Axios Systems Plc

Axios Global assyst ITSM/ITOM/ITIL Cloud and SaaS Migration

ITSM visionaries Axios Systems provide a complete range of IT Service Management consultancy and training services. Axios consultants are accredited to Prince2, ISO 20,000 and ITIL to deliver expert guidance including: ITSM / ITIL Health Check Audits; Service Desk Review; Service Strategy and Program e.g. Service Catalogue and ITSM Transition.

Features

  • ITIL / ITSM data source consulting expertise
  • Service desk performance review
  • SLA, CMDB and Service catalogue strategy, workshops and development guidance
  • ITSM and ITIL process strategy, workshops and development
  • Axios assyst Implementation services.
  • Federated CMDB and integrations development for axios assyst
  • Education services ITIL for foundation and ITSM, Axios assyst solution
  • Service value Management covering process design and assyst administration

Benefits

  • Complete ITIL based ITSM and ITOM consultancy services
  • Over 30 years ITSM/ITIL expertise giving you peace of mind
  • Enable end to end service value management
  • Collaborative and sustainable approach to knowledge transfer
  • Gain enhanced value from ITOM and ITSM consolidation

Pricing

£950 to £1400 per person per day

Service documents

Framework

G-Cloud 11

Service ID

9 1 8 4 3 5 4 9 5 0 1 5 0 5 8

Contact

Axios Systems Plc

UK Sales

0131 220 4748

newuksales@axiossystems.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Assyst - SaaS ITSM/ITIL Aligned Service Management Software
assyst ITOM - Discovery and Software Asset/License Management (SaaS)
Cloud deployment model
Private cloud
Service constraints
Not Applicable
System requirements
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
  • 256Kbps or above bandwidth for agent communication

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response times start from 30 minutes. The standard support offering is 0800-1800, Monday to Friday. This can be extended to 24x5 or 24x7 at additional cost.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 A
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 A
Web chat accessibility testing
The Self-Service Portal conforms to the W3C WCAG 2.1 A. This ensures that the application is still usable by people with varying degrees of disability, ranging from colour blindness or poor dexterity, to being completely blind. A pre-requisite for providing an accessible application is for it to be fully keyboard navigable, enabling use without a mouse. This is also a pre-requisite for Assistive Technologies, such as Screen Readers, which again must navigate the application using key strokes.
Onsite support
Onsite support
Support levels
The standard support offering is 0800-1800, Monday to Friday. This can be extended to 24x5 or 24x7 at additional cost. Additionally, each customer is assigned an Account Manager who works with them through the duration of the contract.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
The Axios philosophy is to mentor the assyst administration team before and throughout the implementation so that they are familiar with, not only how the system was configured, but will be completely self-sufficient once the system has gone live. Axios also provide classroom based assyst administrative training to all customers. The Train the Trainer course is designed to enable key assyst users to cascade training that will enable staff within their own organisation to get started with assyst. assyst comes with a wide range of ongoing in-house training materials:- - assyst itself comes with product help guides that connects to aa assystWIKI (with context sensitive help), - assyst provides the ability to create bespoke Tutorials for the Service Desk and other Support Groups that can be displayed on a user’s Home Page. These Tutorials would be tailored to your Processes, - Axios maintain an up-to-date assystWIKI page for all customers as well as providing basic user support via our Service Centre. - Alternatively refresher training courses can also be provided so that customers are completely self-sufficient in the maintenance of their assyst solution.
Service documentation
Yes
Documentation formats
Other
Other documentation formats
AssystWiki
End-of-contract data extraction
At the end of the contract, Axios will provide the data in any format required to migrate to another system.
End-of-contract process
We respect the importance of our clients’ data. As a result, we view the content of your assyst database as your property (minus the assyst license details). If termination of relationship should occur a copy of your data will be held for up to six months. At the end of that period, your data will be expunged from our systems and backups. If you would like this expunging to occur sooner you simply need to request and we will be happy to comply.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The mobile interfaces are designed specifically for smaller devices such as phones and tablets. Administrative functions are not accessible in the mobile interfaces.
Service interface
Yes
Description of service interface
In the digital age, employees expect to use the same kinds of digital tools in the workplace as they use in their consumer lives. The assyst self-service portal provides a one-stop-shop for employee technology needs: self-logging, access to knowledge and collaboration, status visibility, a service catalogue, and simple self-help tools.

