• No results found

Audit Management. service definition document

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Audit Management. service definition document"

Copied!
15
0
0

Loading.... (view fulltext now)

Download now ( 15 Page )

Full text

(1)

Audit Management

service definition document

(2)

Contents

Introduction ... 3

Service Description ... 3

Features and Benefits ... 4

Architecture ... 5

Service Delivery ... 6

Service Provisioning Time ... 7

Service De-provisioning Time ... 7

Governance... 8

Terms & Conditions ... 9

Open Standards ... 10

Support ... 11

On-Boarding ... 11

Off-Boarding ... 11

Response Times ... 12

Raising a Support Request ... 14

Reporting ... 14

(3)

Introduction

Blackthorn Technologies Software as a Service (SaaS) Audit Management Solution has been designed with the latest technologies and provides organisations with an

integrated end-to-end business solution that is quick to deploy.

It is simple to configure the software so that it delivers real benefits to your organisation with efficiencies and cost savings. Blackthorn has put the user experience at the centre of its software so that it is intuitive, easy to adopt and flexible enough to work on different devices.

Our software is designed around three common repeatable functions to Create, Manage and Report – within a single page view. This means actions are intuitive, making

adoption to the software much easier, whilst rich and highly-customisable reporting gives you the views you need.

Service Description

This is a cloud-based solution deployed on highly secure UK servers.

Blackthorn offers a number of tailored SaaS Case Management solutions, which fit into specific areas of business requirement.

 Case Management

 Fraud Case Management

 Audit Management

 Criminal Case Management (TWIF enabled)

 Immigration Enforcement Case Management (TWIF enabled)

 Policy Management

 Enquiries Management

 Incident Management

 Skills Discovery Management

No matter what is being audited, transparency, collaboration and remediation are key. This tool will highlight audit status and compliance weaknesses, manage task allocation and escalation, and give on-demand reporting via an integrated market-leading

(4)

Features and Benefits

The Blackthorn Audit Management platform is built exploiting the best Open Source component helping to providing powerful workflow and reporting functionality. This facilitates the support for a number of web browsers on a range of form factors. The service is provided as SaaS and keeps data secure to CESG security standards including OFFICIAL. There is the assurance that your data and the complete system is Government-accredited for a multi-tenanted PSN environment. This allows Blackthorn to ensure that the service is provided with 99.95% uptime and to ensure that the latest patches are always applied without any headaches to you.

Blackthorn will always work with you to explore any requirements, overcome any Cloud-based information assurance concerns and, where absolutely necessary, is able to provide an onsite solution.

Features

• Perform internal audits and controls assessments (defined or bespoke) • Task management, alerting and tracking • e-forms to capture audit and control related

information

• Capture, manage and organise internal audits in a formalised way

• Create and implement action plans to resolve audit or controls failures

• Provide transparency to internal stakeholders • Full audit trail

• Review and approve audits for audit and compliance control programs

• Comprehensive reporting

Benefits

• Clean, intuitive user interface reducing the training burden for users

• Scalable without the loss of operating speed • 24/7 access to your case information so you're

always informed

• Saves time managing cases with workflows, tasks, alerting and assignment

• Integrity of information and better governance for your organisation

• Wide range of supported platforms e.g. mobile, tablet, desktop

• Secure case management across all your teams and individuals

• Fast service delivery with defined SLA's provided directly from Blackthorn • Easy to configure reports, automated

dashboards and management information • View stored information all in one place for

(5)

Architecture

The Blackthorn Audit Management service exploits the benefits of a Cloud-based SaaS solution to give you and the client, resilience, flexibility and security controls needed to satisfy the PSN. It is designed to be a multi-tenanted platform with isolation between solution instances ensuring that data is contained and only accessible by authorised users.

(6)

Service Delivery

The Blackthorn service is designed to be provided as a securely hosted SaaS solution with a pre-configured workflow. A Blackthorn Account Manager will make contact to start the process to determine any specific requirements (which might include a bespoke workflow or, if specifically required, on-premise solution). Once this has been determined, a ‘prototype’ solution is created, agreed and signed-off.

The diagram below gives an overview of the steps taken to ensure that the best solution is provided.

