'Kainos Smart' is a cloud-based automated-testing-platform built exclusively for testing Workday. This unique product makes it easy for non-technical users to create repeatable automated-tests for HCM, Security, Financials and Payroll modules – and is what Workday use to test their own deployment. Kainos is also a Workday Certified Implementation Partner.
- Covers HCM, Payroll & Financials business-process, Security configuration and Integration-testing
- Allows automated execution and verification of test cases against specific-Workday-configuration
- Test automation is pre-built and continually-maintained by Kainos against latest-Workday-version
- Proven testing methodologies for HCM, Payroll, Security and Financials
- Scheduling of concurrent test-execution on multiple-tenants enabling high-volume of test-execution
- Reporting capability that consolidates results from multiple test runs
- Troubleshoot tests failures at-a-glance with screenshots that show failure-location/ error-message
- Secure storage location to share documents and data
- Complete toolkit to assist with the creation of test data
- API that enables integration with ALM and CI tools
- Tests the-security-of-your Workday population; and monitors and reports on change
- Full end-to-end testing of business critical transactions- improving test coverage/quality
- Reduces testing effort, timescales and costs during implementation and ongoing-regression-testing
- On-average customers see a 40% reduction in implementation-time using Kainos-Smart
- Reduces overall testing and maintenance burden on your SMEs
- Frees-up staff time to-take-advantage of and adopt new Workday features
- Improves auditability of-testing by producing transparent, concise audit evidence
- Reduces risk in Workday implementations and ongoing BAU changes
- Improves confidence levels of customer’s security configuration
- Kainos-are-the-only Partner to implement Workday into UK public-sector to-date
£22275 to £319000 per licence per year
- Education pricing available
Kainos Worksmart Limited
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
Web Browser access is only required. Following versions and above are supported
• Internet Explorer: Version 11
• Firefox: Current Version
• Chrome: Current Version
• Safari: Current Version
• Edge: Current Version
Workday Preview window occurs biannually where we guarantee - Week 1 support for Integration, Security testing and full support for BP testing from Week 2 onwards.
Planned maintenance releases occur on Saturday morning to coincide with Workday releases though these are predominantly zero downtime deployments. If planned outage is required this will be communicated in advance and a Smart maintenance page will appear.
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Response times are SLA based, and dependant on ticket severity. Response times are as follows:
Critical - Within two (2) hours of receipt of incident.
Severe - Within four (4) hours of receipt of incident.
Serious - Within one (1) day of receipt of incident.
Minor/Query - Within five (5) day(s) of receipt of incident.
Feature/Suggestion - Within two hundred and forty (240) hours of receipt of incident.
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Web chat support||No|
As per our SLA one level of support will be agreed at the time of contracting.
This support cost is included as part of the subscription service cost so there is no additional charge.
We provide a dedicated Service Manager who has overall responsibility for day to day support, the Service Manager will liaise with our Development Operations team (Cloud Service) as required e.g. if server maintenance is required. In addition, we will hold regular calls with key stakeholders from the customer side via our Customer Success Manager to discuss account management queries.
|Support available to third parties||Yes|
Onboarding and offboarding
Associated to the Kainos Smart product is a suite of implementation services delivered by our expert team of workday certified consultants in line with our industry best practice methodologies. All Kainos Smart implementations are tailored to suit the specific requirements and timelines of the customer and typically cover the following objectives:
- Kick off - the Kainos team provision your Smart tenant including connectivity to your Workday tenants.
- Plan stage - a series of collaborative meetings to agree implementation plan (timelines), agree & qualify the success objectives, identify test pack requirements and establish governance procedures.
- Delivery Stage - Kainos build and deliver of the Kainos Smart test packs as agreed with customer during plan stage.
- Knowledge transfer & training - onsite knowledge transfer workshop to complete handover of test packs and user documentation to ensure the customer team are self-sufficient going forward.
- Support – transfer to the Kainos Smart support team and assignment of Customer Success Manager to ensure customer continues to realise benefits for remainder of subscription term.
|End-of-contract data extraction||
Kainos will retain Customer Data for a period of 5 years from data entry: Customer Data will only be available via the Smart tenant web application for 2 years from data entry and thereafter will be archived and retrievable upon Customer request.
Data can be exported unaided by the customer from Kainos Smart in the 2 year period after data entry using the export functionality within the product that allows export of test run results to .csv and .pdf file formats and export of the test data templates that contain the executable customer specific test cases to .xls format.
