Asana Work Management Platform
Keep your teams coordinated, wherever they are. With Asana, remote teams can organise projects, manage shifting priorities, and get work done. It is a collaborative work management platform that helps teams and distributed, remote working teams, collaborate, manage work, project manage everything from daily tasks to strategic initiatives.
Features
- Project Management
- Organize Work (agile working with kanban boards)
- Manage Tasks
- Visualize Projects
- Assign Tasks
- Set due dates and times
- Agile Working Boards
- Streamline workflow and approvals
- Manage workload across the team (avoid burnout)
- Remote Access. Connect and collaborate while working remotely
Benefits
- Easily manage team projects and tasks
- Stay in sync, hit deadlines, and reach your goals
- Map out each step and organize tasks
- Visualize work through multiple stages quickly and easily
- Use Timeline to create a project plan
- Simplify workflows, reduce errors, and save time
- Streamline work
- Easily spot holes and overlaps in your schedule
- Monitor the status of key initiatives in real time
- Manage team workload.
Pricing
£0 to £49.99 a user a month
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
3 1 0 6 0 4 4 8 0 3 7 9 4 2 7
Contact
Generation Digital
Thomas Sutton
Telephone: 0203 6379 776
Email: gcloud@gend.co
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
-
Asana does not work with:
Internet Explorer 10
Internet Explorer 11
Opera
Developer or Beta versions of supported browsers - System requirements
- Supported browsers: Chrome , Safari for Mac, Firefox, Microsoft Edge
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Expedited support ticket
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Web chat
- Web chat support availability
- 24 hours, 7 days a week
- Web chat support accessibility standard
- None or don’t know
- How the web chat support is accessible
- Via the website.
- Web chat accessibility testing
- None.
- Onsite support
- Yes, at extra cost
- Support levels
-
We provide the following support levels:
Onboarding plans: Work hand-in-hand with an expert on a custom onboarding plan, timeline, and kickoff.
Customer success managers (CSMs): A dedicated partner familiar with your goals, helping you hit them with coaching, calls, and training.
Professional services: Additional consulting sessions for on-site training, digital transformations, custom integrations, and more.
Custom resources: From onboarding to feature tips, we can provide the right content at the right time to help answer your team’s questions and needs. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
We provide Online Training, Onsite Training, User Guides, etc.
To help your team start using Asana, we’ve analyzed what the most successful teams in Asana have in common, channeled the expertise of our Customer Success Managers, and incorporated proven change management strategies all to craft the “Asana Way of Change” framework outlined in this article.
Asana Help: Get how-to help and step-by-step instructions for specific features in Help.
Asana Forum: Ask questions, get answers, and join our large community of Asana experts.
Asana Academy: Learn how to use Asana through trainings, webinars, and interactive courses hosted by Asana’s Customer Success team.
Asana Guide: Learn how to onboard your team and use Asana to its full potential with quick and easy tips.
Asana Use Cases: Learn how other teams like yours use Asana and how to build out projects specific to your team.
Asana Developer’s Guide: Learn how to customize the Asana experience, leverage your data with the Asana API, and join our developer community. - Service documentation
- Yes
- Documentation formats
-
- HTML
- ODF
- End-of-contract data extraction
- You can export your own data, per project to the text-based file formats JSON or CSV, the latter of which can be viewed in a spreadsheet application like Microsoft Excel or Google Sheets. This can be done via the admin console or by contacting support.
- End-of-contract process
- At the end of the contract, licences can be renewed or terminated.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- The user experience is similar across desktop and mobile.
- Service interface
- No
- User support accessibility
- None or don’t know
- API
- Yes
- What users can and can't do using the API
-
Asana’s API provides a means for software and scripts to read information from inside Asana, input information from outside Asana, and automatically react when things change. This can include: consistently doing repetitive or tedious tasks, creating reports on the state of tasks and projects, or staying in sync with other software such as Slack or Salesforce used in your organization.
Asana’s platform is built to be flexible and powerful and be intuitive enough for all teams to adopt and maintain clarity on the work being done. - API documentation
- Yes
- API documentation formats
- Other
- API sandbox or test environment
- No
- Customisation available
- Yes
- Description of customisation
-
Branding
Custom Fields
Display
Workflow
Templates
Integrations
Security
Scaling
- Independence of resources
- Asana is built on a scalable cloud platform used by millions of users.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
From withihin Insights you can understand how your organization is using Asana through high-level metrics
See recently added teammates
View the most influential members in your organization (active members with the most invites sent, teams created, and projects shared in Asana)
With Business, you can view detailed engagement activity over time to spot trends in your organizations usage of Asana
Report of projects status, work load, etc. - Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Asana (Generation Digital is an official partner providing additional services)
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- European Economic Area (EEA)
- Other locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Physical access control, complying with another standard
- Encryption of all physical media
- Scale, obfuscating techniques, or data storage sharding
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- You can export your own data, per project to the text-based file formats JSON or CSV, the latter of which can be viewed in a spreadsheet application like Microsoft Excel or Google Sheets. This can be done via the console or a support ticket.
- Data export formats
-
- CSV
- ODF
- Other
- Other data export formats
- Text
- Data import formats
-
- CSV
- ODF
- Other
- Other data import formats
-
- Monday.com
- Trello
- Airtable
- Smartsheet
- Wrike
- Google Sheets
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- Legacy SSL and TLS (under version 1.2)
- Other
- Other protection between networks
- Web connections to the Asana service are via TLS 1.1 and above. We support forward secrecy and AES-GCM, and prohibit insecure connections using TLS 1.0 and below or RC4.
