Atamis Limited

Atamis Contract & Supplier

Atamis Contract & Supplier offers organisations a centralised platform to coordinate Supplier Relationship Management (SRM) and Contract Lifecycle Management (CLM) activities. By creating standardised processes across supplier on-boarding, due diligence, compliance and performance management, organisations will gain deeper insights into their supply chains, contractual commitments, market opportunities and spend compliance.

Features

• Promote supplier collaboration and self-service using the Supplier Portal
• Collect, review and manage supplier information, documentation, and certifications centrally
• Conduct supplier assessments and establish preferred / approved supplier lists
• Enrich supplier information from third-party sources such as Companies House
• Record and manage secondary (tier 2) supplier and sub-contractor information
• Centralised contract register linked with supplier register for all-around visibility
• Store all agreements including MSA, SoWs, Frameworks & call-offs, NDAs
• Comprehensive & secure document management, with version control and sharing
• Reporting, analytics and dashboards with self-service report builder and subscriptions
• Range of third-party integration options including Microsoft, Docusign and ERPs

Benefits

• Improve supplier relationships, reduce administrative burden, and increase information accuracy
• Ensure supplier compliance with internal policies and government regulation
• Deliver accurate insights into supplier usage across categories and regions
• Aggregate many data sources into a single source of truth
• Identify risks and issues within supply chains and mitigate earlier
• Establish standardised security and sharing policies across all contractual agreements
• Receive early warnings about contractual commitments, key dates and performance
• Share documentation internally and externally and integrate with DMS platforms
• Maintain an audit of supplier relationship activities across the organisation
• Spot trends, highlight risks and deliver actionable insights through analytics

£6,000 to £65,000 an instance a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jarad.owen@atamis.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

150760453625122

Contact

Jarad Owen
029 2279 0052
jarad.owen@atamis.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: No service constraints
• System requirements:
  • Users must have an internet connection
  • Device must have a supported web browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response times are dependent on severity level. Atamis has a fully defined Standard SLA that can be shared with customers on application/request.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Atamis offers different support levels (Standard and Premium) with defined initial response and resolution / action plan time frames in our SLAs. ; All suppliers are supported regardless of plan selected. ; Standard support is included with the purchase of the service, premium support incurs an additional cost. See our SLAs & pricing for more details. ; A client success manager is assigned to all clients to conduct review meetings.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: A comprehensive Client Briefing Pack is provided to all new clients containing a step-by-step guide of all data requirements and resource actions required for the setup of Atamis.; Curated training programmes are provided to clients as part of implementation and on-boarding & our implementation team will work with you to ensure super users are trained on the system. We strive to find a balance between customisation requirements and our best practice recommendations to ensure an effective implementation.; Ongoing engagement from Atamis CSMs ensures that clients will maximise the use of their system throughout their contract and beyond.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Atamis assures that prior to termination of the contract, regardless of the reasons for termination, it will provide a full data extract.; Atamis includes system reports that End Users will be able to run that will extract all data directly. There are no pre-requisites to users with access to the system to run these reports and download the data. Data can be exported in either Excel or CSV formats.
• End-of-contract process: Upon the termination of contract, the system will be de-commissioned following the data extract and handover process. We will work with the customer regarding an exit plan that suits their needs. With the written agreement of the customer, all data held on the system belonging to the customer is deleted and destroyed.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Most functions are also available on mobile devices using the official Salesforce Mobile App. This can be installed on iOS and Android devices. Typically clients will access via mobile devices to action approvals, view dashboards and reports and send messages.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Wide range of functionality is available via the APIs, which includes retrieving data, creating new records and updating existing records.; Administrative functions can also be conducted via the APIs if appropriate.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Atamis is an extremely flexible system and most data elements and outputs can be customised and configured to meet the clients exact requirements. Our implementation team will work with you to assess out of the box functionality compared to your processes and identify customisations that may suit the client's needs. There is opportunity to customise fields & field labels, workflows, templates, reports & dashboards and more. After go-live, additional requests for customisation in a client system are handled by our change team.

Scaling

• Independence of resources: Atamis is hosted on the Salesforce platform. Their multi-tenant architecture is designed to handle very large numbers of users and can scale according to each client's unique requirements.; Each client system resides within their own Salesforce organisation and therefore an increase in one client's demand will not affect the performance of another client.

