Kimble Applications Limited

Kantata Professional Services Cloud

The Kantata PS Cloud is a powerful collection of resourcing, financial, project management, and business intelligence functionality that is purpose-built for professional services organisations. Using Kantata, organisations field the best team every time, see up-to-the-minute progress against timelines and budgets and deliver projects smoothly , predictably and profitably.

Features

• Proposal management and estimation
• Resource management & capacity planning
• Project management & collaboration
• Project accounting, billing & revenue recognition
• Operational period close
• Business intelligence, analytics, and real-time reporting
• Client collaboration & sentiment
• Supplier management & contractor self-billing
• Intercompany accounting
• Time & expense management

Benefits

• Maximise project margins & profitability
• Optimise utilisation across your talent pool
• Grow revenue through improved capacity planning
• Streamline back-office processes for time sheeting, reporting and invoicing
• Forecast revenue and resource demand more accurately
• Improve alignment with and between teams
• Increase job satisfaction for consultants and gather employee sentiment
• Decrease cost by eliminating legacy systems
• Close operational periods more quickly and efficiently

£450 to £900 a user a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.parlato@kantata.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

282708271924718

Contact

Andrew Parlato
12035928187
andrew.parlato@kantata.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Kantata is an Independent Software Vendor in the Salesforce ecosystem and our Kantata PS Cloud is built natively on the Salesforce platform. It can therefore be seamlessly integrated to other solutions on the Salesforce AppExchange or used as a standalone application.
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements:
  • A standard browser, either desktop or mobile
  • Connection to the internet

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: The Support Services include 24/7/365 online support staff. Kantata will work with Customers' designated staff personnel to classify the severity of the Case, provide efforts to correct the problem or provide a workaround as outlined in our Service Level Agreement. The response times are as follows: Level 1 (Critical Business Impact): within 2 hours; Level 2 (Significant Business Impact): within 8 hours of submission; Level 3 (Minimal Business Impact): within 12 hours of submission; Level 4 (General Inquiry): within 24 hours of submission
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Customers can select from two Success Packages: Our Premier Success Package provides customer education, a designated Customer Success Manager, online support, web conferencing support, and a menu of fixed scope packages supporting core functional areas with custom guidance and configuration. This is charged at 15% of the annual subscription fee.; ; Our Signature Success Package includes all the benefits of the Premier Success Package, additional credits and a designated Technical Account Manager. This is charged at 25% of the annual subscription fee.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: For existing customers, new licences are deployed and users granted access within 48 business hours from completion of an Order Form. For a new implementation, our professional services team will work with the customer to agree the strategy for implementation and rollout. Kantata's approach to implementation is focused on helping customers to design and adopt strong processes that provide clarity, consistency and control. This starts with setting a realistic scope for the first phase of implementation, allowing users to adapt to the opportunities that a new business application provides, while ensuring that they have room to grow once the solution is established. Our configuration and training is delivered in an iterative manner, allowing customers to pace themselves through the learning and testing cycle. This is followed by end-to-end testing to ensure that the solution fits their business and enables their key processes. All customers have access to onboarding resources such as the video library, step-by-step guides, and a training playbook. Every customer receives access to our learning courses and to certification exam places.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Upon the Customer’s request made at any time up to 30 days after the effective date of the termination of this Agreement, Kantata will make available to Customer for download a file of Customer Data in comma separated value (.csv) format and attachments in their native format. After such 30 day period, Kantata shall have no obligation to maintain or provide any Customer Data and may destroy the Customer Data.
• End-of-contract process: Upon the expiration or earlier termination of this Agreement, or at either party’s request, the receiving party will return or destroy all tangible and electronic materials that constitute the other party’s Confidential Information; provided, that automatically-generated computer backup or archival copies generated in the ordinary course of the receiving party’s business need not be returned or destroyed so long as the receiving party makes no further use of the same and continues to abide by the restrictions set forth in the Master Subscriptions Agreement with respect to such information.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Some of the Kantata application is available via the Salesforce mobile app for time and expense entry, approving timesheets, expense claims, invoices, forecast timesheets, and viewing Delivery Engagements and Portfolios.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Kantata provides out-of-the-box tooling for administrators to enable and configure features, tailor job scheduling, manage permissions and their reports library. All of our Cloud Services are accessed through the Salesforce platform and our applications also expose functional APIs where appropriate.
• Accessibility standards: None or don’t know
• Description of accessibility: The services are delivered as pure web pages and conform to Salesforce accessibility standards. JavaScript is required for full Service functionality.
• Accessibility testing: N/A
• API: Yes
• What users can and can't do using the API: Users can perform standard CRUD actions with the Kantata API that is; Create, Read, Update and Delete. Services are set up and managed within each client environment with industry standard security. Limitations are largely governed by the Force.com platform and our API's are constructed to display when those limits are reached.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Kantata is a true SaaS application and we maintain a core managed package that we update through major and minor releases. Customers can deploy customisations to extend the footprint of the core managed package with functionality needed for that particular organisation using standard Salesforce features such as workflows, extending custom objects and business validation.

