COFORGE U.K. LIMITED

Automation Anywhere A2019 Enterprise on Cloud

Enterprise A2019, Automation Anywhere's' flagship intelligent Digital Workforce platform provides RPA-as-a-Service as a turnkey automation solution for businesses of all sizes. Highly intuitive, instant-on user experience for all user personas. Any user can drag and drop desired AI skills to incorporate intelligence into every area of their process automation.

Features

• Web-based Interface: Highly intuitive user experience on any device anywhere.
• Introductory tour and step-by-step tutorials, users build bots quickly.
• Easy Customization: Pluggable architecture allows for personalization.
• Universal Recorder: Single recorder captures and automates processes instantly.
• Add Python, VBScript, other code to create more sophisticated bots.
• Infuse Bots with AI, ML, NLP, to create intelligent bots.
• Virtually limitless number of application commands such as Microsoft-Office, G-Suite.
• Powerful Bot Code Management, single-step debugging, version control, merge code.
• Mobile Application support to monitor and manage on the go.
• Passwords are encrypted in database using SHA-512 with PBKDF2.

Benefits

• Industry's first completely Web based RPA platform- Login, click, automate.
• Cloud-based architecture unprecedented scalability and extensibility.
• Instant-on ease of use- Intuitive, web-based interface simplifies bot development.
• Built-in AI capabilities, integrate third-party AI, computer-vision, NLP, predictive modelling.
• Bank grade Security Features- GDPR compliance ready features.
• Mobile app- Access ROI and business performance in real-time.
• Bot Store- Reduce operational cost by downloading plug-and-play bots.
• Pluggable Architecture reduces Total Cost of Ownership
• Cross platform support- no need to install additional infrastructural components.
• Collaboration friendly interface helps you to connect while you automate.

£38,250.00 a unit

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids.eu@coforge.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

182836311709723

Contact

Ali Rahman
07801573323
bids.eu@coforge.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: No service constraints
• System requirements: Please see automationanywhere.com for minimum system requirements.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response Time is Based on Severity. See “ Severity Levels -Support SLA” within the attached document: Automation Anywhere - Support Program
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: Our digital services provide industry standard chat services with product configuration. These are tested by product for assistive technology and we have use cases where we work with assistive users .
• Onsite support: Yes, at extra cost
• Support levels: Our services are standardised across three categories: silver, gold and platinum. These vary based on the service level, support coverage, shared/dedicated team and accordingly vary in pricing.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Automation Anywhere has a team of Customer Success Managers who are passionate about customer engagement and ensuring that they are happy with - Our Service, Our Attitude and Our Products. Also, once the sale is made, right from the onboarding process till the entire journey of the client with Automation Anywhere; it is CSM's responsibility to make them successful. In addition to that, they ensure that all the processes under customer success umbrella including support, product, sales etc. should be completed in a timely manner. We have highly skilled technical support staff who will help customer on new system improvements, new releases and products. We have separate training staff for especially training customer’s resources on our Product.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The Automation Anywhere Enterprise Cloud solution will keep customer data, configs (bots), IQ Bot data, and most logs for 30 days after the customer’s subscription ends. Log files will be deleted no later than 180 days after the customer’s subscription ends.
• End-of-contract process: At the end of the contract the software will cease to perform as the license will have expired. Should you wish to continue it’s a simple renewal process, if not you simply uninstall the software from the servers.; Upon termination of a supplier relationship, AAI shall return all customer content in its possession or will certify that all customer content has been securely destroyed.

Using the service

• Web browser interface: No
• Application to install: Yes
• Compatible operating systems:
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile App has three features of Control Room:; • Gain unprecedented level of control over their digital workforce - Start, pause and stop bots anytime anywhere; • Make on-demand decisions - Access ROI and business performance in real-time; • Keep track of their bots on the go - Track bot activity and receive real-time customized notifications
• Service interface: No
• User support accessibility: WCAG 2.1 AAA
• API: Yes
• What users can and can't do using the API: The Automation Anywhere Enterprise Control Room provides various public APIs which allow user to customize business automation for third party applications. It enables the third party applications to consume RPA, orchestrate bots and manage the RPA data based on events.; Control Room offers the following APIs:; 1. Authentication API; 2. Bot Login Credentials API; 3. Bot Deployment API; 4. Export Import Bot API; Users can perform operations based on the above provided APIs. Also, by primarily leveraging .NET DLL integration users can build adapters or connectors.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: No

Scaling

• Independence of resources: Cloud-native microservices architecture etc.

