NINTEX UK LIMITED

Nintex Automation (prev K2 Five)

The Nintex Automation process automation platform helps you rapidly build, execute, and maintain business process applications without writing any code. This makes it possible to deliver integrated, mission-critical process automation and case management at scale, as well as lightweight departmental workflows. Nintex Automation is deployable into Private Cloud.

Features

• Enterprise Workflow. Visual, intuitive process and rules designers
• Forms. Visually design user experiences mobile-ready leveraging data and workflows
• Business Rules. Across workflow, forms and data
• Integration. Point-and-click integration with virtually any line-of-business system
• Low-Code. Citizen developer focused wizards, templates & design approach
• Component model. Re-usable artefacts to scale & change readiness
• Mobile. Responsive user experience on major devices, online or offline
• Security & Governance. Comprehensive, role-based management provide security & governance
• Analytics. Reports & Analytics to identify issues & drive optimisation
• Microsoft. Native interoperability across SharePoint, O365, CRM etc.

Benefits

• Develop Applications quickly. 78% reduction vs. traditional development
• Reduce systems catalogue. One platform to build and manage applications
• Rapid ROI. Forrester validate 466% over 3 years
• Change. Component model and governance deliver rapid, controlled change
• Digital by default. Connects citizen-facing services and department transformation
• Low Code. Decreased reliance on developers with citizen design model
• Channel. Significantly reduced transactional costs across multi-channels
• Insight. Service compliance and optimisation with process monitoring and reporting
• Data. Integration model leverages LOB systems data reducing data silo
• Experience. A rich UX interface, complete tasks in one place

£3.00 to £33.00 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at paul.blackwell@nintex.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

222548678373433

Contact

Paul Blackwell
07793294774
paul.blackwell@nintex.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: No service constraints are known at this time
• System requirements:
  • Windows Server 2019, 2022, Windows 10
  • Microsoft SQL Server 2019, 2017, 2022, Azure SQL
  • See the Nintex Automation installation guide at help.nintex.com

