MAGIC ORANGE HOLDINGS LIMITED

MagicOrange

MagicOrange provides executive teams with a unified and innovative approach to strategic financial planning. Operating at the convergence of ITFM, FinOps, and shared services, MagicOrange provides crystal-clear line of sight into expenses and cost-drivers. clear line of sight drives traceability, accountability and data necessary to drive profitability and investment decisions.

Features

• Unified Viewof Tech Spend for IT, Business, Finance
• Communicate, benchmark cost, quality & value of IT investments
• Deliver TCO across technology estate
• Best in class self-service BI for reporting
• Best in class and multi-dimensional cost allocation engine
• BYO cost model or leverage industry standard frameworks
• In product collaboration, report subscriptions and commentary
• Budget & Forecasting capabilities
• Deliver granular Bill of IT and/or Bill of Shared Services

Benefits

• Accelerate IT planning, budgeting & forecasting
• Track consumption by departments
• Deliver application and services portfolio optimisation
• Report and trend Vendor, Asset and Labour insights
• Deliver showback and chargeback models
• Track and overlay KPIs alongside costs
• Align IT, Finance, Business to drivers of cost

£125,000 an instance

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at stephen.coull@magicorange.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

157346190011759

Contact

Stephen Coull
+27 82 901 7482
stephen.coull@magicorange.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No, deployments of new versions occur outside of business hours and are short in duration (usually around 5 minutes).
• System requirements: Modern Web browser (Edge/Chrome recommended)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Priority | Response Time; P1 | 2 business hours; P2 | 4 business hour; P3 | 1 business day; P4 | 2 business days; P5 | 5 business days
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Available from MagicOrange.com
• Web chat accessibility testing: Leverage Hubspot for Support and CRM.
• Onsite support: Yes, at extra cost
• Support levels: Standard, Additional Support Hours (+Cost) and Dedicated phone support (+Cost)
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide onboarding services via our Professional Services team, the MagicOrange academy online learning and enablement portal, and via our online help pages. We can tailor this to a customers requirements, and are comfortable delivering remotely or face to face. The majority of our customers opt for remote delivery, with some face to face sessions at critical milestones during the engagement (i.e. kick off, validation, go-live)
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data can be manually extracted from MagicOrange, or data can be extracted by our team via a support ticket
• End-of-contract process: This is a SaaS service, so all costs (excluding professional services) are included in the license fee. Users must have an active license for continued access to the MagicOrange platform

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: A Web Browser based UI. Mostly tabular based with contextual menus available along the top and left hand sides of the application.
• Accessibility standards: None or don’t know
• Description of accessibility: MagicOrange is built on Kendo frontend components, Most of which are WCAG 2.1 A or AA compliant. ; ; MagicOrange is on a journey to become increasingly Accessible, we do perform Accessibility Testing internally and are actively fixing issues found during testing, we have however not done external testing or been through an audit to confidently be able to state that we are any particular level of WCAG 2.1 compliant.
• Accessibility testing: MagicOrange hasn't performed testing with users of assistive technology.
• API: Yes
• What users can and can't do using the API: Our APIs are available for data import and export for the system.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Cost Models can be fully customized. Cost Model administrators would be able to customize these.; ; Custom reports can be created/stored within the application.

Scaling

• Independence of resources: MagicOrange has dedicated deployments per customer. This provides security and isolation.; ; Furthermore, MagicOrange has ongoing service monitoring in place to proactively identify any potential scalability concerns and perform relevant actions to mitigate these issues.

Analytics

• Service usage metrics: Yes
• Metrics types: MagicOrange provides cost and usage metrics across all stages/levels and dimensions
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: MagicOrange allows users to easily export data in a number of ways. Dara can be exported by API with a number of out the box connectors. Data can also be exported via excel csv
• Data export formats:
  • CSV
  • Other
• Other data export formats: API (Inbound and Outbound)
• Data import formats:
  • CSV
  • Other
• Other data import formats: API

