X3 CONSULTING LTD

Sage Intacct: Financial Management & Reporting

Aware winning, best in class, modular, powerful, dimension accounting financial management solution. Designed for finance by finance. Sage approved marketplace of 100's of applications. Workflows, notifications, dashboards and procurement are available as standard along with options such as deferred revenue, purchase automation, spend management, fixed assets, project accounting and consolidation.

Features

• Full financials, fixed assets, projects, timesheets and inventory management.
• Comprehensive budgeting, planning and forecasting functionality
• Spend management with delegation of authority and approvals in procurement
• True "vendor cloud", robust and scalable: from 1 user.
• Plan and execute across multiple locations on one central system
• Full consolidation, multi entity, inter-entity accounting & dimensional analysis.
• Inbuilt workflow and automation. Open API for ease of integration.
• Powerful, integral, easy to use dashboard and reporting functionality
• Winner of "users" award from G2 Crowd for 8 years.
• Extensive online help, user training and learning centre materials

Benefits

• Easy to use software, intuitive. User managed reporting and dashboards
• Optimise employees with secure online availability; anytime, anywhere
• Get a 250% ROI within 6 months.
• Rapid deployment. Financial Management from 20 days+
• Reduce period close time by up to 79%
• Drill down to source data, easy export to Excel throughout.
• Keep control over data using full user role-based permissions.
• Improve customer service (internal and external) through insightful data reporting
• Quarterly releases, 99.98% uptime, fully scalable.
• Digital Banking integration for ease of Bank statement reconciliation

£10,775 an instance a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at nick.tucker@x3consulting.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

218441904173721

Contact

Nick Tucker
03450943885
nick.tucker@x3consulting.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Refer to published Sage Intacct Service Delivery documentation
• System requirements:
  • Compatible with MAC and Windows operating systems
  • Compatible with most handheld/mobile devices. Check on application for list
  • Internet connectivity required for device access
  • Chrome preferred interface but works with Safari and Firefox

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Please refer to the Service Description document for Support SLA details
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Please refer to our Service Description for details on the SLA's for support
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Product deployment requires a review of functional needs to properly tune the application to deliver the required outputs from the required inputs. Scoping is provided (onsite or remote) together with full support through testing, training and deployment to a live environment. Standard user documentation is available and can be tailored to suit the exact needs of the project. Project management is integral to the whole project delivery process along with data migration (where needed), report design and ongoing application support. Full system documentation defining standard delivered functionality is provided.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: At the end of the term data can be extracted using tools within the software with partner support. The data is in a proprietary structure so would require manipulation to import to a different software package.
• End-of-contract process: At the end of the contract the user has the option to obtain a copy of the data generated during the lifetime of the contract or renew for a further period of use for continued access/regulatory compliance. ; ; Currently there are no additional costs in providing a SQL copy of the data on completion of the contract, which will be structured as per the application and require the user to either access it using an alternative Sage X3 software or reporting tools like Excel.; ; Additional costs will be incurred for the management of the data into a set format at the request of the end user such as for the purposes of import to another ERP application.; ; Full details are in the service description.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Can be accessed using a mobile device and user experience depends on the actual device used.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: An open published API exists for full integration with the Sage Intacct data and functions.; ; Users can access the publicly available information online at https://developer.intacct.com for full details on how to access and use the API service.; ; knowledge of the Sage Intacct application is a recommendation for developers working with the open API.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Throughout the implementation stage, elements of the service can be tailored to suit the specific requirements of the process being mapped. Sage Intacct can be deployed in two ways. ; ; The first is FASTSTART mode which minimises configuration and has no scope for customisation. This delivers a rapid go-live. ; ; STANDARD implementation is a configure to order project process based on an initial business analysis review. An agile approach can be taken to modify and refine the requirements through the Build phase. ; ; Users with the appropriate training or consultants supplied as part of the implementation delivery can customise elements of the core service application. ; ; Customisation can take the form of additional data fields which can be user managed, smart objects or smart events which can be user managed where a degree of technical proficiency exists. These can be programmed to execute actions based on data entry or solution use using the standard Open API infrastructure for Sage Intacct.; ; It is possible to customise the application post go-live.

Scaling

• Independence of resources: Resources are deployed in line with vendor recommendations and applied to each individual customer install. Typically Sage Intacct is designed to operate at 30% capacity leaving plenty of headroom to cater for bursts of traffic without intervention.; ; Assets can be increased to improve performance (for additional cost) where for example the customer has unusually large transaction or data volumes. ; ; Over-utilisation by other customers doesn't impact the performance experience as the assets provided are a dedicated minimum level specific for your instance.

