Gimmal Records Management
Gimmal Records Management. Enterprise-class content and records management in SharePoint, Office 365, content-management systems. Information lifecycle management. Automated rules based classification invisible to the user. Only SharePoint records management solution DoD 5015.2 certified. Flexible strategies for centralised federated records management. Includes transfer capability for records uploads to The National Archive.
- Manages records in Office365, SharePoint, File Shares, Exchange and repositories
- Central policy system. Create retention policies across all content sources
- Enable flexible, rule-based classification and retention management
- Gain actionable reporting for upcoming records actions
- Management of physical records
- Advanced content type retention
- Advanced content life-cycle reporting
- Governance for Box, OpenText, Documentum and file shares
- Automate content classification against a centralised file plan
- Destroy unwanted data at the end of the information lifecycle
- Get information lifecycle management with hands-free governance
- Provide a simpler SharePoint user experience
- Implement a more consistent content lifecycle that improves findability
- Achieve records management compliance in SharePoint with DOD-5015.2 certification
- Reduce IT reliance for SharePoint administration
- Manage data across disparate systems. Keep information in-place and accessible
- Achieve records management compliance and transfer in SharePoint, Office 365
- Maximize SharePoint, Office 365 to manage assets, physical and electronic
- Rapid deployment reduces up front cost and time to launch
£7 to £70 per user per year
- Pricing document
- Skills Framework for the Information Age rate card
- Service definition document
- Terms and conditions
01392 24 0365
|Software add-on or extension||Yes|
|What software services is the service an extension to||
Microsoft Office 365
Microsoft SharePoint Server
Microsoft SharePoint Online
|Cloud deployment model||Public cloud|
|Service constraints||No constraints|
|Email or online ticketing support||Yes, at extra cost|
|Support response times||Our standard support plan aims to respond to new cases within four working hours, on Monday to Friday excluding English public holidays and weekends. Extended SLAs and weekend support can be offered at additional cost.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
For Gimmal Records Management OfficeLabs can provide:
Subject matter experts
Time is available as Retained Technical Services charged at £850 / day, or support hours per month.
Our standard support is 9am - 5pm, Monday to Friday, excluding English public holidays and weekends. We will respond within four hours of receiving a request. All of our support team are experienced cloud support engineers who can advise on any request, query or issue.
We offer support services which scale to your business depending on the amount of support hours you wish to use per month. Our pricing is as follows:
8 hours per month (unlimited users) - £9,000 p/a
16 hours per month (unlimited users) - £17,000 p/a
24 hours per month (unlimited users) - £25,000 p/a
|Support available to third parties||Yes|
Onboarding and offboarding
Subject matter experts and trainers are available to provide either on-site or remote support at any UK location.
The Gimmal records Management implementation process includes administrator training that involves either onsite or online training for a select number of records managers. During this phase we are on hand to fix any issues and offer on demand support. The full implementation process includes discovery to understand your content life-cycle requirements.
|End-of-contract data extraction||All data is held within the customer data repository and they retain ownership throughout.|
Contract includes software licenses, training, support, initial configuration and documentation.
The initial contracted period is three years. Two years with one year extension for G-Cloud. Costs for the first year are payable up front.
All content will remain available to you in your content repositories.
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Some interface differences but the information displayed is the same.|
|Accessibility standards||None or don’t know|
|Description of accessibility||
Software management interface accessible through a modern web browser.
Users can manage the system permissions and file plan settings from the web interface.
|Accessibility testing||Web reader text to speech.|
|What users can and can't do using the API||RESTful, SOAP|
|API documentation formats||
|API sandbox or test environment||No|
|Description of customisation||Gimmal Records Management is configured to meet the information management requirements of the customer.|
|Independence of resources||
Gimmal Records Management is hosted either on customer infrastructure or in a UK SaaS host.
Both are scaled appropriately based on current volume of records and future expected growth.
Both solutions can be scaled.
|Service usage metrics||No|
|Supplier type||Reseller providing extra features and support|
|Organisation whose services are being resold||Gimmal|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||Physical access control, complying with CSA CCM v3.0|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||Customer data is not held in Gimmal Workplace Compliance but in Microsoft SharePoint.|
|Data export formats||
|Data import formats||
|Other data import formats||Office documents|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
|Guaranteed availability||Monthly Uptime Percentage of 95% guaranteed|
|Approach to resilience||http://download.microsoft.com/download/A/0/7/A07FF75D-1FDC-4642-897F-9F390978E759/Data%20Resiliency%20in%20Office%20365.pdf|
Identity and authentication
|User authentication needed||Yes|
|User authentication||2-factor authentication|
|Access restrictions in management interfaces and support channels||Administrator only access to internal Gimmal Workplace for SAP servers|
|Access restriction testing frequency||At least once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||DoD 5015.2|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||
Policy owner reports to the Chief Information Officer who in turn reports to the Business Owner.
Policies are easily accessible.
Policy Owners are audited on a regular basis.
Automation is used where appropriate.
Policies are acknowledged by workers.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
The ITIL Change Management Continual Process Improvement methodology is used to manage change.
All changes are considered and assessed on business and security impact by the Change Advisory Board before implementation.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
Potential threats are rated on risk, likelihood of occurrence and potential impact of the threat.
Patches are developed, tested and released as soon as approved.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
Security and Compliance dashboard real-time monitoring
Automation where appropriate
Incident response is within one hour during office hours. Within four hours at any other time.
|Incident management type||Supplier-defined controls|
|Incident management approach||
Incident Management process follows the ITIL Incident Management best practices.
Users can report incidents by phone, email or portal.
Incident reports are provided in PDF format on a monthly basis.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£7 to £70 per user per year|
|Discount for educational organisations||No|
|Free trial available||No|