Included in the contract is access to the applicable Kainos Smart modules for the duration of the subscription term:
- HCM & Integrations
- Financials & Integrations
Also included is the selected amount of Kainos Smart implementation services delivered by our expert team of workday certified consultants. At a minimum the implementation services cover two primary deliverables:
1. The creation of initial test packs containing approximately 2000 test cases covering a range of Business Processes, Security and Integrations.
2. Knowledge transfer to the customer team of the Kainos delivered test packs, and on-site training on the Kainos Smart product.
Ongoing support in line with our SLA is also included in the contract.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||No|
|Accessibility standards||None or don’t know|
|Description of accessibility||N/A|
|What users can and can't do using the API||
Smart has a REST API, the main purpose of which is to allow customers to orchestrate tests from an enterprise ALM (Application Life Cycle Management) tool or CI (Continuous Integration) Tool. When using Smart in this way, tests must still be created via the Smart API. However, once tests have been created they can be executed and re-executed from a 3rd party tool, with the 3rd party too having the ability to retrieve full detailed results via the API also.
The API does not allow users to create or modify test cases.
|API documentation formats||Open API (also known as Swagger)|
|API sandbox or test environment||Yes|
|Independence of resources||Kainos Smart has auto-scaling configured to enable it to handle peaks in customer usage. The auto-scaling is designed to ensure that the infrastructure resources automatically scale to handle demand from all customers. The system is capable of processing tens of thousands of tests an hour. Kainos Smart uses Amazon Web Services Auto Scaling Groups.|
|Service usage metrics||Yes|
We provide a breakdown of Usage per month, this includes:
– number of tests run by month
– number of tests run by test type
– uptime metrics
– Support ticket response metrics
|Reporting types||Regular reports|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||European Economic Area (EEA)|
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||Physical access control, complying with SSAE-16 / ISAE 3402|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||
Data can be exported from Kainos Smart at any stage during the subscription term by the customer.
There is export functionality within the product that allows export of results to .csv and .pdf file formats. There is also functionality to allow export of the data templates that contain the executable customer specific test cases can also be exported to .xls format.
|Data export formats||
|Other data export formats|
|Data import formats||Other|
|Other data import formats||Xls|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
Uptime SLA 99.5%*
* based on 7 days’ x 24 hours per calendar month (exclusive of planned outage) this equates to 3 hours, 36 minutes per calendar month or 1 day, 19 hours and 48 minutes per year of unplanned outage.
10 hours per month scheduled downtime (on 24 hours’ notice, to Customer, via email, of planned outages). The Subscription Services:
- may experience scheduled downtime of up to 10 hours per month for service updates;
- shall be available no later than 24 hours after each Workday update.
- updates will be aligned where possible with the Workday planned outage schedule.
Kainos targets a recovery time objective (the timeframe within which Kainos aims to have the Subscription Services restored) (an “RTO”) of 12 hours following an agreed Category A (Critical) incident occurring, measured from the time the Subscription Services becomes unavailable until it is available again. Kainos targets a recovery point objective (the maximum amount of transactional data that could be lost) (an “RPO”) of 24 hours. The RTO and RPO are target times only.
Due to the low price point of the product Kainos do not offer service credits or refunds.
|Approach to resilience||
Kainos Smart leverages Amazon Web Services Auto Scaling Groups for all its servers. Auto Scaling Groups are configured to use three independent Availability Zones in each region. Each of the availability zones has a separate data centre with its own independent power and network supplier.
Should there be a service disruption in one of availability zones Amazon Web Services will automatically switch to the other ones. Kainos Smart application will route all requests automatically to redundant servers. Further, all Kainos Smart databases (PostgreSQL, Oracle, and Redis) leverage multi-zone deployments. In addition, Kainos Smart has enabled automatic daily database snapshots for its databases. The database snapshots are automatically copied to Amazon Web Services secondary region and Rackspace data centre (secondary cloud provider). Files stored in Kainos Smart are stored in Amazon Web Services S3 service with a live bi-directional cross region replication. Further, all files are also stored in Rackspace CloudFiles service.
Availability SLA: 99.5% (unplanned outages)
Due to the low price point of the product Kainos do not offer service credits or refunds.