• The client discusses their requirements with the Blackthorn Account Manager • Client identifies the required product from the Digital Marketplace and makes

selection

• Ongoing discussion is established between the Blackthorn Account Manager and client

• The specific requirements are gathered and a Statement of Works (SoW) is created and agreed

• A 'prototype' fulfilling the client's requirements is built and signed-off • Service is built to signed-off 'prototype'

• Client signs off the Service after User Acceptance Testing

• If required, training is delivered to ensure all users understand the correct use of the service

• On-boarding of client • Service goes live

(7)

Service Provisioning Time

Provisioning time of the service will vary depending upon the client’s requirements. Delivery timescales will be agreed upon based off of information gathered during creation of the Statement of Work.

Service De-provisioning Time

De-provisioning time will be determined during the Off-Boarding process. Please refer to the Off-Boarding section of this document.

(8)

Governance

Blackthorn ensure business systems integrity, business processes, client-related

information and code development have appropriate controls and governance in place. Specifically, this includes:

 Incident Management

 Personnel Security

 Supply Chain Security

 Secure Code Development

 Audit information

Our commitment to maintaining ISO27001 certification applies independent verification to ensure that policies and procedures are enhanced and maintained.

When a solution is live and in production, it is important that the complete lifecycle is controlled by a holistic process protecting integrity, stability, security and availability. This needs to happen whilst providing agility to rectify issues in a timely fashion. The process map opposite defines a broad view of the identification, rectification, quality control and final deployment stages:

1. Issue identification 2. Verify issue

3. Determine whether software alteration or configurations is needed 4. Development team update code/solution

(9)

Terms & Conditions

(10)

Open Standards

The service is built upon a number of open standards providing flexibility within the system and to import and export information. Migrating data into or out of the service can be a complex task.

Working together, Blackthorn is able to ensure that the maximum benefit is realised.

Architecture and data

storage SOA NoSQL Programming

languages

.NET C# HTML5 CSS3

AngularJS Bootstrap

Data transfer TCP/IP

HTTP Encryption AES-128bit

Importing & Exporting

data Specifically written scripts Data exporting

support 'Flat file' CSV

(11)

Support

Blackthorn provides a single point of contract for support and advice for all aspects of the solution. This allows authorised personnel or client third party support desks to raise support tickets between the standard service hours of 8am until 6pm, Monday to Friday. An additional range of support covering weekends, extended hours and bank/public holidays can be arranged following further discussion if required.

To ensure issues are co-ordinated and closed with the appropriate resolution, we would request that the client assigns a single liaison point.

On-Boarding

To ensure that the appropriate information is collected during the implementation process of the service, Blackthorn will produce a Client On-Boarding Manual. Typically this is a six stage process.

This document includes and defines:

 Contact points

 The escalation process

 A definition of the support service provided o Incident Management

o Problem Management o Change Management

 Response SLAs

 Reporting frequency

 Strategic Service review meeting

Off-Boarding

The off-boarding process considers data migration from the incumbent Blackthorn solution and how we would engage with the client’s new solution provider. The process starts by defining the scope of the work that would be expected from Blackthorn to ensure successful data migration. Once the scope of the exit has been agreed upon, Blackthorn would participate in single or multiple workshops, as necessary, to define how the data should be migrated to another party.

Main Blackthorn & client contact point(s) defined

Establish contact with the main

nominated contact point(s) On-boarding document details collected Draft on-boarding document is created On-boarding document is finalised & published Service Review meeting

(12)

The process of migrating data to the other party could be:

 as simple as extracting all textual data to a “flat” or .csv file that could be ingested by another party into their database or;

 it could be as complicated as having to write bespoke scripts and processes to download the data in an acceptable format to the other party (including non-textual items e.g. photos). Then cleansing the data of any anomalies or data that the other party can’t ingest, liaising with the other party to ensure the data is “clean” for the new system and testing (if required).

From a high level both of the above scenarios can be shown below.

Response Times

Blackthorn have a standard SLA which prioritises all Support Requests based on its reasonable assessment of the severity level of the problem reported. The table below defines our standard SLAs for support request response and resolution in accordance with this prioritisation.

Priority Initial Response Resolution Description

P1 Major business impact 2 hours Acknowledgment of receipt of a Support Request including a call Reference.

Deliver a Resolution by way of a workaround reasonably acceptable to the Client.

