QualiWare Business Process Management Solution
Arribatec, with our partner QualiWare, offers market leading solutions for Enterprise Architecture and Business Process Management / Quality Management tools for all enterprises.
Whether you're looking to improve efficiency, enhance strategic planning, or ensure compliance with industry standards, QualiWare provides the functionality to support your goals.
Features
- Easy to navigate and explore; adapts rapidly to business changes
- Market-leading industry-sector functions optimised for your specific needs
- Simple to understand, work with and to share information
Benefits
- Experience increased operational efficiency
- Achieve more effective resource allocation
- Deliver enhanced compliance with critical standards
- All of which contribute to a stronger, more agile business.
Pricing
£1 to £200 a licence a month
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
1 4 0 3 8 3 9 6 6 3 2 2 3 0 6
Contact
ARRIBATEC UK LTD
Allan Burrows
Telephone: 0333 444 1005
Email: marketing@arribatec.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Service constraints
- No
- System requirements
- Web browser requirement (Edge, Chrome, Safari)
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Standardised Service Level Agreement, depending on issue severity.
For non-critical matters 8 hours measured during business hours.
Weekend support may be offered after agreement. - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 A
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
We have standardised a Service Level Agreement with response times for incidents on level A, B, C, as well as general support/inquiries ("D") at 2, 4 8 and 8 hours, measured during business hours.
We may offer weekend support etc after agreement.
All active Cloud contracts are managed by a Service Delivery Manager. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Arribatec offer full-fledged implementation support from strategic to technical level, and may take total ownership of all work streams in e.g. a Management System roll-out. This includes setting strategic targets, project planning, assessing existing documentation and process management capabilities, process mapping, change managagement, training (both management and application) etc.
For application roll-out Arribatec offer (non-exhaustive) online training, onsite training, various levels of user documentation, web portal for architects and more. - Service documentation
- Yes
- Documentation formats
-
- HTML
- ODF
- End-of-contract data extraction
-
Through XML og CSV exports.
Arribatec may assist in mapping towards meta models for both previous and next system vendor (both import and export). - End-of-contract process
-
Closure of service is included in contract. No fees for decommissioning.
Fees for assistance with export and if desired import.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Chrome
- Safari
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
-
The mobile service is designed for viewers, and to view and find governing documentation on small devices.
The regular service is scalable and available through web browsers on mobile devices, but due to rich functionality easier to use on larger devices. - Service interface
- No
- User support accessibility
- None or don’t know
- API
- Yes
- What users can and can't do using the API
-
Open API that may be used to import or export data on regular basis or based on triggering events.
The API is configured by Arribatec staff after agreeement. - API documentation
- Yes
- API documentation formats
- Open API (also known as Swagger)
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
-
QualiWare is CONFIGURABLE by nature, meaning that is is meant to be configured to client environment. This ensures that colour schemes, logos etc will match client criteria. The same applies for use cases, modelleling standards, meta models, terms and abbreviations etc.
In addition to configuration, we may run code for customization if required. This may be in the form of customized integrations, added or amended features etc. Customization may increase the maintenance cost of the service.
Scaling
- Independence of resources
- QualiWare is currently offered as a Single-Tenant Service, ensuring that sufficient resources is assigned to the server at all times.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Service usage metrics may be offered through dashboard based either on Microsoft Power BI technology or through QualiWare's native Social Behavior Warehouse.
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Qualiware Aps
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
-
Users may export data through various formats:
End users: PDF, Excel, Word and equivalent
Architects: XML, CSVs and similar - Data export formats
-
- CSV
- ODF
- Data import formats
-
- CSV
- ODF
Data-in-transit protection
- Data protection between buyer and supplier networks
- IPsec or TLS VPN gateway
- Data protection within supplier network
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
-
99,7 % uptime, guaranteed 24/7-365.
Penalty fees at 5-20 % on monthly service fee depending on severity level of breach. - Approach to resilience
-
Resillience handled on multiple levels:
- Power
- Infrastructure
- Backup data center
Further information available on request. - Outage reporting
- Surveillance tools with direct messaging to support team
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- Identity federation with existing provider (for example Google Apps)
- Other
- Other user authentication
- Authentication and SSO via Microsoft Azure AD
- Access restrictions in management interfaces and support channels
- Defined by system admin through assignment of roles and licenses in solution
- Access restriction testing frequency
- Never
- Management access authentication
-
- Identity federation with existing provider (for example Google Apps)
- Other
- Description of management access authentication
- Authentication and SSO via Microsoft Azure AD
Audit information for users
- Access to user activity audit information
- You control when users can access audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- You control when users can access audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
- ISO9001
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- Information security policies are designed to meeet ISO 27001 standards, including processes for surveillance, reporting and audits.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Our change management process is based on the Agile principles of software development. We work in iterative cycles, each aiming to improve or extend our software. Requests for change and bug reports come in to product and are noted in as much detail as possible into our task management software. Then, before each development iteration, product and development triage new requirements, briefly discussing the scope and ramifications of each. These requirements then get placed into the development backlog of work according to the outcome of this discussion, and the entire backlog is then re-assessed against current priorities.
