TOPDESK UK LIMITED

TOPdesk - Service Management Software (ITSM / ESM)

TOPdesk’s award-winning SaaS software helps organisations effectively manage their complete ITSM/ESM operation catering for IT Service desks straight through to fully fledged ESM or Shared Service Centres.
The standardised, user-friendly software helps optimise the quality of the organisation's overall service operation, for both customers and end-users.

Features

• ITIL Aligned
• Customer-driven, continuously deployed release cycle
• Intuitive, contemporary and highly configurable Self-Service Portal
• Powerful API complimented by inbuilt scripting tools for easy integrations
• Kanban board for Agile Working
• Code-free designers for processes and Self-Service Portal
• Simple links with AD using Azure
• Inbuilt Events and Actions tool for creating automated alerts/notifications
• Scalable mobile solution for on-the-go use
• In-tool reporting wizard with OData feed

Benefits

• Access to a highly-rated UK Support Team and UK Datacentre
• Developed and implemented in line with industry expertise and thought-leadership
• Frequent customer events, user-groups and networking sessions
• Efficiently work with other departments in a shared-services environment
• Access anywhere, anytime via a browser
• Maximise knowledge of the toll through webinars, blogs and more
• Benefit from access to existing customer base for shared knowledge
• Scalable solution due to modular structure with cost-effective flexible licensing
• Easy set-up without technical expertise needed to maintain and manage
• Work seamlessly with interconnected processes and clear overviews of tasks

£14 to £98 a licence a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@topdesk.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

230924019529259

Contact

TOPdesk UK
+44 (0)20 7803 4200
info@topdesk.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Planned maintenance is carried outside of main working hours and usually takes no more than 30 minutes.
• System requirements:
  • Internet Access
  • Browser Access

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: TOPdesk sends an automatic acknowledgement email as an immediate response. For high priority tickets, the response time is 15 minutes and for normal priority tickets, the response time is 8 hours Monday-Friday. An emergency SaaS team are availble 24/7 for any high priority SaaS related tickets.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Customers can access the TOPdesk chat via our website. A pop up chat window will appear within the page and customers are linked directly to our UK team. Browser accessibility settings can be used for the TOPdesk website.
• Web chat accessibility testing: None
• Onsite support: Yes, at extra cost
• Support levels: TOPdesk’s standard support offers 24/7 access to the Extranet, as well as telephone support which is available Monday-Friday 08:30 – 17:30. As well as this, Support can be accessed via email and chat. Support is included as part of the annual subscription cost. Premium support is available at an additional cost.; Customers are also assigned an Account Manager and Office contact, as well as a dedicated consultant and access to the Planning department. TOPdesk has an in-house SaaS team that deal with all SaaS queries.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: TOPdesk implementations are led by customer requirements and guided by TOPdesk’s expertise. Using the train the trainer approach, combined with the option of dedicated one to one or group training sessions, the consultant will work in partnership to map the desired processes into the solution using Best Practice techniques. At the end of the onboarding process, customers will be equipped with the knowledge to maintain and manage the solution independently with support on-hand when needed.; As well as training during the implementation, TOPdesk provides customers with access to resources such as manuals, guides, webinars, blogs, training videos and more.; Consultancy is available onsite or as remote sessions.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
  • Other
• Other documentation formats:
  • Videos
  • Webinars
• End-of-contract data extraction: We offer a default and easy way to retrieve data from our software. Customer databases and attachments can be downloaded at any time via TOPdesk environments by an authorised user.; After terminating a contract, we keep data for 30 days and remove it automatically after this period. To ensure that data is completely deleted, we have an automatic system with a built-in control mechanism for the deletion. We also have a monitoring system that actively scans folders, databases and live environments for data that should have been removed.; If data has not already been downloaded, customers can contact TOPdesk Support to request a copy. Up to 30 days after terminating a contract, one of a customer’s nominated contacts can request your data through our Self-Service Portal. Upon this request, we will send the data as soon as possible through a secure connection. All data comes in a regular file format.
• End-of-contract process: At the end of a contract, customers can extract their data at no extra cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: TOPdesk is a 100% web-based solution that can be accessed from any web browser, fully supporting remote workers. The system can be accessed on a mobile device using the same URL as used when accessing the solution on a PC. TOPdesk uses a web interface that scales for devices of different sizes. The access is not platform-dependent and works on all mobile and tablet devices connected to the internet.; Additionally, we have an end-user app that can be downloaded from Android and iOS stores.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The system has been designed to be as user-friendly as possible with clean, simple GUIs, dynamic searching across the tool and clear overviews for reports and dashboards. Users can multitask in a tabbed interface with multiple cards open if desired. Both the Self-Service Portal (SSP) and Operator side of the tool have been designed with ease of use in mind and are icon driven to create a simple and fluid user experience. Each side of the tool can be configured, whether the layout and branding of the SSP or the shortcuts and visibility of information on the Operator side.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Customer testing has been undertaken using real-life use case scenarios.
• API: Yes
• What users can and can't do using the API: TOPdesk's API allows customers and third-parties to create links with the tool freely. TOPdesk provides documentation with examples of API queries at https://developers.topdesk.com. Links to General areas of TOPdesk, the Knowledge Base, Reservations Management, Services, Change Management, Asset Management, Operations Management, Supporting Files, the Self-Service Portal and tasks are available in the ever-expanding examples.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: TOPdesk is effortlessly customisable using code-free designers and settings. The TOPdesk Self-Service Portal is fully configurable by adding custom tiles to the homepage, providing customers with a user-specific catalogue of available services. Colours, branding and terminology are all chosen by the organisation. Visibility controls can also be set for the portal.; TOPdesk allows for the addition of custom widgets to the operator’s homepage. Each operator can configure their homepage with specific widgets and quick launch icons. Operators can build, customise and schedule reports using all the available fields in the TOPdesk reporting engine.; An unlimited number of custom alerts, categorisations, statuses and other functional information can be created in the tool. As well as the standard fields in the tool, 60 additional fields, within two additional tabs, for each functional module card are available.; TOPdesk allows customisable permission controls which are set at person/group, categorisation and location levels, therefore allowing administrators to limit, extend and tailor user functionality, as required. This can be done by anyone set as an administrator and with the necessary permission controls.; Customers are free to create custom templates, forms, workflows, routing options and more. All are done using code-free designers.