Analytics

• Service usage metrics: Yes
• Metrics types: Control Room’s built-in interactive dashboards provide key metrics on active users having access to control room, register client systems, past bot failures, total digital workforce, their schedules and work queues in active mode.; Bot’s Dashboard provides operational analytics on Bots in your RPA platform. It provides details around Bots Heartbeat, The Status of MVP (Most Valuable Process) Bots, upcoming workloads and Top Failure reasons.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Reseller (no extras)
• Organisation whose services are being resold: Automation Anywhere

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Other
• Other data at rest protection approach: Data at rest is encrypted using AES-256 Bit encryption.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Users export the data via CSV.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Automation Anywhere maintains emergency and contingency plans for the infrastructure in which Automation Anywhere information systems that process customer content are hosted.
• Approach to resilience: Automation Anywhere has a BCP Policy. The BCP Policy creates a framework to resume operations related to critical business processes in the event of disaster incidents (identified in threat analysis of the plan) resulting into outages considered as worst case scenarios.; ; The document includes detailed sections on Business Impact Analysis ('BIA'), Recovery Time Objective ('RTO'), Disaster Threat Analysis and Employee Safety Measures, Recovery Strategy and Procedures, Emergency Response Team ('ERTs'), Function Recovery Teams ('FRTs'), BCP Training, BCP Testing and BCP Governance and Maintenance.; ; The Disaster threats covered under this plan are broadly classified as follows:; ; • Environmental Disasters; • Organized and/or Deliberate Disruptions; • Loss of Utilities and Services; • Equipment or System failures
• Outage reporting: Automation Anywhere has a BCP Policy. The BCP Policy creates a framework to resume operations related to critical business processes in the event of disaster incidents (identified in threat analysis of the plan) resulting into outages considered as worst case scenarios.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Access is deny-all and allow by exception based on roles, domains as defined in role-based accessibility control (RBAC). RBAC model ensures each User has console-access, to view information or data that is relevant to the role assigned by the Control Room Administrator. User Roles and relevant privileges are assigned from the Security Console. The users have roles based on the role permission given by the admin.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSCIC
• ISO/IEC 27001 accreditation date: 20 May 2021
• What the ISO/IEC 27001 doesn’t cover: Available on request.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We designed our Information Security Policy using NIST standards. The A2019 solution implements 41 security controls across seven Families as defined in NIST 800-53 Rev4 such as Access Control, Change Management, Development Configuration Management, Audit and Accountability, Identification and Authentication, Incident Response and Controlled Maintenance. These controls are spread across the Control Room, the Bot Creators and Bot Runners.
• Information security policies and processes: The Cloud Security Alliance (CSA) uses the NIST model for cloud computing as its standard for defining cloud computing. Our solution's security architecture follows the NIST SP800-53 Rev4 Standard, the basis for HIPAA, FISMA and a common reference standard for security professionals. The Control Room, Bot Creators and Bot Runners implement 41 Technical Controls across seven NIST Control Families.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Automation Anywhere maintains change control procedures that address security requirements of information systems, testing, acceptance of testing, and security around the use of test data. Software and configuration changes are managed and tracked using standard ticketing systems.; All teams at Automation Anywhere follow Agile methodology for delivery and can respond swiftly and effectively to any change that the business demands. A change request works its way from various sources (customers, stakeholders, product vision etc.) to the product backlog as user stories from where the team can pick them up as a part of iterations.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: A penetration test is scheduled immediately before and after each release. Our engineering schedule includes plans to correct or mitigate any findings in a maintenance releases. In addition, we conduct vulnerability scans and also conduct static and dynamic analysis of our code using Veracode. We are Veracode Level - 5 Certified. Our customers conduct periodic vulnerability scans at a level of frequency dictated by their security policies and our policy is to correct Critical vulnerabilities within 30 days of detection. Additionally, we have participated in independent penetration test conducted by our clients which have yielded no significant findings.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Veracode Level 5. Bot Insight is natively embedded in Automation Anywhere’s RPA platform. It provides real-time business insights and digital workforce performance measurement by leveraging massive amounts of content-level and productivity data that the deployed bots generate, touch, interact with, and process.
• Incident management type: Supplier-defined controls
• Incident management approach: Incident Response: Automation Anywhere maintains an incident response program to contain, analyse, remediate, and communicate security and safety incidents impacting Automation Anywhere managed networks and/or systems or customer content.; ; Incident Notification: If Automation Anywhere determines that customer content within its control has been subject to a security incident, the customer will be notified under and pursuant to applicable law.; ; Incident Recording: Automation Anywhere maintains a record of known security incidents with a description of the incident, the time period, the consequences of the incident, the name of the reporter, to whom the incident was reported, and the procedure for recovery.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  Our UK strategy has been informed by clients and our global environmental strategy. This is aligned with Government’s 25-year environmental plan, Fighting Climate Change theme from PPN 06/20, and with HMRC’s Greening Government Commitments delivered through carbon zero target, reduction of CO2 emissions and items entering landfill, promoting resource efficiency and green energy.; ; Our Organizational Targets ; 1.Be Carbon Net Zero by 2038 (reducing emissions 20% p.a.) within UK from a baseline of 185.7 tCO2e ; 2.Achieve quality standard, Green Mark’s EMS index (Sept 2026), and reach ISO 14001 (Sept 2026), reducing energy, water and material resource usage ; 3.Reduce carbon footprint by eliminating domestic air travel and promoting hybrid working. ; 4.Prioritise Cloud hosting over datacentre services lowering CO2 emissions.

Pricing

• Price: £38,250.00 a unit
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: https://www.automationanywhere.com/products/community-edition
• Link to free trial: https://www.automationanywhere.com/products/community-edition

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids.eu@coforge.com. Tell them what format you need. It will help if you say what assistive technology you use.