- Data protection within supplier network
-
- Legacy SSL and TLS (under version 1.2)
- Other
- Other protection within supplier network
-
SOC 2 (Type 1 and 2)
Asana has successfully completed its SOC 2 (Type I) and (Type II) audits for controls relevant to security, availability, and confidentiality. This means that an independent third party has both validated our processes and practices with respect to these three trust services criteria and confirmed our ability to maintain compliance with the controls we’ve implemented.
Availability and resilience
- Guaranteed availability
- The Enterprise plan has a 99.9% uptime SLA.
- Approach to resilience
-
Asana’s infrastructure investments provide daily backups, regional backups, and recovery procedures for restoring services in the event of unavoidable failures.
Asana uses Amazon Web Services (RDS & S3) to manage user data. The database is replicated synchronously so that we can quickly recover from a database failure. As an extra precaution, we take regular snapshots of the database and securely move them to a separate data center so that we can restore them elsewhere as needed, even in the event of a regional Amazon failure.
We currently host data in secure SSAE 16 audited data centers via Amazon RDS in the United States. - Outage reporting
-
Asana offers transparency into real-time and historical platform status, and a 99.9% uptime commitment to our Enterprise customers.
Updates can be provided by:
a public dashboard
an API
email alerts
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
-
On a quarterly basis, management reviews user access to in-scope systems for continued
appropriateness and removes any access that is no longer required. Upon termination of employees,
access is removed. - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- PCI Security Standards Council
- PCI DSS accreditation date
- 30/6/2018
- What the PCI DSS doesn’t cover
- Face-to-face channels
- Cyber essentials
- No
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
-
- SOC 2 audits for controls
- SSAE 16 certification
- ISO/IEC 27001:2013
- GDPR
- CCPA
- GLBA
- FERPA
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- CSA CCM version 3.0
- Other
- Other security governance standards
-
SOC 2 (Type 1 and 2)
Asana has successfully completed its SOC 2 (Type I) and (Type II) audits for controls relevant to security, availability, and confidentiality. - Information security policies and processes
-
SOC 2 (Type I) and (Type II). This means that an independent third party has both validated our processes and practices with respect to these three trust services criteria and confirmed our ability to maintain compliance with the controls we’ve implemented.
Security in our Software Development Lifecycle
Asana uses the git revision control system. Changes to Asana’s code base go through a suite of automated tests and are reviewed and go through a round of manual review. When code changes pass the automated testing system, the changes are first pushed to a staging server wherein Asana employees are able to test changes before an eventual push to production servers and our customer base. We also add a specific security review for particularly sensitive changes and features. Asana engineers also have the ability to “cherry pick” critical updates and push them immediately to production servers.
In addition to a list where all access control changes are published, we have a suite of automated unit tests that check that access control rules are written correctly and enforced as expected. We also work with third-party security professionals to:
Test our code for common exploits
Use network scanning tools against our production servers
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- Asana uses the git revision control system. Changes to Asana’s code base go through a suite of automated tests and are reviewed and go through a round of manual review. When code changes pass the automated testing system, the changes are first pushed to a staging server wherein Asana employees are able to test changes before an eventual push to production servers and our customer base. We also add a specific security review for particularly sensitive changes and features. Asana engineers also have the ability to “cherry pick” critical updates and push them immediately to production servers.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
-
Asana maintains an ongoing risk management process to proactively identify vulnerabilities within systems and assess new and emerging threats to operations. Asana maintains a vulnerability scanning process both for external and internal systems in the production environment. Security team performs scans at least quarterly and remediates vulnerabilities based on rating. Vulnerability scans are also run after any significant change to the production environment as determined by the Head of Security.
We work with security professionals to test code for common exploits and use network scanning tools against our production servers. Penetration testing is performed annually. Vulnerabilities are remediated and re-tested. - Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
-
Asana uses specialist monitoring services. Asana monitors the capacity utilization of physical and
computing infrastructure both internally and for customers to ensure service delivery matches service
level agreements. We have automated security scans on our network and applications. A monitoring
script runs weekly to validate code changes were properly reviewed.
Asana maintains an Incident Response Plan designed to establish a reasonable and consistent response
to security incidents and suspected security incidents involving the accidental or unlawful destruction,
loss, theft, alteration, unauthorized disclosure of, or access to, proprietary data or personal data
transmitted, stored, or otherwise processed by Asana. - Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
-
Asana maintains an Incident Response Plan designed to establish a reasonable and consistent response
to security incidents and suspected security incidents involving the accidental or unlawful destruction,
loss, theft, alteration, unauthorized disclosure of, or access to, proprietary data or personal data
transmitted, stored, or otherwise processed by Asana.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
We are committed to fighting climate change. - Covid-19 recovery
-
Covid-19 recovery
We are committed to Covid-19 recovery - Tackling economic inequality
-
Tackling economic inequality
We are committed to tackling economic inequality - Equal opportunity
-
Equal opportunity
We are committed to equal opportunity - Wellbeing
-
Wellbeing
We are committed to wellbeing
Pricing
- Price
- £0 to £49.99 a user a month
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- 30 Day Free Trial
- Link to free trial
- https://form-beta.asana.com/?hash=2536e9f2901b0772bb706373857b557ce568eaf36912cf33d5d67cb34ebba1b1&id=1184309215377039