For more information on the SLA please refer to section “Guaranteed availability”.
|Outage reporting||We report both planned and unplanned outages by email alert.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||
Kainos Smart provides a separate Smart Management console that is only available to Kainos professional services and support staff to modify configuration parameters of customer’s Smart Tenants. Customer data is not available through this Management Console.
Access is restricted to the Kainos network and VPN. Users are authenticated using Username and Password.
Sensitive functionality within the console is controlled via 4 eyes policy workflows, preventing individual users from performing critical actions.
Kainos access to Customer Smart tenants is controlled by each customer via their Smart tenant including IP restrictions and account auto-expiry rules.
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||BSI|
|ISO/IEC 27001 accreditation date||12/03/2017|
|What the ISO/IEC 27001 doesn’t cover||Outsourcing is out of scope.|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||
|Other security governance standards||Kainos has been assessed for SOC2 Type 2 compliance by EY.|
|Information security policies and processes||
Kainos has implemented information security policies based on compliance with:
- ISO27001 - policies include: asset management, human resources, cryptography, access control, physical and environmental, systems development and testing, compliance, communications, data protection/privacy and incident management.
- SOC2 Type 2 - focusing on Security Trust Principles
This information security policies are audited and certified by the British Standard Institution (BSI) against the ISO27001:2013 standard. Audits happen bi-annually.
Kainos has been assessed for SOC2 Type 2 compliance by EY. SOC2 audits occur annually.
New staff are required to confirm their understanding of all security policies. Annual security awareness training ensures staff are fully aware of processes. Training is administrated though a digital online system to ensure completion by all staff.
In addition to 3rd party audits, regular internal audits are performed on our information security controls.
In terms of reporting structure, we have a Chief Information Officer reported into by an InfoSec Management Team, Security Practice and a number of Business Unit Security Officers. The InfoSec Management Team is reported into by a Corporate InforSec Officer, an IT Systems Security Manager, a number of Systems Security Representatives and a Facilities Security Officer.
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||
Customers log issues and change requests via the support portal.
Application defects and new features are logged in JIRA. JIRA tickets follow strict workflow statuses from appraisal through to testing, ensuring segregation of duties with approval steps at each stage.
Security is considered at all stages of the ticket workflow. Developers and testers focus on OWASP standards. All code changes are peer-reviewed.
Automated security testing uses tools including Arachni, Nessus, Zapp, W3AF scanner, Burp suite.
3rd party penetration and vulnerability scans take place bi-annually.
Our software stack and environment builds are managed by Puppet and AWS CloudFormation services.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
The platform team performs Linux, AWS, and HTTPS scans of our application daily.
Weekly, the Smart application is scanned for vulnerabilities, using OWASP tools that utilises the NIST NVD.
Production environments have auto-attend patch updates configured, meaning latest patches are applied automatically.
Any identified vulnerabilities are reviewed by the security team. Vulnerabilities that have the potential to compromise customer data, with high risk of exploitation will be classified as critical
Bi-annually, Kainos uses 3rd Party Information Security company (CESG and Check approved) to perform vulnerability and penetration testing of Smart
Kainos aim to resolve critical vulnerabilities within 24 hours.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
Trend Micro IDS and IPS is configured on the Smart production environment performing the following checks (Malware, Log inspection, Web reputation, File, process & port integrity)
Web Application Firewall deployed with checks including HTTP Protection, Real-time Blacklist Lookups, Web-based Malware Detection, HTTP DDOS, Common Web Attacks Protection, Automation Detection, Trojan Protection, Identification of Application Defects, Error Detection and Hiding
Elastic Stack is configured for log aggregation and real-time alerting.
Any potential compromise is reviewed by our security team to understand extent of compromise.
Kainos aim to respond to incidents immediately, with notification to customers of suspected compromise within 24 hours.
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||
A) Customer contacts Kainos with incident by phone, email or online ticketing system.
b) Incident is triaged by assigned Support Engineer and if possible resolution identified, actioned and communicated back to the customer.
c) If additional assistance is required, incident is raised with specialist Kainos Smart technical teams.
d) Once a resolution has been found, incident ticket will be updated with details of when the fix will be released.
e) Once the issue has been resolved, the support engineer follows up with the customer to ensure they are satisfied with the result.
f) Incident ticket will be closed.
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£22275 to £319000 per licence per year|
|Discount for educational organisations||Yes|
|Free trial available||No|
|Pricing document||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|