Features: Self-logging and resolution; searchable Knowledge Base and Knowledge Management system; consumer style Service Catalogue; Integrated Open Collaboration Platform.
Accessibility standards
WCAG 2.1 A
Accessibility testing
Assyst conforms to the W3C WCAG 2.1 A. This ensures that the application is still usable by people with varying degrees of disability, ranging from color blindness or poor dexterity, to being completely blind. A pre-requisite for providing an accessible application is for it to be fully keyboard navigable, enabling use without a mouse. This is also a pre-requisite for Assistive Technologies, such as Screen Readers, which again must navigate the application using key strokes
API
Yes
What users can and can't do using the API
Assyst has an open JAVA API and several tools to allow for easy integration to other interfaces. assyst, its utilities, and its schema are fully documented so customers can create their own integrations and extensions if they choose. Several of the utilities also come with sample test files to help aide deployment and our Axios Global Services Consultants can be made available if needed and charged on a per day basis.
API documentation
Yes
API documentation formats
Other
API sandbox or test environment
Yes
Customisation available
No

Scaling

Independence of resources
Assyst’s technology foundation is designed to meet enterprise-level application performance needs, even in the largest organizations with many thousands of users. The load-balanced application server environment and multithreaded server capability enables distribution of transaction workload intelligently and automatically across multiple server threads. This maximizes the throughput, scalability and performance of the application to accommodate the evolution and expansion of business requirements. The same multithreaded capability can be configured such that server and database threads scale up and down dynamically to accommodate fluctuations with transaction volumes.

Analytics

Service usage metrics
Yes
Metrics types
200+ out of the box reports and Dashboards. Option to configure reports and dashboards. Ability to export report as excel or PDF. Ability to schedule reports. Ability to e-mail the report (one off and scheduled). Ability to drill down on charts.
Reporting types
  • Real-time dashboards
  • Regular reports

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Reports and queries can be exported to CSV, XLS, XML or PDF. assyst’s Open Database Connectivity (ODBC) allows a range of 3rd Party reporting tools to extract data from the assyst database including Business Objects and SAP BI.
Data export formats
  • CSV
  • Other
Other data export formats
  • XLS
  • XML
  • HTML
  • PDF
Data import formats
  • CSV
  • Other
Other data import formats
  • XLS
  • XML

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
99.98%
Approach to resilience
Axios provides a highly resilient, high availability architecture to customers with the hosted assyst solution. This is also replicated down through the datacenter with for example: multiple ISP connections and redundant power capable of uninterrupted supply. The datacentre provides Axios and our customers with more than just a hosting infrastructure. Their secure and highly available networks allows us to guarantee the highest SLA in the industry (99.98%) as well as meet regulatory compliance guidelines around the world. To ensure high availability of the service, CenturyLink ensures:- • The only bandwidth that is used is high performance bandwidth, which usually isn't the case with cheaper hosting providers. • To provide multiple redundancies in the flow of information to and from our data centers, we partner with nine network providers. • Backup generators and electrical controls at each data centre capable of 30 hours operation, • N+1 Application Servers providing additional redundancy.
Outage reporting
Axios provide its customers with an award winning Edinburgh-based Service Centre. The Centre is a 24x7 operation supporting all our multi lingual customers around the world. Outages are escalated and communicated through the Axios Incident Management process which includes email alerts and reporting.