8 Hours

Restore the Blackthorn Solutions to a state that allows the Client to continue to use all functions of the Blackthorn Solutions in all material respects OR

An error or failure in the Blackthorn Solutions where:

 User/s unable to

access the Blackthorn Solutions

 Necessary work is

(13)

Priority level

assessment may reduce to a severity level 2 or lower.

Agree with Client to move to Problem or Change Management if 3rd level fault

diagnosis required.

 No workaround is

available P2 Significant Business Impact 6 hours Acknowledgment of receipt of a Support Request including a call Reference.

Provide a workaround and/or initial diagnosis. Agree a plan to fix.

5 working days Temporary release or update release. Move to Problem Management to diagnose underlying fault to enable a permanent fault correction.

An error or failure in the Blackthorn Solutions where:

 User/s still able to access the Blackthorn Solutions

 Performance is

reduced

 No Workaround

is available P3

Minor Business Impact

2 working days Acknowledgment of receipt of a Support Request including a call Reference.

Provide a workaround and/or initial diagnosis. Agree a plan to fix.

10 working days Temporary release or update release. Provide known workaround. Move to Problem Management to diagnose underlying fault to enable a permanent fault correction.

An isolated error or failure in the Blackthorn Solutions where:

 User/s still able to access the Blackthorn Solutions

 Loss of some

functionality

 Performance is

not reduced

 Workaround is

available P4 No discernible business impact Best Endeavours Acknowledgment of receipt of a Support Request including a call Reference.

Raise as a Service Request if appropriate.

Best Endeavours Deliver Service Request solution.

 How to questions

 Documentation

 Cosmetic

(14)

Raising a Support Request

There are a number of routes to raising a support request to the Blackthorn Service Desk by telephone, email and Blackthorn Support website.

Reporting

Specified service reports can be made available via email on a regular basis as agreed. After the initial on-boarding process has been completed, a service review meeting between the Blackthorn Service Desk and Client will be arranged. This will take place monthly for the first three months with Strategic Service being reviewed at regular Service Review Meetings attended by nominated client and Blackthorn personnel. The venue and frequency will be agreed and defined within the Client On-Boarding Manual.

Support Ticket reference number provided to Client Issue resolved Support Ticket closed Email sent to support

request initiator

Support website

Support requested can be raised during a dedicated Blackthorn secure support website. Once the client logins into the system, they are able to:

raise a support request

view open calls and their status

run tailored client reports

Email

Using a dedicated Blackthorn email address, authorised contacts raise a support request providing details of the support need, priority and any specific contact details.

Telephone Authorised client contacts call the

(15)

About Us

Blackthorn Technologies is an agile software developer and Digital Forensics company. We have been supporting our customers since 1996 with innovative business solutions that have enabled them to manage and control risk, and provide them with essential services.

We pride ourselves in developing strong relationships with our customers and helping them achieve their strategic goals. Blackthorn invests in talented staff who help to drive our organisation and enable us to continue to innovate.

References

Download now ( PDF - 15 Page - 774.68 KB )

Related documents

Property Purchase - Precautions

Sale by holder of power of attorney- If the sale documents are being executed by a person holding power of attorney on behalf of the owner, the said power

From fight against crime to its risks. Extra prison consequences of female imprisonment

A partir da análise das narrativas das reclusas entrevistadas, emergiram três cenários relativos ao papel preponderante que as mulheres protagonizavam nos

Audit Management Software Solution

Clemson University is seeking a vendor to provide an Audit Management Software

Shamanic Wisdom Meets the Western Mind: An Inquiry into the Nature of Shamanism

shamanism has in common with parapsychology and the- osophy that the latter are also scientific in their approach to reality, these sciences have their origin in the Western

CYBERSECURITY MANAGEMENT

In this course, the students will be introduced to a professionally developed learning framework that will help them to thoroughly and critically assess organizational

Analysis of the CCS Considering Environment Co-benefit of Air Pollutants in China

A generation planning model of the Chinese six major power grids, which is being developed in order to evaluate and analyse the capture and storage of CO 2 considering

En.security Center Administrator Guide 5.2

To view the health status and availability of an entity: 1 From the Home page, open the Health statistics task. 2 Generate your report (see "Generate a report" on

CENTRAL INDIANA TECH WORKFORCE STUDY EXECUTIVE SUMMARY

When it comes to developing the right talent for this sector, we need to predict industry needs, respond to the diversity of demand from companies, and equip talent with the