Scaling

• Independence of resources: Customer environments are isolated from other customers to ensure optimal available resources. TOPdesk also operates a fair-use policy to ensure environments are not affected.

Analytics

• Service usage metrics: Yes
• Metrics types: Customers can request metrics from TOPdesk Support. Metrics that are commonly asked for by customers are Number of calls logged/ resolved, Frequent Callers and duration reports. SaaS uptime reports are also available and can be scheduled to be sent out. SaaS uptime reports measure the uptime in service window, outside of the service window and a 24/7 average.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: Customer files are stored on encrypted discs. Databases are not yet encrypted but the datacentre is a Tier 3 location with constant surveilliance, data is distributed over multiple disc drives to fragment files and monitoring systems verify available disc space on servers to detect anomalies. TOPdesk also has Data Processing Agreements with all datacentres it works with.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: The service has several standard system integrations: Management systems to synchronise Active Directory users and provide Single Sign-On. Other data can be imported using standard Excel/CSV import functionality. More complex imports, both one-time and periodic, can be done by TOPdesk experts.; Exporting data can be done using integrated reporting and overview functionalities, including XLS and CSV file formats. The API can also be used to extract data, such as for further use with Power BI.; ; TOPdesk can also integrate with other tools either via the TOPdesk API, or in the case of reporting, through a simple import/ export relationship.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • .txt
  • .pdf
  • .rtf
  • .ics
  • Any attachments
  • .xls
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • Active Directory
  • Databases: Oracle, SQL, H2, MySQL
  • .xlsx
  • Azure AD