Identity and authentication

User authentication needed
Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
The technical measures taken to restrict access to electronic systems are governed by the concept of segregation of duty. The primary mechanisms used to enforce segregation of duties are the physical and logical access controls in place to control access to the company’s and/or its customers’ data and assets. Physical access restrictions for employees are enforced with the use of proximity access cards, and biometric access devices. Logical access to core networking equipment and customer resources requires password access and is granted only to those employees in roles that require such access.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BrightLine
ISO/IEC 27001 accreditation date
21/06/2016
What the ISO/IEC 27001 doesn’t cover
Included in the certification is the management of information security in the design, implementation and support of hosting solutions at our United State of America Data Centres (DFW1, DFW2, DFW3, IAD2, IAD2, IAD3 and ORD1), United Kingdom Data Centres (LON1, LN3 and LON5).
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • ISAE 3402 Type II – SOC3 reporting
  • ISAE 3402 Type II – SOC1 & SOC2 reporting
  • PCI Data Security Standard
  • ISO/IEC 27001:2005
  • ISO/IEC 9001:2008
  • ISO 14001:2004 (Environmental Management)
  • BS OHSAS 18001:2007 (Occupational Health & Safety)

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
ISAE 3402 Type II Service Organisation Control – SOC3 reporting ISAE 3402 Type II Service Organisation Control – SOC1 & SOC2 reporting PCI Data Security Standard ISO/IEC 27001:2005 ISO/IEC 9001:2008 ISO 14001:2004 (Environmental Management) and BS OHSAS 18001:2007 (Occupational Health & Safety)
Information security policies and processes
The following list represents the security policies that currently make up the Hosting and Security Policies and a brief description of what they cover: • Personnel Security - outlines security requirements associated with the Hosting workforce. • Physical Access - defines requirements for physical security controls and processes. • Asset Controls - outlines expectations that establish control for physical assets within the company. • Information Sensitivity - defines the categories of information that support CenturyLink business and controls to protect them. • Business Continuity - defines the corporate approach to ensuring that the CenturyLink customer support infrastructure is always available. • Acceptable Use - establishes requirements and prohibitions for the appropriate use of CenturyLink’s services by customers. • Security Awareness and Training – establishes requirements for a corporate security-training program for the CenturyLink workforce. • Protection against malicious code and viruses – defines Anti-virus solution requirements

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Third party access is strictly limited to defined security / access levels and any change of those requires previous approval. All devices are continuously monitored and maintained under change control and reviewed annually and also as a result of major infrastructure changes. We fulfil risk assessment at minimum annually for general services and undergo risk assessments before changes are implemented. There is a defined process and policy to inform customers on changes made to our security and/or privacy policies.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
The Security and Internal Audit departments undertake regular compliance checking activities including formal scheduled audits, spot checks and risk assessments. However, these activities are considered confidential, and unfortunately cannot be shared with external parties. We perform bi-annual penetration tests with an external consulting organization. We assess the front-end application through the network layer as well as the operating system and application builds. Vulnerabilities from both penetration tests and security incidents are assessed for impact, likelihood, and seriousness and this drives the priority of fixes.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Intrusion Detection (IDS), Prevention (IPS) Systems and anti-DDoS are provided by best-in-class Juniper hardware as standard. Alerts are monitored and logged by the hosting provider and escalated accordingly. Escalation paths will be agreed with the customer at contract stage. Axios does not mine or monitor the internal content of the customer's databases.
Incident management type
Supplier-defined controls
Incident management approach
Axios Systems must have a 24x7-response plan for the management of information security incidents. The reporting of an incident will normally trigger the management process. In nearly all cases this will be initiated by the completion of a Security Incident Report Form, as documented in the Security Incident Reporting section of Acceptable Use and Guidance document.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£950 to £1400 per person per day
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Axios offers a free SaaS Trial system. Users are able to extend the time period as desired.
Link to free trial
https://saastrials.axiossystems.com/plugin/registration.form.html?lang=en&type=1&btn=button_start_your_trial.png&bck=F1F1F1

Service documents

Return to top ↑