Tata Consultancy Services Limited

TCS MasterCraft DevPlus

An integrated, enterprise wide continuous delivery life-cycle management platform to plan, execute, automate and govern demand to deploy processes. Define, Build and Test faster through Agile test management and test automation. Facilitates continuous integration, automated deployment and enables the alignment of an organisation’s business demands with IT execution.

Features

  • Idea to delivery process digitisation supporting scaled Agile
  • Single Integrated platform for managing Agile and Traditional development
  • Continuous Delivery Automation
  • Architecture readily integrating with third-party automation tools
  • Bi-modal Delivery Support, Waterfall and Agile
  • Multi-Team support, Multi-tenant scalable architecture
  • Pre-configured KPIs and Extensible Analytics
  • Collaboration and Process Efficiency across geographically distributed teams
  • Capability to manage automation scripts for performance test automation tools

Benefits

  • Adopt Agile Development at Scale
  • Improved CI/CD and Deployment Capability Enabled for DevOps
  • Assured Quality and Delivery, Consistent and repeatable quality
  • Improved process integration through Traceability, Visibility and Collaboration
  • 40 % Effort Savings in Regression and Deployment Automation
  • Increased Time to Market by 50%
  • Ensure Quality Releases through reduced Defects
  • Lower TCO by at least 30%

Pricing

£2400 per unit per year

Service documents

Framework

G-Cloud 11

Service ID

9 1 0 6 9 7 2 0 6 3 3 1 3 9 3

Contact

Tata Consultancy Services Limited

Hiral Patel

020 3155 2237

UK.PublicSector@tcs.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
DevPlus provides integration to tools for Source Code Management, Build Automation , Unit Testing , Code Coverage , Static Code Quality, Artifact and Package Repository, Environment Provisioning, Deployment Automation, Functional Testing and Performance and Security Testing.
Cloud deployment model
Private cloud
Service constraints
The cloud is hosted in India.
System requirements
Service accessed over standard browsers, Internet Explorer, Chrome etc

User support

Email or online ticketing support
Email or online ticketing
Support response times
Sev 1- Less than One (1) work Hour
Sev 2- Less than Four (4) work hours
Sev 3 - Less than Eight (8) work hours
Sev 4- Less than Two (2) Business days
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
We provide 3 levels of support; Level 1, Level 2 and Level 3.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
DevPlus provides Documentation including User Manual and Adminstrator Manual. We also provide User Training and Consulting services.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Data can be extracted in MS Word & Excel formats. Modules like Requirments, Test Cases, Defects provide download faclity to users.
End-of-contract process
Contract can be renewed or the users can download their data and end the contract.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Not Applicable
Service interface
No
API
Yes
What users can and can't do using the API
APIs can be used to create integration points with other applications/software tools.
API documentation
No
API sandbox or test environment
No
Customisation available
No

Scaling

Independence of resources
MasterCraft DevPlus is a multi tenant and scalable application. The Data Center is configured on high availability mode with DR system activated at different seismic zone

Analytics

Service usage metrics
Yes
Metrics types
Various.
Reporting types
  • Real-time dashboards
  • Regular reports

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
Other
Other data at rest protection approach
There is no encryption of data at the infrastructure level.
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data can be extracted in MS Word and Excel formats. Modules like Requirments, Test Cases, Defects provide download faclity to users
Data export formats
Other
Other data export formats
MS Word and Excel
Data import formats
Other
Other data import formats
MS Word and Excel

Data-in-transit protection

Data protection between buyer and supplier networks
Private network or public sector network
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
We provide 99.5% availability SLA. We do not have a refund policy if SLA is violated.
Approach to resilience
We have high Availability architecture. We also provide a DR environment in an alternate location.
Outage reporting
Through ticketing mechanism.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Individual username or password.
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
TUV NORD
ISO/IEC 27001 accreditation date
Initial certification: 2006. Last re-certification 01.04.2018
What the ISO/IEC 27001 doesn’t cover
-
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
Control Case
PCI DSS accreditation date
23/4/2016
What the PCI DSS doesn’t cover
Only common Network and Infrastructure for Cloud was part of the scope. Customer environments/servers were out of scope.
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
ISO 9001: 2008
ISO/IEC 20000-1:2011
ISO 22301:2012
ISO/IEC 27001:2013
PCI DSS v3.1
Information security policies and processes
As per ISO 27001:2013 security standards

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Our configuration and Change Management process is based on best practices described in ITIL v3 framework and:
• Accounts for IT assets and Configuration items within the organisation and its services
• Provides for timely recording of authorised and identifiable configuration items in inventory
Ensures changes to inventory’s configuration items are controlled, reviewed and logged
• Provides for authorised disposal of configuration items recorded in inventory
• Ensure configuration records reflect actual status of all configuration items
• Ensure periodic review of organization's PC’s to detect use of unauthorised software, and verify compliance with software and hardware license agreements.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Vulnerability Assessment and Penetration Testing is carried out at regular frequency depending on the criticality of the devices, to review and assess the security risk, if any.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
The Cloud infrastructure, Network, Server and Storage is monitored using in-house developed monitoring tool. Alerts are configured on threshold basis of CPU, Memory, Disk, Network utilization, etc in monitoring system. All the alerts are closely monitored by dedicated 24 x 7 NOC operations. For every critical alert NOC team raises an incident and assigns it to the respective team. Respective team member acts on the ticket for the closure.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Incident Management Process consists of the following major sub-processes, which include the below steps.
• Detection and Recording
• Classification and Initial Support
• Investigation and Diagnosis
• Resolution and Recovery
• Escalation
• Major Incident Management
• Confirmation and Closure

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£2400 per unit per year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
There is no limitation in terms of functionality but the usage period is restricted to 1 month. There is a Evaluation Agreement which needs to be signed.
Link to free trial
Link shared when Evaluation agreement is signed.

Service documents

Return to top ↑