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: TOPdesk aims for an uptime of 100% with a guaranteed uptime of 99.7%. For updated information on Availability and Continuity please visit https://page.topdesk.com/saas-information#availabilityandcontinuity.; ; Several measures ensure the availability of your TOPdesk SaaS environment:; ; - Our redundant infrastructure ensures that a failing part does not affect availability.; - TOPdesk is installed on virtual machines that can be instantly transferred to another server, should a server fail.; - The TOPdesk database has a primary and secondary database server, ensuring availability in case of a database server failure.; - Several proxy servers in a load balancing set-up ensure heavy traffic does not cause your TOPdesk environment to become unreachable.; - Automated deployment of servers from a CMDB ensures failing servers can be quickly recreated.
• Approach to resilience: The TOPdesk SaaS infrastructure is built with resiliency in mind. Failure of a component within the infrastructure is mostly unnoticeable by our customers. This provides the 24/7 standby team with the means to intervene before our customers notice any disruptions.; - Hardware includes industry standard redundancy on all critical components, such as power supplies, storage devices and network components.; - Hosting services include redundant power circuits with UPS and independent data paths to main internet exchange points.; - Virtualisation technology provides failover functionality on multiple levels, taking away downtime in case of system maintenance or replacement.; - Database and file storage mirroring provides instant failover capabilities without data loss or downtime in case of database server failure.
• Outage reporting: TOPdesk has a 24/7 monitoring system on all TOPdesk SaaS environments and servers. The monitoring system verifies health metrics for every TOPdesk environment, like the (internal and external) availability, database connection, and search index availability. Servers are also tested on relevant metrics, like availability, CPU usage, memory usage, and available disk space.; ; Should the monitoring system detect a problem, TOPdesk operators are immediately notified. During the night, a 24/7 standby shift ensures issues are quickly resolved. Issues affecting multiple TOPdesk environments are published on our status page and via the Self-Service Portal. You can also verify the monitoring results on our portal, and (if desired) immediately schedule follow-up actions like a restart of your TOPdesk environment, or submit a ticket for our Support team.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Other user authentication: TOPdesk is only accessible for users that are known in the system. Authentication can be configured in 3 diferent ways:; 1) TOPdesk authentication: login name and password are created in TOPdesk and will provide access to the system.; 2) Windows authentication: user credentials are verified against the domain controller; 3) Single Sign-On: a user has already logged on to the domain and can access TOPdesk without providing their Windows password.
• Access restrictions in management interfaces and support channels: Access to the TOPdesk's software is granted on a 'need to have' basis and is linked to personal network accounts which are linked to permission groups in Active Directory. From within TOPdesk, extensive permission groups and filters are used to ensure users only see the information they are authorised to.; ; In addition, password, lockout and Single Sign-On policies are pushed to all TOPdesk domain users using a group policy.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: EY CertifyPoint
• ISO/IEC 27001 accreditation date: 14/02/2024
• What the ISO/IEC 27001 doesn’t cover: The TOPdesk software itself is not covered by the ISO27001 certification, however, the cloud-hosted service is completely covered.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: SOC 2

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: TOPdesk is SOC 2 certified. All of the data centres used to host the service are ISO 27001 accredited.
• Information security policies and processes: TOPdesk has an internally published Information Security Policy governed by the COBIT framework. Regular security awareness training is carried out internally. Information security is evaluated twice a year. Before employees are allowed access to TOPdesk SaaS systems, additional training and a certificate of conduct is required (e.g. DBS checks). Training includes (but is not limited to) security responsibilities and procedures for handling customer data.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: TOPdesk's Change Advisory Board examines and evaluates any new Requests for Change that are raised internally. Whilst evaluating, there are several grounds on which decisions are based: budget allocation, the potential risks involved in changing services and the effort required. The process' objectives are: to ensure changes in IT are dealt with in a structured and controlled manner, to implement the necessary changes in such a way that disturbances/deviations from the service level are minimal and to determine the effect a Change can have on service delivery.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Possible threats identified by:; - Periodic internal security assessment sessions; - Input from external penetration and vulnerability testing partners.; - Encouraging customers to perform independent testing and sharing results with us; - During development using input from sources like OWASP lists; - Automated patch process which ensures recent patch levels, mitigating known vulnerabilities automatically; ; Patches deployed as quickly as possible and are included in the annual subscription. Given that TOPdesk's development process follows Continuous Deployment, rolling software back to a previous version is fast and it is simple to rectifiy bugs that are noticed (as small releases are performed frequently).
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Potential threats to services are detected using daily Penetration Tests and by recognising Security Incidents (such as Incidents raised concerning exploits, cross-site-scripting, security leaks, unauthorised access, confidential information being made available to unauthorised users or if a virus scanner has given an alert on a file in a TOPdesk installation). These Incidents are treated with the highest priority and will be communicated to affected customers via a communication strategy determined by TOPdesk's Head of Support as soon as possible (within 15 minutes).
• Incident management type: Supplier-defined controls
• Incident management approach: Within TOPdesk's Incident Management process, a pre-defined Incident Process flow exists for common first and second line Incidents. Users can report Incidents through telephone (Monday - Friday during business hours), email or via our Extranet (24/7/365). Incident types, statuses, durations and target dates, priorities and what would be registered as a 'Major Incident' are all defined within the Incident Management process. Incidents are defined as: questions, malfunctions, bugs, Service Requests and product feedback. Incident reports are available on request by contacting our Support team.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  In TOPdesk, it is one of our global strategies to be a ‘Responsible Citizen’ focusing on Corporate Social Responsibility (CSR) initiatives based on three strands: Sustainability, Diversity and Inclusion and Community. These strands are overseen by an international CSR Guild that reports directly to a member of our Executive Team. Fighting climate change is covered as part of our Sustainability strand. This strand focuses on addressing our direct impact towards the environment by managing our waste, emissions, consumption of resources and ultimately reducing our carbon footprint.; TOPdesk UK Limited has a documented Environmental Policy that aligns with our Sustainability strand. Examples of how we have implemented sustainability initiatives that enables us to fight climate change within our UK branch (located in London and Manchester) are outlined below:; • We are a registered employer in the Cycle to Work Scheme; • We provide free railcards to employees for work-related travel; • Our London office is powered by solar panel energy whereas in our Manchester office our landlord has signed a Net Zero Carbon Pathway Agreement; • Our coffee is Rainforest Alliance Certified and we use tap water from a filtered cooling system; • We have a separate waste process available for paper, plastic, glass, organic and residual waste; • The majority of our internal documents (e.g. employee contracts and payslip) and external documents (e.g. promotional materials and quotations) are provided digitally; • When printing is required, this is done according to FSC print guidelines for external use whereas for internal use the standard-setting is to print on both sides and in grayscale.