- Vulnerability management type
- Undisclosed
- Vulnerability management approach
- Available upon request
- Protective monitoring type
- Undisclosed
- Protective monitoring approach
- Available upon request
- Incident management type
- Undisclosed
- Incident management approach
- Available upon request
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
Arribatec has an environmental policy geared towards minimising our environmental impact. We have an Environmental Management System and are working towards a goal of being carbon neutral by 2030. Progress towards this, and other ESG goals, is reported each year as part of our Annual Report. We have ensured that all our data centres have green electricity
certificates and that the suppliers are chosen based on their environmental performance.
Our environmental policy also includes such activities as recycling material wherever possible, and an increasing effort to minimise travel. We have a goal of re-using or recycling all electronic waste by 2026 and our progress towards this is measured in our environmental management system.
We have significantly reduced our business travel over recent years, taking advantage of remote working technologies to allow us to do this. Our UK head office is notable for its many eco-friendly credentials including solar and photovoltaic panels on the roof, and ground source heat pumps to supply natural heating. We support the cycle to work scheme which is utilised by head office staff in travel to and from our head office.
Furthermore, he nature of our work in automating and increasing the efficiency of transaction processing, and moving processes to the cloud where possible, has a naturally beneficial environmental impact.
We publish an annual ESG report, which is available on request or via our website, which also contains details of our ESG commitment and our on-going ESG activities including climate change.Covid-19 recovery
As a business, we weathered the Covid 19 epidemic well, and are proud that we were able to continue business without any furloughing or loss of staff. The rapid deployment of new ways of working allowed us to continue to service our customers’ needs. We instigated a number of measures around social distancing and remote working which allowed us to operate effectively during the pandemic and which will continue to allow us to operate effectively through Covid-19 recovery. We anticipate that the effectiveness of these measures will leave us well placed to create further employment opportunities in the high growth technology sector in which we operate. We also work with various service providers to offer physical and mental health support services to those who need it and regularly incorporate discussion of well-being issues in company meetings.Tackling economic inequality
We are proud to have supported, and we continue to support, sub-contractors in the growth of their businesses through both financial assistance and collaborative working. This includes assistance to small business start-ups, and close collaboration with partners, to develop lower cost/higher quality solutions and boost mutual growth. Scalable and future-proofed technologies and solutions are integral to what we do.
As an operator in a high growth technology sector we have, over many years, provided, and will continue to provide, significant investment in support and training in technology to both our customers and our own staff including towards a number of recognised accreditations. Identification of skills gaps, and plans to address these, are frequent features of our work.
We hold Cyber Security accreditations which include plans for the identification and management of cyber security risks. Cyber security briefings are a regular part of information sharing sessions in the company. Parts of our business have and maintain special expertise in cyber security, and their services are offered to our customers to help them build resilience.Equal opportunity
Arribatec has an Equal Opportunities Policy which states our firm belief in equality, diversity and respect for all, including those with a disability. It is our policy that all employment decisions are based on merit and the legitimate business needs of the organisation. Arribatec recognises the value of an inclusive environment in which people from differing backgrounds and experiences are encouraged to offer fresh ideas and perspectives. We monitor our workforce diversity (with 29 different nationalities currently represented in the group), and our age and gender balance, including salary ratios. We undertake succession planning, monitor and respond to employee satisfaction across a range of measures, and undertake personal development planning for all staff. Our intention is to enable all our staff to work in an environment which allows them to fulfil their potential without fear of discrimination, harassment or victimisation
We publish an annual ESG report, which is available on request, or via our website, which also contains details of our ESG commitment and our on-going ESG activities including Equal Opportunities.Wellbeing
Arribatec aims to be a supportive and flexible employer and has supported staff through difficult periods in terms of both mental and physical health. We include regular presentations on the subject of mental and physical well-being in our company meetings and offer training and support in these areas. We have a range of services available to staff through our healthcare and pension providers. We run periodic team building exercises with the aim of supporting staff to support each other.
We also engage in various community-based activities to support the communities in which we work. This includes volunteering and fundraising activities, some of which are undertaken jointly with our customers, and we have a regular programme of social events.
We publish an annual ESG report, which is available on request or via our website, which also contains details of our ESG commitment and our on-going ESG activities including on employee wellbeing.
Pricing
- Price
- £1 to £200 a licence a month
- Discount for educational organisations
- No
- Free trial available
- No