ALEMBA LIMITED

Alemba Service Manager

ITSM tool Alemba Service Manager is an advanced platform that supports incident, problem, change, request, knowledge, asset, configuration, release, availability, capacity, event and project management. The powerful service catalogue and workflow engine provide the leading zero code process and application development platform available.

Features

• Workflow engine no code business process engine
• Screen designer no code form rule and field builder
• Rest API powerful self describing API and webhook integration
• Self service Portal Advanced licence-free customer focused support portal
• Skills based routing calls auto allocation based on agent skillsets
• Built-in management of call and request time & expenditure
• Dashboards Powerful real time dashboards
• ESM data separation supporting HR, Facilities, Procurement and other functions
• Full Project Portfolio Management including MS Project integration
• PinkVERIFIED Certification for ITIL v3 & v4

Benefits

• Highly functional out of the box ITSM solution
• Visual user interface for all configuration (no code)
• Licence-free self-service interface branded to you requirements
• Single tenancies for highly secure data management
• Deeply integrated with Microsoft Azure platform
• PinkVERIFY certification for ITIL v3 and 4 processes
• Powerful graphical workflow for automation
• Real time dashboards and reporting
• Out of the box integration to other industry standard tools
• Sophisticated service level management including OLAs and UCs

£37.50 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at laurence.scott-mackay@alemba.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

256113136778837

Contact

Laurence Scott-Mackay
0203 479 7900
laurence.scott-mackay@alemba.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: None
• System requirements:
  • Web Browser, Google Chrome, Safari or Microsoft Edge
  • SAML 2.0 integration (optional) for auto user provisioning and SSO
  • A mail server supporting EWS,SMTP, POP3, or IMAP4
  • Active Directory, Microsoft SCCM and SCOM connectors no additional costs

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: P1 - 20 minute (24/7/365); P2 - 1 hour (business hours); P3 - 1 hour (business hours); P4 - 1 hour (business hours)
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: N/A
• Onsite support: Yes, at extra cost
• Support levels: Alemba does not provide different support levels. All customers get 24/7/365 P1 support and a dedicated account manager.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Alemba provides a dedicated deployment programme, consisting of training and workshops, backed up by online video training. Alemba provides each customer with free design and discovery services for the purpose of agreeing a scope of works, which will define the project success criteria. Alemb's Rapid Start database is a pre-configured, best practice ITSM system that gives customers a jump start in ASM deployment.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats: MS word
• End-of-contract data extraction: Alemba provides a database back up and a 5 user non-production system that will allow customers to extract data at their convenience
• End-of-contract process: Alemba provides a database back up and a 5 user non-production system that will allow customers to extract data at their convenience at no charge

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Alemba provides a responsive design and there are no functional differences between mobile and desktop.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AAA
• Description of service interface: The Alemba self-service portal allows customers to log, update and track calls and requests, access the service catalogue, review their assigned equipment and complete workflow approvals. Users can see real-time dashboards. The portal is 100% licence-free and can be branded to your unique requirements.
• Accessibility standards: WCAG 2.1 AAA
• Accessibility testing: The Alemba test process includes accessibility testing of the customer portal
• API: Yes
• What users can and can't do using the API: The Alemba API is comprehensive and allows access to all data entities, including user permissions and system configuration. There are no known limits.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Customers can customise the service by using Azure logic apps, which allow customers to build additional functionality

Scaling

• Independence of resources: Alemba uses a cloud model where each customer has a separate Azure tenancy and is not in contention with other customers for resources

Analytics

• Service usage metrics: Yes
• Metrics types: Alemba records the amount of time each agent uses the system
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data is extracted using the built-in search screens which produce CSV files or the other reporting engine
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.95% availability. Service credits by agreement
• Approach to resilience: Alemba provides all services on the Microsoft Azure Cloud which is inherently resilient. Further details available on request
• Outage reporting: Email, dashboard and account management team will inform users

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Alemba Service Manager includes role-based access control (RBAC) that controls access to features, functions and data in accordance with compliance guidelines.; ; Roles are defined in the Alemba Service Manager administration application and can be defined at a high-level function access privilege e.g. Incident Management, Problem Management access etc. down to a granular-level field level security detail (Read/Write/Edit/Delete). Roles and users can be associated with workflows that they are allowed to access.; ; Typically, Alemba Service Manager credentials will be synchronized with existing identity management systems, e.g. Active Directory, allowing single sign on
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Less than 1 month

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI Group
• ISO/IEC 27001 accreditation date: 29/07/2021
• What the ISO/IEC 27001 doesn’t cover: Alemba Service Manager is supported by Azure, and thus protected by Azure compliance certificates. The Azure ISO/IEC 27001 certificate covers Azure, Dynamics 365, select Microsoft 365, and Power Platform online services. Alemba's general non-customer operations are not covered.
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 06/09/2020
• CSA STAR certification level: Level 2: CSA STAR Attestation
• What the CSA STAR doesn’t cover: Alemba Service Manager is supported by Azure, and thus protected by Azure compliance certificates. Alemba's general non-customer operations are not covered.
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • CISMA
  • SC-900