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Standard support times: 6:00 - 5:00 Monday to Friday; Depending on the severity: ; S1 – 8 Hours; S2 – 1 Business day; S3 – 2 Business day; S4 – Best effort; ; Enterprise support times 10 pm Sunday - 1 am Saturday (extra costs see pricing); Depending on the severity: ; S1 – 4 Hours; S2 – 8 Hours; S3 – 1 Business day; S4 – 2 Business days; ; Select Support 24x7 (extra cost see prices) ; Depending on the severity: ; S1 – 2 Hours; S2 – 4 Hours; S3 – 8 Hours; S4 – 1 Business day
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: See previous answers for details of response times. Software Assurance package details can be found at https://www.nintex.com/legal/software-support-policy/ which provide:; ; Standard Support - included in subscription; Premium Support - additional 10% of subscription fee; Platinum Support - additional 30% of subscription fee; ; A customer success manager is assigned to all customers over a threshold annual subscription fee. The customer success manager's role is to help our customers get the most out of their investment in Nintex through activities such as personal mentoring, ticket support and sign posting suitable resources and services.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Nintex provide virtual classroom training options globally. This is provided via the Nintex University browser-based application which allows for self-paced, on-demand training courses. Nintex Automation training is available for different user personas e.g. Power User, IT Developer, Administrator etc. and for different skill levels e.g. Practitioner, Expert, Master etc. ; ; Comprehensive online product documentation is also available via the help.nintex.com website. Additionally, the Nintex Community web site provides user forums, blogs, Knowledge Base articles, “How To” guidance etc.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Users can extract data directly from the Nintex Automation SQL database using any supported SQL Server data extraction mechanism.
• End-of-contract process: Due to the nature of Nintex Automation being a private cloud service this is a self-managed process. Users can extract data directly from the Nintex Automation SQL database using any supported SQL Server data extraction mechanism. They can then delete and uninstall the Nintex application software.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The Nintex Automation mobile application provides additional functionality that is not available to desktop applications. This functionality includes capabilities like geo-location, access to the mobile device’s camera for image and video capture, image annotation, bar-code and QR reading. Additionally, Nintex Automation forms can be configured to allow for offline access when accessed via the mobile application.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The Designer is a browser-based design environment, providing a drag-and-drop, configuration-based editor for designing and building Workflows, Electronic forms & Integrations.; ; The Nintex Automation Management is a browser-based administration application, allowing administrators to configure and administer the platform. This includes setting security and access controls, managing roles, permissions and workflow instances and reporting.; ; The Nintex Workspace is a browser-based application allowing users to view workflow metrics and reports, access assigned tasks and any applications built on the platform.; ; The Nintex Automation Mobile app allows users to access their assigned work and access applications built on the platform.
• Accessibility standards: None or don’t know
• Description of accessibility: None or don’t know
• Accessibility testing: None or don’t know
• API: Yes
• What users can and can't do using the API: Nintex Automation provides several API’s and services as standard. These include:; ; Workflow Client API & Workflow REST API: Enables developers to interact with workflow instances, worklists and workflow items at runtime. Typical uses include starting workflows, retrieving worklist items, completing workflow tasks; ; Workflow Management API: Allows developers to manage and administer workflows on a Nintex environment. Typical uses include administration of running workflows, setting workflow permissions, managing workflow versions and redirecting worklist items.; ; SmartObject Runtime APIs and Services: If a workflow has been exposed as a SmartObject, the workflow methods will be exposed as SmartObject methods and can be accessed with the SmartObject Runtime APIs.; ; See the Nintex Automation developer guide for additional details https://help.nintex.com/
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Nintex Automation is a software development platform which allows both technical and non-technical users, to quickly and easily build workflow centric applications using a low-code, drag-and-drop designer. These applications would typically consist of browser-based forms, workflow processes, line-of-business system integration and analytics/reporting.; ; The browser-based drag-and-drop Designer, allows for the complete customisation of workflows and their associated user forms and any line-of-business integrations. Component reusability ensure that applications are created in a consistent way and that new applications can be delivered faster than the one before.; ; Any business user could create, edit and manage applications, since no code knowledge or experience is required, however more complex applications typically would utilise technical developers for creating non-standard integrations, extensions to the product using the API’s etc.

Scaling

• Independence of resources: The Nintex Automation platform is hosted by the customer on their private cloud (or on-premises) infrastructure. Customers are therefor in full control of the management of their resources and can scale and expand as and when required.

Analytics

• Service usage metrics: Yes
• Metrics types: Nintex provides detailed reports around the status of each process and their instances. These reports can be used to monitor real-time process information and discover trends for process-improvement.; ; Nintex also provides the Server Usage report allows you to view the number of Nintex artefacts -- like workflow definitions, process instances, activity instances, event instances, SmartObjects, forms and views -- deployed in your environment. The purpose of this report is to compare this number with your license agreement. You can also use the license audit report and the server usage report to determine if you are compliant with your license agreement.
• Reporting types:
  • API access
  • Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Standard TDE Azure SQL, full database encryption. Optional database column encryption based on database engine (i.e. AES 256 on SQL Azure)
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be exported in several ways. Nintex Automation smartobjects can be exposed as OData endpoints, which can then be used to export data directly into applications like Microsoft Excel or used directly by Business Intelligence tools like PowerBI or Tableau. Nintex Smartforms provide a capability to directly export a list of results to Microsoft Excel. A Nintex form with its displayed data can be exported in PDF format.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Excel and CSV (via extensions)
  • JSON format via OData endpoint
  • SQL Server data export tools
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Excel and CSV (via extensions)
  • SQL Server data upload tools