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: MagicOrange supports an uptime availability metric of 99.5%; ; SLAs are defined based on impact and urgency of the issue.; Impact Category Description:; High System down or “Time Critical” software issues. These are urgent issues that require immediate assistance. The software is totally or partially inoperative.; ; Medium Serious or non-critical software issues. The nature of the issues is that the software is useable but one or more of the functions may not operate as expected. Clients are encouraged to indicate on support requests with a “medium” level of priority whether the issue may be left for a next release or require a hot fix.; ; Low Procedural issues or standard maintenance questions. These issues are procedural questions about using the features and functionality of the software. They include “what if” and “how to” questions.; ; Urgency Category Description:; ; Critical Resolution is required as soon as possible to prevent severe business impact.; ; High Resolution is needed as soon as possible because of potentially damaging service impact.; ; Medium Resolution will solve irritating problems or repair missing functionality. This change can be scheduled.
• Approach to resilience: This information is available on Request.
• Outage reporting: Outages are reported through Email, via the HubSpot CRM portal.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Attached
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: SGS
• ISO/IEC 27001 accreditation date: 06/01/2023
• What the ISO/IEC 27001 doesn’t cover: Our Statement of applicability covers all items of ISO 27001
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: All policies and processes aligned with MagicOrange ISO 27001 Certification.; ; CISO Office - Report into Exco (CEO, CFO, COO)

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: • Respond to the customer’s changing business requirements while maximizing value and reducing incidents, disruption and re-work. ; • Respond to the business and IT requests for change that will align the services with the business needs; • Changes are recorded and evaluated, and that authorized changes are prioritized, planned, tested, implemented, documented and reviewed in a controlled manner; • Ensure that failed changes are analyzed and RCA’s done to reduce the reoccurrence of such instances. Check points are enforced to understand the progress of change and to understand the failures.; • All changes to configuration items are recorded in CMS
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Identification: This step involves continuously scanning the organization's IT Assets.; Prioritization: Once vulnerabilities are identified, they are prioritized based on their severity and the impact they could have on the organization.; Assessment: After prioritization, each vulnerability is assessed to determine its root cause and potential exploitability. ; Remediation: Once vulnerabilities have been identified, prioritized, and assessed, the next step is to remediate or mitigate them.; Validation: After remediation actions have been taken, it's important to validate that the vulnerabilities have been effectively addressed.; Monitoring and Reporting: Vulnerability management is an ongoing process, so it's important to continuously monitor the IT environment.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Protective monitoring is a crucial aspect of maintaining cybersecurity within our organization. ; Event Logging; Centralized Logging; Real-Time Monitoring; Threat Detection; Incident Response; Continuous Improvement
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incident Identification; Logging and Triage; Containment and Mitigation; Investigation and Analysis; Communication and Reporting; Resolution and Recovery; Documentation and Lessons Learned

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Fighting climate change; ; MagicOrange provides insights for on premise, hybrid and cloud asset/service utilisation. ; ; These insights assist enterprises to switch off and/or downsize leading to a reduction in cost and carbon footprint. ; ; Should you be in a position to provide data, we can report and provide trends on your carbon footprint.

  Covid-19 recovery

  The COVID-19 epidemic brought massive change to the world we know.; It required organisations to make quick pivotal decisions in order to survive and remain in business. It is known that 40% - 60% of organisations are struggling to undersdtand expenditures because they are using multiple spreadsheets and tracking tools in order to quickly understand their business and make decisions.; ; Problem (Tension): The sheer magnitude of IT expenses has made it challenging to get that unified view. And the systems we are using to track expenses are not scalable. In fact, that patchwork of tracking mechanisms is crumpling under its own weight now.; ; Implication (Pain): Without an aggregated and holistic view, we are constantly faced with fragmented data, time-consuming manual processes, and ever-increasing risk of errors. This hinders the team’s agility and compromises the reliability and accuracy of data driving our financial and operational decision-making.; ; How we solved for it: We’ve integrated ALL our disparate data-sources for IT expenses into the MagicOrange platform and now have a simple, scalable, multi-dimensional view of all our expenses that delivers answers to financial questions in minutes, not days.

  Tackling economic inequality

  MagicOrange takes pride in the support and development of small businesses. In line with this commitment, we align ourselves with South Africa's Broad-Based Black Economic Empowerment program that promotes financial support to small black owned businesses and suppliers.

  Equal opportunity

  MagicOrange takes pride in the development of previously disadvantaged groups. In line with this commitment, we align ourselves with South Africa's Broad-Based Black Economic Empowerment program. This aims to provide employment and training for disadvantaged groups.

  Wellbeing

  Wellbeing; This wellbeing has been left blank at this stage.

Pricing

• Price: £125,000 an instance
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at stephen.coull@magicorange.com. Tell them what format you need. It will help if you say what assistive technology you use.