  Covid-19 recovery

  The following processes have been implemented by TOPdesk UK Limited as part of our COVID-19 recovery:; • Hybrid/Home Working Policy – Employees can work a min of 2 days a week in the office and up to 3 days a week from home; • Equipment Provisions – Employees have access to the following equipment to enable them to work from home: laptop, headset, keyboard, mouse, laptop stand, stationery and office supplies; • Hot Desk Booking System – Employees can book a hot desk during their office days via our employee-facing self-service portal; • Health and Safety Measures – Employees are required to complete a DSE self-assessment to determine that they can work safely from home. In addition, our offices (including individual hot desks) are cleaned every day by specialist cleaning staff. Multiple hand sanitiser dispensers are located within our London and Manchester office (including disposable antibacterial wipes and sanitisers).

  Equal opportunity

  Equal opportunity in TOPdesk is covered as part of our Diversity and Inclusion strand in relation to CSR and our global strategy of being a ‘Responsible Citizen’. This stand focuses on promoting an inclusive work culture where employees feel that they belong without having to conform, that their contribution to our company’s success matters and that they can reach their full potential regardless of their race, gender, age, sexual orientation, religion, disability and background.; TOPdesk UK Limited has a documented Equality and Diversity Policy that aligns with our Diversity and Inclusion strand. Examples of how we have implemented diversity and inclusion initiatives that enables us to promote equal opportunity within our UK branch (located in London and Manchester) are outlined below:; • We are a registered employer of the Disability Confident Scheme; • A compulsory unconscious bias training is required to all employees involved with our recruitment process; • All managers in the UK are trained in Mental Health First Aid (MHFA); • We have an Employee Assistance Programme that offer assistance and support to all employees on a variety of issues that may impact physical and mental health, work performance and/or well-being; • We provide a hybrid work environment where employees can work a min of 2 days a week in the office and up to 3 days a week from home; • Employees can spend 10% of their annual salary on any training or professional development opportunities of their choice; • External courses such as, but not limited to, ITIL 4 Foundation, PRINCE2 Foundation, Agile PM Foundation, Microsoft SQL Course, PowerMBA are provided to employees free of charge as standard.

  Wellbeing

  At TOPdesk UK Limited, fostering and promoting wellbeing of our employees is an important part to cultivating a healthy workplace within our company. To enable this, we provide the following services and resources to our employees:; • Employee Assistance Programmes (EAP) – Employees have access to two EAPs (Perkbox and WAP) both of which offer services and support such as confidential helpline or live chat, written guides and webinar resources for mental health and general wellbeing; • Mental Health First Aid (MHFA) Training – All managers in the UK are trained in MHFA; • WPA Healthcare – Employees have access to healthcare services and support provided by the NHS through WPA which they can claim back including the option to upgrade to Enterprise Flexible Benefit for access to private hospitals and specialist treatments; • Cycle to Work Scheme – Employees can join the Cycle to Work Scheme to purchase a bike and accessories at a discounted price; • Gym Membership and Discounts – Employees based in our London office have access to a free gym including online and in person fitness classes which is located within the building. Employees based in our Manchester office also have access online and in person fitness classes and they can also purchase a gym membership at discounted price at the local The Gym Group.

Pricing

• Price: £14 to £98 a licence a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We offer a 30-day trial of our system free of charge with no credit card required. This trial provides an Enterprise version of our system with all modules and functionalities included.
• Link to free trial: Www.topdesk.com/en/try-online/

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@topdesk.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.