Business Process Automation
Our intuitive process automation suite puts you in total control, enabling you to define and automate your business processes, workflows and applications with no demand on IT. It allows you to engage customers and stakeholders, improve efficiency and reduce costs by rapidly migrating manually intensive processes into fully automated ones.
- easy-to-use, drag-and-drop business process modelling application
- web-based work and management portal accessed via a standard browser
- accessible from any device, including smartphones and tablets
- integrated with social media and other forms of digital communication
- real-time reporting and analytics
- hosted in the EU on secure, scalable enterprise-grade cloud platform
- choice of flexible packages to match business requirements
- no per user costs
- 60-day no obligation free trial
- free business modelling service and free modelling app
- bypass traditional technical barriers to take the driving seat
- replace manually intensive processes based on Excel spreadsheets
- create new business processes in minutes, not months
- engage your customers directly within your processes
- enhance your customer’s experience via multiple touch points
- ensure compliance with service levels through continuous process optimisation
- increase employee productivity and collaboration
- adapt to new competitive threats while capitalising on emerging opportunities
- respond swiftly to environmental or regulatory changes
- gain low cost of entry and ownership
£0.04 to £0.085 per unit
- Education pricing available
- Free trial available
9 4 3 5 9 8 7 0 2 1 6 9 1 4 6
Workflow Science Ltd
0203 826 8705
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Within 8 hours during working hours (Mon-Fri, 0900-1700 UK time, excluding UK public holidays)|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
|Support levels||We provide a universal support level treating all support cases equally. We assess the user impact of each issue raised and assign appropriate priority for resolution. Support is included within our standard pricing and there is no additional user cost.|
|Support available to third parties||No|
Onboarding and offboarding
|Getting started||Through on-site training and user documentation.|
|End-of-contract data extraction||Through the on-line Portal or use of an API, user can export own data.|
Pricing is based on a simple monthly Subscription Charge comprising of a Service Charge and Usage Charges.
There are no on-boarding or off-boarding charges.
User is free to cease using service without financial penalty.
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||No functional difference; responsive design ensures mobile visualisation optimised for screen size.|
|Description of service interface||The service interface is a browser-based portal with two-factor authentication. Through the browser, Users can personalise their process maps, access human work, analytics and dashboards and manage user access.|
|Accessibility standards||None or don’t know|
|Description of accessibility||The service interface is a browser-based portal with two-factor authentication. Through the browser, Users can personalise their process maps, access human work, analytics and dashboards and manage user access.|
|What users can and can't do using the API||Customers access the service through a web browser which itself utilises our service APIs. All capabilities of our service are exposed through the APIs, subject to permissions.|
|API sandbox or test environment||Yes|
|Description of customisation||Our service includes a process modelling tool for the user. User therefore has complete freedom to create and make changes to their business processes.|
|Independence of resources||To ensure users aren’t affected by the demand other users place on our service we utilise both active request rate-limiting together with resource auto-scaling. The former controls the increase demand and the latter up-scales the resource to deal with the additional demand.|
|Service usage metrics||Yes|
|Metrics types||Time-series and tabular data for: case status and outcomes, work detail, store data metrics and associated aggregations.|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||European Economic Area (EEA)|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||Less than once a year|
|Penetration testing approach||In-house|
|Protecting data at rest||Other|
|Other data at rest protection approach||Services hosted on Amazon AWS: see https://aws.amazon.com/compliance/csa/ and https://aws.amazon.com/compliance/ for further details and principals.|
|Data sanitisation process||No|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Either via access through the on-line Portal, selecting data and then clicking 'export' or through the set-up of an automatic export 'job'.|
|Data export formats||CSV|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||Other|
|Other protection within supplier network||All data transit within network is protected by physical measures within Amazon AWS; for further details please refer to: https://aws.amazon.com/compliance/csa/ and https://aws.amazon.com/compliance/.|
Availability and resilience
We take all reasonable measures to ensure our Service operates at a minimum availability of 99.9%, excluding:
 scheduled maintenance, where necessary and as notified to user giving a minimum of twenty four (24) hours’ notice; and
 events outside our reasonable control, including but not limited to Force Majeure.
Service credits are the user sole and exclusive remedy and our sole and exclusive liability for any failure to meet Service Levels. Service credits are a pro rata credit against the Service Charge for that period of time the Service is not available to user during any given month.
|Approach to resilience||Available on request.|
|Outage reporting||Via email notifications.|
Identity and authentication
|User authentication needed||Yes|
|Other user authentication||Further support is provided for additional factors including knowledge, possession, inherence, time and location.|
|Access restrictions in management interfaces and support channels||
Management requests by users are only accessible via the Customer Interface, accessed through our Portal. Access to all management requests is subject to authentication and authorisation.
Access to servers, infrastructure and your data by us is controlled through a Bastion Host dedicated solely to service management (Administration Interface). Provision of the necessary credentials and access rights to our personnel is strictly based on need and uses fine grained control of rights, restricting access only to those component parts (of the server, infrastructure or your data) required by our personnel to carry out their duties from time to time.
|Access restriction testing frequency||At least once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||Between 6 months and 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||Between 6 months and 12 months|
|How long system logs are stored for||Between 6 months and 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||We receive security and vulnerability alerts and we monitor security and vulnerability bulletins, including US-CERT National Cyber Awareness System. We use such information to continually assess the threats to our Service and implement any necessary mitigations, either through scheduled maintenance or immediate updates, dependent upon impact and severity.|
|Information security policies and processes||
We are committed to the protection of both our own and user data (including but not limited to all computers, mobile devices, networking equipment, software and data) and to mitigate the risks associated with the theft, loss, misuse, damage or abuse of such data.
Insofar as user data in the Business Process Automation service, user acts as Data Controller in respect of any Personal Data contained within the service. To the extent that we process (as such term is defined in the Data Protection Act 1998) Personal Data under this Agreement, we act as the Data Processor in respect of any such Personal Data.
All changes to our service are assessed in terms of impacts on security and access management policies, access rights and firewall/security group rules and require signed off by a board level Director prior to deployment.
Further information is provided in our Service definition document.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
We operate a configuration management system for all assets, including software and configuration.
All software is built and labelled so that it is uniquely identifiable.
Deployment of built software is controlled through the Administration Interface using automated deployment agents.
Deployment of all configuration, including security related configuration such as firewall rules and security policies, is controlled through the Administration Interface using automated deployment agents.
All changes, such as customer feature requests, defects and mitigations, are recorded, assessed and scheduled through planning according to priority and/or urgency and impact.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||We manage vulnerabilities through a combination of inputs from our Governance framework and Incident management. Assessment and scheduling of mitigations is in accordance with Configuration and change management.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||We operate a real-time monitoring and management system that tracks activity on all service interfaces, including all authentication and/or authorisation failures. Our personnel are automatically notified of all abnormal activity and/or patterns.|
|Incident management type||Supplier-defined controls|
|Incident management approach||We operate an incident management process to log, assign and diagnose incidents based upon urgency and impact, and to restore Service operation quickly with minimum disruption.|
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£0.04 to £0.085 per unit|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||
Time limited - 30 days