Analytics

• Service usage metrics: Yes
• Metrics types: Sage publish full stats on the service availability.
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Sage UK

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
• Other data at rest protection approach: For further details on protection of data at rest please refer to the materials here: https://aws.amazon.com/compliance/data-protection/
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be exported using SQL tools (where permissions are granted) or using Microsoft Excel where the data can be retrieved in Excel or CSV format.; ; Data can also be extracted in PDF format or HTML (certain functions).
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Microsoft Excel
  • Adobe PDF
  • HTML
• Data import formats:
  • CSV
  • Other

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: Data is encrypted at rest and the Sage Intacct application has encryption active as it is a secure https site creating a point to point encryption between the user and the system when sending (uploading) data.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Customer data is encrypted if transmitted over public networks, mandated by law or regulation (i.e. PCI) or Sage determine encryption is necessary.; ; When data is transmitted over public networks or private networks Sage uses 128bit+ encryption techniques - Secure Sockets Layer (SSL/TLS) or Internet Protocol Security (IPSEC).; ; For wireless customer data: encrypted using Wi-Fi Protected Access (WPA) technology if WPA capable, otherwise VPN or TLS at 128-bit.; ; Where encryption at rest is mandated by law or regulation sensitive customer data is rendered unreadable by using One-way hashes (hashed indexes) such as SHA Truncation or Strong cryptography, e.g Triple-DES 128-bit/AES 256-bit.

Availability and resilience

• Guaranteed availability: Refer to the Amazon Compute Service Level Agreement which can be found here:- https://aws.amazon.com/compute/sla/; ; Sage's commitment to their technology is covered within the information held and linked with at https://www.sage.com/en-gb/legal/terms-and-conditions/sage-intacct-buy-with-confidence/
• Approach to resilience: His article describes the AWS approach to resilience. https://d1.awsstatic.com/whitepapers/compliance/AWS_Operational_Resilience.pdf; ; Refer to the specific Sage approach to security and technology here: https://www.sage.com/en-gb/legal/terms-and-conditions/sage-intacct-buy-with-confidence/
• Outage reporting: A public dashboard can be found here: ; https://status.aws.amazon.com; ; Specific individual reporting is available via the Sage portal https://www.sageintacct.com/system-status and more specifically here: -https://www.sage.com/en-us/sage-business-cloud/intacct/status/

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Support access is provided using the same credential requirements as that of a customer user. As a Sage Business Partner we have no access beyond the client interface. Only data centre operatives are able to access the application layer and beyond.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: EY CertifyPoint
• ISO/IEC 27001 accreditation date: 22/03/2022
• What the ISO/IEC 27001 doesn’t cover: UK Service provider interaction with the platform (client side).
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 22/03/2022
• CSA STAR certification level: Level 4: CSA C-STAR Assessment
• What the CSA STAR doesn’t cover: UK Service provider interaction with the Sage platform.
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: Full details of the policies in place can be found here: https://aws.amazon.com/security/ but also here in relation to Sage Intacct specifically: https://www.sage.com/en-gb/legal/terms-and-conditions/product-and-service-terms-and-conditions/sage-intacct/information-security-management-program/

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Sage operate standard change management principles which are maintained publicly here:; ; https://www.sage.com/en-gb/legal/terms-and-conditions/product-and-service-terms-and-conditions/sage-intacct/information-security-management-program/#change-management; ; Change is evidenced using a ticket and authorisations process in line with a System Development Life Cycle (SDLC) which includes code-level testing before release.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Vulnerability controls are explained here https://aws.amazon.com/security/vulnerability-reporting/; ; All vendor patches are applied automatically. A sandbox environment can be costed into the solution allowing the sandbox owner to be 1 update behind standard.; ; AWS in conjunction with Sage monitor and manage the PAAS and IAAS layers. Threats are reviewing in line with published vulnerability platforms and forums on a regular basis.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Public/Hosted application are supplier monitored using industry standard procedures relevant to the type of hosting and choice of platform as part of the managed service delivery.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incidents are managed using a web based application to record instances of issues and problems. A service level agreement provides for response times and the incidents are managed on a daily basis for review and update. Reports are provided using a self service ticket portal for authorised support users.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity

  Fighting climate change

  Cloud based software like Sage Intacct inherently reduces the need for staff to travel to a centralised office to perform their day to day activities reducing the carbon footprint of your organisation. The ease with which data can be sourced, reviewed and shared electronically cuts down on the carbon impact of printing information for interpretation and sharing.

  Tackling economic inequality

  Using Sage Intacct can noticeably improve the supply chain by supporting innovation throughout the supply chain to deliver via electronic integration a reduction in costs and a drive to higher quality of service through vendor management within the supply chain. Improved collaboration in itself can alter the supply chain relationships for the better as methods of working change and improve from using software which has solid fiscal and financial controls in place designed to help prevent avoidable mistakes such as double raising or processing of purchase orders or invoices respectively.

  Equal opportunity

  By delivering Sage Intacct with a visual process map and context sensitive online help for each function we are able to help progress people into higher paid work by developing new skills relevant to furthering their role by simplifying the use of Sage X3 and enabling users to excel in their day to day activities without having to learn complex menus and options.

Pricing

• Price: £10,775 an instance a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at nick.tucker@x3consulting.com. Tell them what format you need. It will help if you say what assistive technology you use.