Fujitsu Services Limited

RunMyProcess Platform as a Service

Fujitsu RunMyProcess is a 100% cloud based platform as a service (PaaS). It has been designed to remove the common barriers to digital transformation and enable the rapid development and deployment of business process automation applications to any device.

Features

  • Drag and drop rapid process and user interface designer
  • Over 2500 out-of-the box connectors to 3rd party applications
  • Rapid deployment using three virtual modes
  • Automatic cross device compatibility including Android and iOS
  • Development and test new applications rapidly

Benefits

  • Enable multi channel workflows quickly
  • Enable continuous improvement
  • Rapidly integrate both cloud and on premises applications
  • Deploy to large user bases rapidly
  • Derisk early development by using proof of concepts

Pricing

£250 per unit per month

Service documents

G-Cloud 9

850190827066853

Fujitsu Services Limited

Government Frameworks Desk

0843 365 1549

government.frameworks@uk.fujitsu.com

Service scope

Service scope
Service constraints Updates occasionally may require the platform to be unavailable. This will be communicated through the change management process.
System requirements Modern web browser

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Please see the Service Definition document for an explanation of the support process and SLAs.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Custom support levels can be provided based upon individual requirements.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Onsite training can be provided and customised user training. The RunMyProcess website has a number of online tutorials.
Service documentation Yes
Documentation formats HTML
End-of-contract data extraction Data can be extracted manually via the online IDE, or functions can be built using the application itself to perform extraction in a customised way.
End-of-contract process A single version of the platform exists with all clients having the same functionality. Platform support is included as part of the platform license.

Using the service

Using the service
Web browser interface Yes
Using the web interface To be confirmed
Web interface accessibility standard None or don’t know
How the web interface is accessible To be confirmed
Web interface accessibility testing To be confirmed
API Yes
What users can and can't do using the API RESTful API.
API automation tools Other
Other API automation tools To be confirmed
API documentation Yes
API documentation formats HTML
Command line interface No

Scaling

Scaling
Scaling available Yes
Scaling type Manual
Independence of resources To ensure that all applications are executed in a timely manner and that each receives its share of the resources, the platform sets a number of limits and regulations, avoiding any single application dominating the resources. These limits are necessary to enable all applications to run smoothly without adversely affecting each other.
Usage notifications No

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types Other
Other metrics Real time management information
Reporting types Real-time dashboards

Resellers

Resellers
Supplier type Reseller providing extra features and support
Organisation whose services are being resold RunMyProcess

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency Never
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up Please see Service Definition
Backup controls Please see Service Definition
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Users schedule backups through a web interface
Backup recovery Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability '99.9% service availability
- If the monthly availability rate is comprised between 99% and 99.9%, Fujitsu-RunMyProcess shall credit Beneficiary with three (3) days of free Service (added to the contractual period underway).
- If the monthly availability rate is comprised between 95% and 99% Fujitsu-RunMyProcess shall credit Beneficiary with ten (10) days of free Service (added to the contractual period underway);
- If the monthly availability rate is below 95%, Fujitsu-RunMyProcess shall credit Beneficiary with thirty (30) days of free Service (added to the contractual period underway).
- After three (3) consecutive days of unavailability of the Service without restoration, Beneficiary shall have the right to terminate of the Agreement and Fujitsu-RunMyProcess agrees to refund Beneficiary of any amounts collected prorata temporis to the term of the Agreement remaining to be run.
Approach to resilience The platform has been built with security in mind and is regularly tested to ensure resilience. Third party data centres are used and conform with current setup best practises.
Outage reporting Twitter feed.

Identity and authentication

Identity and authentication
User authentication
  • Identity federation with existing provider (for example Google apps)
  • Username or password
Access restrictions in management interfaces and support channels Defined roles and group define access to management interfaces and channels. These are maintained by strict approval processes to ensure correct access control.
Access restriction testing frequency Less than once a year
Management access authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Devices users manage the service through Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security No
Security governance accreditation No
Security governance approach Information is accessed by strict data policies to ensure only the correct data is viewed by each user. Information in custom process is controlled by the process by client defined user access roles and group.
Information security policies and processes Information is accessed by strict data policies to ensure only the correct data is viewed by each user. Information in custom process is controlled by the process by client defined user access roles and group.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach At RunMyProcess we operate an agile development lifecycle focused on early testing. We follow an iterative lifecycle of multiple design, develop and test loops for each platform release and have a range of security questions and patterns that are applied and reviewed at each stage. As part of our effort to reduce attack surface these reviews include the relevance of the new feature, its applicability to our set of customers and the way in which it fits into our security models. Once validated, the change will be assigned to a new version of the platform and all necessary tests prepared.
Vulnerability management type Supplier-defined controls
Vulnerability management approach The RunMyProcess security team closely follows a list of security and vulnerability information sources such as the US CERT security bulletin. Based on information from such sources a triage process is undertaken and necessary updates are applied. Depending on the severity level of the threat such updates may be applied immediately or during a regular platform update.
Protective monitoring type Supplier-defined controls
Protective monitoring approach All changes to the platform are assessed and where practical assigned to a specific release. All necessary tests to validate the functionality and security of the enhancement must be written as part of the development and release cycle. These tests must ensure that the feature is behaving as expected and that it will not introduce any instabilities or vulnerabilities. When signed off as part of a release new features are rolled out as part of the formal update process.
Incident management type Supplier-defined controls
Incident management approach Platform issues are raised to RunMyProcess either via email or phone. Regular updates are provided on the progress of the issues.
Incident Management for applications built on the platform can be provided by either RunMyProcess, a third party or by the client with varying Incident Management techniques used.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart No

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes

Pricing

Pricing
Price £250 per unit per month
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