Analytics

• Service usage metrics: Yes
• Metrics types: Atamis has a range of options available for service usage metrics.; This includes total storage space consumption within the solution.; User metrics to include last login, login history, user information and user account volumes.; Ad-hoc reports and metrics are available on request via Client Success Managers.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Users can export their data in various ways, depending on the required outcome.; ; 1) Reports and dashboards within the system can be exported to files such as Excel and CSV, allowing the data to be used in third-party systems or compiled into management reports and shared externally.; ; 2) Additional tools such as Data Loader allow the mass export of data and files from the system and provide the user with a link from which they can download the export as a zip file.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Reports can be exported in Excel formats
  • Files are exported as original file type
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Reports can be imported in Excel and CSV formats.
  • File attachments will import as their original format.
  • Atamis will be as flexible as possible on data imports

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: The host Salesforce platform has a proven 24/7, 99.9+ percent uptime record over many years. Our standard SLAs guarantee our system availability at 99.9%, excluding planned maintenance and upgrades which are communicated and take place outside of business hours.
• Approach to resilience: To ensure maximum uptime and continuous availability, the host Salesforce platform provides redundant data protection and the most advanced facilities protection available, along with a complete data recovery plan.; Transactions are mirrored in real-time between top-tier data centres. In the event of the primary data centre being destroyed, a backup data centre is enabled with no loss of data and 12 hour recovery time objective.; For further details please refer to http://content.trust.salesforce.com/trust/en/learn/datacenter
• Outage reporting: Salesforce.com is the only cloud computing vendor to provide daily service-quality data on a public website (http://trust.salesforce.com), providing complete transparency of availability. Atamis will also notify customer's nominated representatives should an outage occur.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to management interfaces are accessible only by authorised personnel. End user administrators can set permission sets against individual users or groups of users to enforce restrictions on what users can access or not. This is determined during implementation. Atamis administrators are available throughout client lifecycle to aid with updating permission sets as required.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Citation ISO
• ISO/IEC 27001 accreditation date: 22/09/2022
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Atamis has a structured Information Security policy to cover all processes and procedures we follow in maintaining the highest standards for protection of client data. Available on request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All product changes made to the Atamis platform undergo security assessment audits that are reconciled against Salesforce development best practices. This is done with a view to remaining compliant with Salesforce's periodic security reviews. Further details on how Salesforce protects and supports its own platform can be found here (https://compliance.salesforce.com/en); (https://www.salesforce.com/company/legal/trust-and-compliance-documentation/). Atamis follows a structured product deployment process using Salesforce-endorsed technologies for our product releases. Customer specific changes are made within our Change Management function which ensures changes are scoped and approved by both parties, tested in sandbox and then deployed.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Operational security practices are aligned with best practice and ISO 27001 standards and Atamis' obligation to remain compliant with Salesforce security reviews that are regularly conducted.; A Vulnerability and Patch Management Program is implemented where Salesforce performs vulnerability scans on both external and internal facing systems using internal scanning resources and by contracting with third-party vendors to conduct external vulnerability assessments. Commercial and proprietary vulnerability scanning tools are configured to identify vulnerabilities and measure vulnerability impact in CVSS scores. Patching is applied following a risk-based approach and SLAs while using the change management process to ensure mitigations are deployed.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Salesforce operates a rigorous security regime which includes risk and attack monitoring (https://compliance.salesforce.com/en). Atamis follows the standards set by our ISO 27001 & Cyber Essentials procedures. If such a compromise were discovered, we would perform an immediate impact assessment and take necessary action.
• Incident management type: Supplier-defined controls
• Incident management approach: An Incident Response Plan has been established.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Other
• Other public sector networks:
  • Find a Tender Service (FTS)
  • Contracts Finder
  • OJEU

