Razorblue Group Ltd

D365 Sales Professional

With D365 Sales Professional you can manage your business’ sales opportunities, planning and performance with ease .

Features

• Leads, Opportunities, Contacts, Order and Quotes
• Case Management

Benefits

• Manage your sales pipeline

£1 to £1 a unit

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@razorblue.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

268160504596515

Contact

Hannah Muir
03333446344
tenders@razorblue.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No specific constraints.
• System requirements: D365 Sales Professional Licences

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Incidents are responded to 24/7 depending on severity. Change requests are responded to within normal working hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Support is provided by our Service Desk, 24/7. Account management and technical advice is included.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Our platform is based on industry standard infrastructure with which most IT administrators will be familiar. As part of the on-boarding process, users will be offered a walkthrough and Q&A session. Documentation is also available.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The service is provided as a platform, users will have full administrative access to virtual machines to extract data as they wish.
• End-of-contract process: At the end of the contract, it is the client's responsibility to remove data and migrate away from the platform.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Some limitations primarily in that back office functions are only available within the desktop App
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: RESTAPI, majority of the application functionality is available
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The Sales Journey can be customised; ; D365 Sales Professional can be customised by Admin users using the Sales Professional Designer interface

Scaling

• Independence of resources: Capacity management plan in place to ensure that sufficient levels of capacity are always available with sufficient time to grow the architecture as needed.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Using the built in data export tools
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Platform availability SLA is 100% excluding any scheduled maintenance. See service description/manual for more information.
• Approach to resilience: All datacentre plant/infrastructure is N+1 as a minimum. The platform itself uses multiple components at each level. Further information is available upon request.
• Outage reporting: Our outage & scheduled maintenance notification platform is hosted off-network and includes a public dashboard, e-mail alerts, SMS alerts and twitter notifications.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
• Access restrictions in management interfaces and support channels: Our management network on which cloud platform infrastructure is located, is logically separated from the internet and our corporate network by firewalls. User authentication is required to jump between network boundaries.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: ISOQAR
• ISO/IEC 27001 accreditation date: 31/10/2016
• What the ISO/IEC 27001 doesn’t cover: A.10.1.1 - Policy on the use of cryptographic controls, excluded - cryptographic process is automated A.10.1.2 - Key management, excluded - cryptographic process is automated A.14.2.7 - Outsourced development. excluded - not applicable. No outsourced development
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: ISO 9001

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Razorblue operates an ISMS (Information Security Management System) which is accredited and audited to ISO 27001 by a third party. The ISMS includes policies and procedures covering our staff, recruitment processes, supplier management, technical configuration management, patch management, and so forth.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Our change process is aligned to ITIL and other industry standards. All infrastructure and assets are tracked through a CMDB. Our change control process includes provision for assessing potential changes for security impact, including peer approval for any security related change.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: This process forms part of our ISO 27001 ISMS. Our engineers monitor CVE and other supplier bulletins for vulnerabilities that could potentially affect our platform. Patches are deployed at varying intervals dependent on the risk and ability to exploit the vulnerability. The exact details of this process are not disclosed. Our engineers and technical architects also regularly attend industry training sessions to understand generic risks and how to combat them.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Proactive monitoring forms part of our ISO 27001 ISMS. We have detailed incident response processes in place which have varying levels of responsiveness and actions dependent on the specific circumstances. Our processes include notification of clients and regulatory bodies.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have established processes for incident and outage management. Users can contact us to report incidents, or in some cases we will report these to customers before they are necessarily aware of them. We have a standardised incident reporting process which provides detailed documentation.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  razorblue have installed charging points, sensor controlled low power LED lighting, heat recovering systems to cut our carbon footprint as the starting point to our journey to net-zero.; Along with the hybrid working (which reduces travel) we gave employees the option to work from offices closer to home to reduce the commute time and therefore their carbon emissions. ; We only use reputable data centres that can prove that they have an environmental policy meeting our standards.
• Covid-19 recovery:

  Covid-19 recovery

  razorblue have utilised the government Kickstarter scheme to assist in young workers into working, along with introduction of Academy (Apprenticeship) programmes across many departments to assist unskilled workers into the Technology sector. ; We have introduced permanent hybrid working to elevate the work life pressures on families during and following Covid-19 resulting in improved mental and physical health of our employees. ; Along with introducing Covid-19 credits to organisations who were affected by Covid-19 and were unable to operate effectively due to its impact.
• Tackling economic inequality:

  Tackling economic inequality

  razorblue have utilised the government Kickstarter scheme to assist in young workers into working, along with introduction of Academy (Apprenticeship) programmes across many departments to assist unskilled workers into the Technology sector.
• Equal opportunity:

  Equal opportunity

  Along with the introduction of our Academy – we aim to upskill our workers and supporting their in-work progression.

Pricing

• Price: £1 to £1 a unit
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@razorblue.com. Tell them what format you need. It will help if you say what assistive technology you use.