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Alemba publishes a comprehensive set of security policies and procedures. These form part of all staff induction and refresher courses are conducted on an annual basis

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Alemba records all configuration changes in its master CMDB, which records the configuration of each customer. Each change process includes a test phase where all configuration changes are trialed before production implementations. All changes will be subject to a CAB approval which will determine if there is a security implication and that further security testing such as pen tests will be required
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Vulnerability Scanning and Penetration Testing of the Cloud Service Platform will be performed against exposed endpoints. This covers six phases of security testing covering:; ; Vulnerability analysis of the internet-facing applications, where all areas detailed in the OWASP Top 10 (Injection, Broken Authentication, Sensitive Data Exposure, Broken Access Control, Security Misconfiguration and more) are covered.; ; Vulnerability analysis of the supporting infrastructure, where analysis of the server build, network filtering policy and general setup took place.; ; Manual testing of common security configurations.; ; Assessment of logical errors that impact security.; ; Vulnerability scanning is conducted at least annually for each customer
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: The logging and monitoring procedure regulates interactions and relationships with the following subjects:; ; • Azure Platform and Office 365; ; • Customer Environments on Azure, AWS; ; Event logging: records information about access and actions of users, errors, events.; ; The logs reside outside of the instance and are protected from malicious manipulation or deletion.; ; Privileges of administrators and operators of systems are different from the normal user privileges and are recorded accordingly.; ; All logs are stored independently of the target system.; ; Logs are retained for a minimum of 7 days.; ; Monitoring alerts are configured in AWS CloudWatch and Azure Monitoring.
• Incident management type: Supplier-defined controls
• Incident management approach: When an incident affects a computer system, a computer security incident response team (CSIRT) is activated to handle the threat. Examples of computer security incidents include attacks such as denial of service attacks and malicious code, which includes worms and viruses. Additionally, an incident can result in the misuse of confidential information on a computer system. This could include information such as Social Security numbers, health records, or anything that could include sensitive, personally identifiable information.; ; Alemba has detailed security procedures to deal with such events including using our own software to record specially categorised incidents.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Equal opportunity:

  Equal opportunity

  Alemba is committed to a policy of equal opportunity and diversity in employment and recognises that this is essential to the success and growth of the organisation. ; To this end, Alemba makes every effort to select, recruit, train and promote the best candidates based on suitability for the job; to treat all employees and applicants fairly, regardless of race, sex, marital status, age, nationality, ethnic origin, religious belief, sexual orientation, or disability; and to ensure that no employee suffers harassment or intimidation. ; Managers are trained in interview skills and the importance of adhering to our Equal Opportunities Policies during the hiring process. All potential candidates are made aware of Alemba’s Equal Opportunities Policy and asked to confirm that they will comply with this if hired.; Alemba as a global company operates a Global Responsibility program that ensures no supplier is used that has not committed to the enforcement of anti-modern slavery measures. All members of staff across all regions of employment are always paid more than the UK living wage irrespective of their country of employment.
• Wellbeing:

  Wellbeing

  Supporting the physical and mental health and wellbeing of our employees is of paramount importance to Alemba.; Physical Wellbeing and Health and Safety:; •It is the policy of Alemba to create and improve standards of Health and Safety, leading to the avoidance and reduction of risks and ensuring that the company complies with all Health and Safety legislation. ; •Risk Assessments are carried out for pregnant employees throughout their pregnancy ensuring we maintain a healthy environment for the mother and unborn child. ; •Homeworkers must complete a Risk Assessment before Alemba agrees to them working at home, ensuring that their homeworking environment is a safe place to work. ; •Health & Safety and Fire officers actively implement Alemba’s policies, standards, and procedures. The policy standards and procedures are communicated to employees through contracts of employment, staff handbooks, operating manuals, bulletins and notice boards and staff training; A Commitment to Mental Health:; •Managers are trained to handle discussions with employees experiencing mental health issues, depression, or stress. ; •Alemba offers a flexible working environment, allowing employees to work from the comfort of their own homes and maintain a healthy work-life balance.; •An internal forum has been launched to offer a social outlet for staff members working from home, where team members can engage in an informal setting discussing topics ranging from hobbies and interests to managing physical and mental health. This initiative is aimed at mitigating a sense of isolation that could result from home working and offering team members a platform for forming connections outside of everyday work discussions.

Pricing

• Price: £37.50 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Users are provided with a demo environment for a time period of 3 weeks.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at laurence.scott-mackay@alemba.com. Tell them what format you need. It will help if you say what assistive technology you use.