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  At Atamis, we are deeply committed to combatting climate change. As a SaaS company, our environmental impact is minimal compared to other industries, but this does not mean we don’t have a responsibility to act where we can. Fortunately, as an agile SME, we pride ourselves on our agility and this means we are able to make quick decisions where necessary to drive through change-making policies internally. ; ; We continuously look to reduce the environmental impact of our office; this includes reducing our water usage with awareness campaigns internally and implementing low-flow faucet attachments. We’ve also committed to using only recycled paper in our office for when documents have to be printed. Over the last two years we have actioned a robust recycling scheme and conducted an internal communications campaign to spread the message and ensure our whole team is clear on our standpoint and onboard with our approach. ; ; Following the Covid-19 pandemic, as was the case for the vast majority of businesses, working from home or hybrid working became the norm. We wanted to make sure that our commitment to the environment remained a priority so we introduced a Virtual Office Stewardship Policy. This policy provided guidance on recycling while at home, as well as a recommended list of local retailers providing eco-friendly office supplies should they be needed. ; ; We also work with CLEANHUB, to fight plastic pollution of Earth’s oceans. Through our partnership with CLEANHUB, each year, Atamis is responsible for preventing 2,300kg of plastic from ever reaching the world’s oceans. ; ; Atamis has made an electric vehicle scheme available for employees to partake in.

  Covid-19 recovery

  At the outset of the Global Covid-19 Pandemic, we were fortunate that the agile-nature of our business allowed us to move to remote working relatively smoothly without impacting the service level expected by our clients. Our team was already using individual machines to carry out their work which made the transition over to working from home smooth. We quickly transitioned over to virtual meetings for both internal and external operations. ; ; As a SaaS company, we recognise that our product range, industry and working culture put us in a beneficial position when it came to responding and adapting to the circumstances created by the pandemic.

  Tackling economic inequality

  Atamis endeavours to support the communities it operates within. Many employees live locally, however our hybrid policy also allows us to hire employees in areas that may not have been sustainable prior to remote work being available. We encourage sourcing from local suppliers when appropriate. ; ; We encourage employees to give back to their communities through our Charity Days program, where employees receive 3 paid days dedicated for volunteering. Employees are able to submit local charities for consideration and volunteering opportunities are coordinated throughout the year by the Charity Committee. Further activities are run in the office for local charity support such as Christmas Jumper Day & Bake Sales.

  Equal opportunity

  We are committed to eliminating any form of discrimination within our team and to providing a workplace where all parties can feel safe and valued. With this in mind, we have worked to improve the employee policies we have in place to include the following:; ; Enhanced Maternity Pay Policy ; Enhanced Paternity Pay Policy ; Breastfeeding Support Policy ; Whistleblowing Policy ; Atamis Equal Employment Opportunity Policy; Anti-Discrimination Policy Harassment Prevention Policy Diversity and Inclusion Statement Accommodation Policy Gender Identity and Expression Policy; We work to make sure that all job adverts are written and advertised in an inclusive manner to encourage all applicants. ; We are exceptionally proud of the fact that at the time of writing, women make up 56% of our team. This is rare in the tech space but it is also a fact that we are committed to backing up with policies that foster an inclusive working environment for all.

  Wellbeing

  We take the wellbeing of our team seriously at Atamis. Our core values are centred around creating and maintaining an adaptable, motivated and supportive organisation that empowers our employees and our clients to thrive. ; It is clear that the Global Covid-19 Pandemic changed many things when it comes to how employees interact with their workplace and how organisations interact with their teams. We saw how much flexible working improved overall wellbeing factors such as work/life balance for all corners of our organisation without impacting productivity or output. As a result of this, flexibility has now become a core value for Atamis as an organisation. Our team values the ability to work flexibly in a hybrid system, and we still have an office space where we encourage team members to come together to collaborate and hold space for in-person meetings. ; We also work closely with a local charity BIG MOOSE, which can connect individuals with a therapist tailored to their needs within 24 hours, this is a resource available to all members of our team and a cause we are thrilled to support. Mental health is something we prioritise.; We also believe in peer reviews and encourage the team to celebrate each other. Each month we hold an anonymous vote where two employees are highlighted by their colleagues for going above and beyond. This ranges from the completion of a high quality piece of work to having a truly positive impact on team morale; the two monthly winners receive vouchers as recognition of their contribution.

Pricing

• Price: £6,000 to £65,000 an instance a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Atamis can provide access to a hands-on demonstration environment upon request. This will allow users to familiarise with the solution. This would be time limited (30 days) and subject to discussion and scoping.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jarad.owen@atamis.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.