Scaling

• Independence of resources: Kantata is built on the Salesforce platform. The current daily transaction average for the platform is regularly 6 billion. As Salesforce is multi-tenant, there are 'governor limits' which prevent resources from being monopolised by any single organisation. The multi-tenant application design combined with the fastest servers and high-performance networking infrastructure available, guarantees fast performance. In addition to scaling for growth, Salesforce continually strives to improve the average response time of services and to back up their claims, full details of transaction volumes and response times are publicly reported in real-time at https://status.salesforce.com/

Analytics

• Service usage metrics: Yes
• Metrics types: The service includes various metrics to monitor usage and adoption of the service, for example, last login, login duration etc. For Infrastructure detail metrics are available at https://trust.salesforce.com website provides performance and availability information for the entire service. For specific metric monitoring and for more in-depth detail customers can extend capability through the use of Event Monitoring. For example - which applications are being used, by whom, how are they being used, when, where from and are there performance issues. This data can be used to improve adoption, security and performance of the application.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
• Other data at rest protection approach: Classic Encryption: native Salesforce application feature which can be used to encrypt specific custom fields. There is no additional cost for this, but it does impact some application functionality. More information here: http://sfdc.co/FieldEncryption; ; Platform Encryption: Platform Encryption allows customers to encrypt data stored through Salesforce such as: files and attachments, certain standard and custom fields, and use an advanced key management system. It uses native strong, standards-based encryption. Controls help to protect data, which include the use of derived data encryption keys and customer-controlled key rotation, generation, and destruction process.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Via standard tooling from the interface or by downloading reports
• Data export formats:
  • CSV
  • Other
• Other data export formats: JSON
• Data import formats:
  • CSV
  • Other
• Other data import formats: JSON

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Kantata is built on the Salesforce platform. The Salesforce Services are designed with the concept of continuous improvement and Trust (e.g. Availability, Performance and Security) in the infrastructure. Salesforce uses commercially reasonable efforts to make its on-demand services available to its customers 24/7, except for (minimal) planned downtime, for which Salesforce gives customers prior notice, and force majeure events. Excellent availability statistics (historically 99.5%) are critical to Salesforce's customers’ success and to the success of Salesforce as a company. Salesforce generally does not focus on a specific percentage, as they do not believe their job on availability will ever be “complete”. Live and historical statistics on Salesforce system performance are publicly published at: https://trust.salesforce.com/en/#systemStatus, and further detail can be shared upon request and NDA.
• Approach to resilience: To maximise availability, the service is delivered using a world-class data centre infrastructure consisting of a primary production data centre, a full capacity secondary data centre for hosting the service provided to customers. The infrastructure utilises carrier-class components designed to support millions of users. Extensive use of high availability servers and network technologies, and a carrier-neutral network strategy help to minimise the risk of single points of failure, and provide a highly resilient environment with maximum uptime and performance. More detailed information is available under NDA on request.
• Outage reporting: Outage escalation policies are established and maintained as Salesforce's goal is to rapidly restore service. In the event of an extended outage, periodic updates are provided in near real time to customers via the trust.salesforce.com dashboard site and in addition, service notifications are provided to nominated contacts via various channels such as email. Update frequency for notifications is dependent on the customer support service plan.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: Salesforce has a comprehensive set of authentication mechanisms that customers can chose from. These include the inherent username and password option, Single Sign-on, Social Sign-on through another application, such as Google, integration with existing identity management systems a customer may have. 2 Factor Authentication is required, and the application can also act as a Service Provider or Identity Provider for SSO integration using SAML.
• Access restrictions in management interfaces and support channels: Management access for service support and delivery is done through multiple layers of controls including, but not limited to, multiple 2-factor authentication, bastion host and proxy control and segregation of duties. These controls are in scope for SSAE-18 auditing and evidences through the SOC 2/ISAE3402 report. Access to the management interface for the customer to configure their salesforce environment is configured by the customer themselves. The options are outlined above. Robust application design and testing ensures that users without administrative access rights cannot access more sensitive areas of the application.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • SSAE SOC 1 Type 2
  • SSAE SOC 2 Type 2

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Trusted Services Criteria (TSC) SOC 2 Type 2
• Information security policies and processes: The following is a listing of essential policies that are in place: Information Security Policy, Access Control Policy, Password Policy, Data Classification Policy, Physical Security Policy, Acceptable Use Policy, Backup Policy, Logging and Monitoring Policy, Risk Management Policy, Change Management Policy, Incident Response Policy, Vendor Management Policy, Communications Policy. Policy adherence is driven through both technical controls as well as employee acknowledgement.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: To be completed
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We employ automated vulnerability scanners to detect known vulnerabilities across our infrastructure, applications, and endpoints. Threat Intelligence Feeds: We subscript to several reputable threat intelligence feeds, informing us about new vulnerabilities, zero-day exploits, and active threat campaigns. Code Scanning: Leverage a developer-first Static Application Security Testing (SAST) tool that helps developers find and fix vulnerabilities within their own code. Risk-based Prioritisation: Vulnerabilities are categorised based on severity (using CVSS scores) and the potential impact on our services. Testing: Patches are tested in a staging environment to ensure they don't introduce unintended side-effects or break core functionality.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Tools are deployed in the environment that provide real time monitoring and alerting capabilities through Intrusion Detection & Prevention Systems (IDPS), Endpoint Detection and Response (EDR), and Application Performance Monitoring (APM). All alerts are sent to a SOC with 24/7 monitoring.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Kantata maintains robust security incident management policies and procedures. In the event of an actual or reasonably suspected unauthorized disclosure of Customer Data, Kantata will promptly notify the Customer. Our hosting provider, Salesforce, also maintains its own comprehensive security incident response plan.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We support recycling, Earth Day and tracking travel carbon footprint.

  Covid-19 recovery

  We implement health programs, remote work and unlimited PTO for employee well-being.

  Tackling economic inequality

  We practice diverse hiring and implement global job architecture for fair pay practices.

  Equal opportunity

  We implement gender-neutral policies, degree-agnostic hiring, internal postings and affinity group support.

  Wellbeing

  We offer remote work, flexible time off, EAP, remote leadership training, trust-based outcomes.

Pricing

• Price: £450 to £900 a user a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.parlato@kantata.com. Tell them what format you need. It will help if you say what assistive technology you use.