Absoft Ltd

SAP S/4HANA Cloud Public

S/4HANA Cloud Public is the newest Enterprise Resource Planning (ERP) solution offered by SAP under a SaaS subscription model. Managed by SAP with updates released every quarter, S/4HANA Cloud Public offers the lowest TCO and highest ROI for customers seeking a greenfield ERP implementation.

Features

• Core finance services, including cost, risk and compliance management
• Sourcing and procurement, including integration to the Ariba Network
• Asset maintenance, including planning, scheduling and execution management
• SAP HANA in-memory database and embedded analytics
• In-memory technology enables access to data in real-time
• Integration to SAP SuccessFactors for enhanced HR
• Integration to Business Technology Platform (BTP)
• Integration to SAP and non-SAP systems
• Accessible via desktop, tablet and mobile

Benefits

• Digitize business processes to respond efficiently to business trends
• Simplify accounting and financial close processes
• Support in-context decisions with embedded data analysis
• Enhanced automation to reduce human error and increase time savings
• Increased user productivity and reduced user onboarding
• Quarterly release cycles allows users to benefit from new innovations
• Overall TCO is significantly reduced under the subscription model
• Future-proof IT planning via the SAP Roadmap

£367.50 to £3,055.50 a user a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@absoft.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

144268524721755

Contact

Eilidh Semple
01224 707088
info@absoft.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: SAP enforce a minimum user number for S/4HANA Cloud Public. ; ; Customer systems are subjected to automatic quarterly upgrades released by SAP.
• System requirements:
  • Device agnostic, subject to device supporting HTML5-based browser
  • Internet connection for use of SAP Fiori Apps

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: SLAs would be agreed with the business during sign up to meet the needs of the business. Priority 1 calls are responded to within an hour.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: System support and maintenance for SAP S/4HANA Cloud Public is managed directly by SAP under the licence subscription, and therefore charged at no additional cost. ; Absoft further enhance the system support with our Managed Support Service, along with the provision of functional/user support. Please refer to the pricing document for indicative pricing for this service. ; At Absoft, we have an expert team available to support you. This will include all customers having a designated Service Delivery Manger and Account Manager focused on the performance of our support services, SLA compliance and monthly reviews.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Absoft work in partnership with SAP under the Activate framework which expedites the implementation of SAP S/4HANA Cloud Public. ; ; The Activate framework is underpinned by the Agile methodology, and is based on three pillars:; 1. SAP Best Practices; 2. Guided Configurations; 3. SAP Activate Methodology; ; SAP S/4HANA Cloud Public has native training embedded which provides handy tips and tricks for new users. ; ; Absoft further support new users by providing in-person or online training and useful role-based guidebooks/presentations which help walk the user through pre-defined processes.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Absoft offer the use of our proprietary data extraction toolset, DATAMA.
• End-of-contract process: SAP S/4HANA Cloud Public operates on a subscription model only. During the onboarding process, the customer will stipulate the term of the contract. ; At the end of the initial contract, the customer has the option to extend or renew their contract for an additional term. ; Alternatively, if they wish to cease their contract on the end date, they are free to do so at no additional charge.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Some of the SAP FIORI apps are specifically designed for mobile/tablet use.
• Service interface: No
• User support accessibility: WCAG 2.1 AAA
• API: Yes
• What users can and can't do using the API: SAP's APIs enable the integration of on-premise, cloud-based and third-party solutions with the S/4HANA Cloud solution.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: There are various customisation options available under the SAP Intelligent Enterprise. ; ; Within S/4HANA Cloud Public, users can personalise their own user experience to suit the requirements on a role-driven basis. Additionally, the overall functionality of the system can be altered via changes and additions to fields, administered by system admin. ; ; The embedded analytics can be utilised to produce bespoke reports, as per user requirements. ; ; SAP Business Technology Platform enables side-by-side extensibility for further customisation and integration, accessed via a custom Fiori tile within S/4HANA Cloud Public.

Scaling

• Independence of resources: SAP S/4HANA Cloud Public has been developed and built to offer complete scalability to all customers in any industry.