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Nintex Automation provides customers with an Availability SLA of 99.9% within their production tenant. Availability is defined as the ability for a customer to be able to access the production service environment irrespective of network connection or other intermediary issues outside of the control of Nintex. A Service Credit is available to customers should the Nintex SLA not be met.
• Approach to resilience: Nintex Automation makes use of SQL Azure as data store. SQL Azure creates automatic geo-redundant database backups. Full database backups happen weekly, differential database backups generally happen every few hours, and transaction log backups generally happen every 5 - 10 minutes. The backup storage geo-replication occurs based on the Azure Storage replication schedule – handled by Microsoft. The retention period for the database is 30 days. The above means that we can do any point-in-time restore of the data with a 10-minute accuracy within the last 30 days.; High availability (HA) is provided by default in the Production instance. Native Microsoft Azure capability is utilized in testing disaster failover (DR).; ; More details available in the Service Policies document available on request.
• Outage reporting: Nintex Automation is hosted on Azure. Azure status, planned maintenance and outages are reported via the website: https://azure.microsoft.com/en-gb/status. An RSS feed is available.; Communications channels to customers are via the Nintex status page as well as direct email notifications to subscription administrators.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: The Nintex Automation Management site allows you to manage your Nintex Automation environment and components such as workflows, worklist items, SmartObjects, users and security. These are administrative tasks that are performed by the Nintex administrator. The Server Rights node is used to add, edit, remove and refresh Workflow server permissions for users or groups. These rights will determine which users and groups can administer a Nintex workflow server, export new workflows or impersonate a user.
• Access restriction testing frequency: Less than once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: 27001 MOSSADAMS
• ISO/IEC 27001 accreditation date: 08/12/2023
• What the ISO/IEC 27001 doesn’t cover: The only control not covered was outsourcing as we do not outsource, so it wasn't relevant. All other controls were included.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Security is an important part of our reputation, how we earn customer trust, how we do business and how we deliver our product. Our company must provide secure products and services for our customers. We are committed to maintaining a secure environment and improving our information security management system and security program. Nintex have a Security Committee who are responsible for providing support for the business by assuring the confidentiality, integrity, and availability of company information assets. The Security Committee discusses security topics, reviews key security metrics, and approves security policies. The Information Security Management Systems (ISMS) Manager is responsible for implementing and maintaining the ISMS. Security Administrators include systems administrators, database administrators, network administrators, and other application administrators. These functional teams maintain the responsibility for the management of security controls and configurations within the information systems they support. They implement security mechanisms and maintain the requisite technical expertise to support them. They ensure systems and services comply with all approved corporate information security policies, standards, and procedures.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Changes to the Nintex Automation environment are tracked, approved, tested, and implemented in accordance with ISO27001 specification are are independently audited annually against SSAE 16 SOC2 standards for 12 previous months prior to the audit. Changes by customers within the Nintex Automation Platform will be configured and operated by either customers or 3rd party suppliers.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Nintex performs annual vulnerability testing internally and externally, as well as contracts out to a third party to perform an annual penetration test of the product and standard environment. These are conducted in accordance with ISO27001 specifications and are independently audited annually against SSAE 16 standards for 12 previous months prior to the audit and reflected within a SOC2 Type II report.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Monitoring is conducted within Azure and consolidated within Elasticsearch for analysis. Monitoring activities are handled in accordance with ISO27001 specifications and are independently audited annually against SSAE 16 standards for 12 previous months prior to the audit and reflected within a SOC2 Type II report.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Customers can reach out to Nintex support via web, phone or email to raise incidents. Incidents will be handled via Nintex's internal incident management policies and conducted in accordance with ISO27001 specifications. The processes are independently audited annually against SSAE 16 standards for the 12 previous months prior to the audit and reflected within a SOC2 Type II report.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  Cloud Computing significantly increases utilisation rates, due to higher productivity and workflow. This is great, as higher utilisation means more energy saved — saving costs and lessening the environmental impact of your energy consumption.

Pricing

• Price: £3.00 to £33.00 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Full capability offered. Please contact Sales for details

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at paul.blackwell@nintex.com. Tell them what format you need. It will help if you say what assistive technology you use.