (ML OCR) for Documents/Emails
  • AI, Machine-Learning & Cognitive Decision Making
  • AI, Machine-Learning & Cognitive Process Optimisation
  • Analytics
  • Pre-packaged digital, automated end-to-end processes


  • Scalable, on-demand, 24x7 automation of processes
  • Improved efficiency through digitising and automation of processes
  • Creation of digitally-enabled straight-through processing
  • Digitisation / self-service on top of legacy systems
  • Front-office / contact centre / agent productivity
  • Highly secure, end-to-end digitisation and automation
  • Improved staff productivity though Human-in-Loop automation
  • Quicker and larger automation ROI from pre-integrated capabilities
  • STP through augmenting RPA with digital/AI
  • Configurable/extendable AI components to increase automation


£500 to £5000 per device per month

  • Free trial available

Service documents

G-Cloud 10


Ernst & Young LLP (EY)

Christopher Flinter

+44 (0) 20 7951 2000

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Varying service levels including uptime, maintenance windows, backup/recovery and disaster recovery/business continuity are available
System requirements
  • Virtual Private Network (VPN) connectivity
  • Virtual Desktop capability or Desktop Image deployment
  • Access and Identity Management (e.g. LDAP, SAML2)

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Response times vary based on capabilities required and service levels procured
User can manage status and priority of support tickets No
Phone support No
Web chat support No
Onsite support Yes, at extra cost
Support levels There are varying service levels dependent upon the capabilities required, but 24x7, end-to-end digitalised and automated processes are possible with very high availability
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started EY provides a comprehensive on-boarding process, both in defining the scope of components required, scalability and service levels, security requirements, connectivity, training, documentation, testing etc.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Typically no data is stored in the EY Digital Workforce, as RPA and associated digital and AI tools operate on existing client systems - i.e. the systems of record are unchanged.
There are some areas of data such as audit logs, system caches, but these are typically stored in SQL Server sub-components and accessible for clients to extract this data
End-of-contract process All the configurations, processes, objects of the automations are fully accessible for clients to transfer at the end of the contract.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Digital services for customer self-service are fully equivalent between desktop and mobile, but mobile optimisations are also available (e.g. GPS, camera)
Accessibility standards None or don’t know
Description of accessibility Digital services use responsive design and based on Google Materials to fully support key accessibility issues including multi-language, multi-character set, clear visible design, text size and contrast, assistive technologies (e.g. talkback, magnification, screen readers)
Accessibility testing Significant integration testing has been performed, but differing browsers and versions may mean that not every type assistive technology is supported for every customer.
Customisation available Yes
Description of customisation All the components of the EY Digital Workforce can be configured through digital UI's. However each component (RPA, Digital, AI etc) is subject to robust role-based access controls, which can also be integrated with client Identity and Access Management.
Additional customisation may be possible subject to discussion of requirements


Independence of resources Our platform is hosted on Microsoft Azure cloud, with the associated resilience, availability and scalability. The default deployment option would be to establish a separate UK hosted instance for each client unless a specific requirement demanded a shared platform or different location.


Service usage metrics Yes
Metrics types There are multiple dashboards and analytics provided depending upon the components procured
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Key data is stored in SQL Server and hence available for extract through standard Microsoft tools
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability There are varying service levels available, across multiple RPA, Digital and AI components with up to 24x7 operation, and 99.98% availability
Approach to resilience All components are designed for horizontal and vertical scalability, within a Microsoft Azure enterprise hosting environment. Full information is available on request
Outage reporting Email alerts tell clients of planned or unplanned outages

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Management consoles by default are protected by username/password and confirmed email addresses. This can be enhanced through integration with client identity and access management (e.g. LDAP, SAML2) or two-factor or biometric authentication
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 EY
ISO/IEC 27001 accreditation date TBC
What the ISO/IEC 27001 doesn’t cover TBC
ISO 28000:2007 certification Yes
Who accredited the ISO 28000:2007 EY
ISO 28000:2007 accreditation date TBC
What the ISO 28000:2007 doesn’t cover TBC
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications TBC

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Enhanced EY security policies exist to augment those of the hosting provider (Microsoft Azure) and component tools. Full details are available on request

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Varying configuration and change management policies are in place depending on the component (RPA, Digital, AI etc.) and vendor
Vulnerability management type Supplier-defined controls
Vulnerability management approach EY has enhanced the vulnerability management tools and processes within the hosting (Microsoft Azure) and components. Details are available on request
Protective monitoring type Supplier-defined controls
Protective monitoring approach EY has enhanced the monitoring tools and processes within the hosting (Microsoft Azure) and components. Details are available on request
Incident management type Supplier-defined controls
Incident management approach EY has a specific incident management process for various components. Details are available on request

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £500 to £5000 per device per month
Discount for educational organisations No
Free trial available Yes
Description of free trial Trial subject to discussion with EY on objectives, components needed, duration etc

Service documents

pdf document: Pricing document pdf document: Terms and conditions
Service documents
Return to top ↑