Analytics

• Service usage metrics: Yes
• Metrics types: SAP S/4HANA Cloud Public has customisable dashboards and reports which are accessible by the customer, providing information on service availability, planned system maintenance and downtime.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: SAP

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: There are numerous methods available, however the most common and one which is most support by SAP is an excel extract for reports.
• Data export formats: Other
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XML
  • TXT

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: SAP offer 99.5% availability as standard for S/4HANA Cloud Public, however an additional service can be provided to increase this to 99.9%.
• Approach to resilience: SAP HANA offers comprehensive functionality to safeguard your database and ensure that it can be recovered speedily and with maximum business continuity. SAP HANA database instances are continually backed up to safeguard your database and ensure that it can be recovered speedily. The recovery point objective (RPO) is no more than 15 minutes.; ; Backups are encrypted using the capabilities of the infrastructure as a service (IaaS) provider. Backups are replicated in additional availability zones in the same region; ; Further information of the SAP Data Centre can be found here - https://www.sap.com/uk/about/trust-center/data-center.html
• Outage reporting: SAP have a robust power supply, both directly from the local national grid and via their own independent power supply which will operate for short-term outages and therefore significantly reduce the risk of a customer outage. ; ; However, customers are alerted via email if there are any unplanned outages in their region / the region of their data center.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Absoft utilises two-factor authentication for all external access, with additional separate accounts for any management, administration, or support in customer systems. Access is restricted to the minimum required to complete an activity, and granted only for the time period needed. Individual accounts are preferred but where shared accounts are unavoidable, a password management system is used to restrict and control access to them.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 19/12/2021
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Information security is at the heart of everything we do at Absoft, as we're trusted to work with some of the most sensitive data of the largest public and private organisations in the UK. ; ; We make significant investment in our people, processes and technology to ensure information remains secure. In order to ensure our Information Security Policies are followed, Absoft are externally audited against our processes. We have been certified for ISO27001 Information Security Management continuously since 2012. ; ; The scope of ISO27001 covers all areas of Absoft’s business, particularly in provision of SAP Hosting and Support Services. Our ISO27001 compliance is audited by an external auditor annually. The audit includes review of all information security policies to confirm they meet the standards of ISO27001, dip sampling of compliance with policies, and employee interviews. ISO27001 also includes a programme of internal audit, with trained Absoft employees auditing selected departments for awareness and compliance with our policies. ; ; Our internal audit is reviewed in the external audit. Absoft’s certification for ISO27001 can be provided when required, and any other documentation that is required is available on request.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Absoft operate a formal Change Management process which enables changes to be identified, reviewed and approved prior to implementing. This process includes an impact analysis assessment across the system, including any security impacts. ; ; Absoft also ensure compliance with customer Change Management processes.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: SAP’s approach to vulnerability management is based on the industry standard CERT Guide to Coordinated Vulnerability Disclosure. White hat hackers, security researchers and customers report vulnerabilities, SAP fix them, score them using CVSS and release a fix either immediately for a high score or on the subsequent Patch Tuesday otherwise. SAP release lower priority fixes on the second Tuesday of each month in line with industry standards. The vulnerability is not disclosed until customers have had time to apply the fix. The process is aided by SAP’s internal vulnerability scanning and testing. Absoft review/apply released security updates to customer systems.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Cloud Operations and Management covers security patch management, hardening of operating systems, application, and databases virtual instances. The security incident and event management are available to collect, aggregate, correlate and apply security use cases for automatic alerts in the event of security incident occurrences. The team performs 24×7 infrastructure monitoring, database monitoring, secure admin access, regular backups, security vulnerability scanning, hacking simulations and remediations to secure the environment for customers.; ; Absoft augments the service performed by SAP with additional monitoring that captures sensitive user authorisations, well known passwords, certificate issues, security incidents in logs, and further security and compliance checks.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Absoft records all security incidents in an incident management system. Security incidents are reviewed, immediate containment is performed where required followed by root cause analysis and permanent resolution. The need for security incident reporting is regularly communicated to all staff. Security incidents are monitored with trend analysis that feeds into a top level management meeting. Security incidents are audited by dip sample by internal auditors twice a year and by external auditors annually against the ISO27001 standard.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Tackling economic inequality

  Tackling economic inequality

  Absoft's offerings allow public sector organisations to create growth opportunities and entrepreneurship to support economic growth and business creation. By allowing public sector organisations to oversee financial budgets more clearly, it increases supply chain resilience and capability. It can help to support innovation and disruptive technologies.

Pricing

• Price: £367.50 to £3,055.50 a user a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@absoft.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.