CIH Solutions Ltd

CIHS 4Me ITIL Managed Solution

ITSM-agnostic solution partner CIHS offers 4me expanding ITSM and SIAM capabilities outside of IT, including citizen-related services of Local Governments. Its ESM capabilities enable internal departments to collaborate (IT, HR, Payroll, Facilities, and SecOps) and engage with external service providers. 4me provides visibility and control of service cost and quality.

Features

• IT Service Management (ITSM)
• Enterprise Service Management (ESM)
• Customer Services Management (CSM)
• Security Operations (SecOps)
• Service Integration and Management (SIAM)
• Incident Management
• Knowledge Management
• Problem Management
• Configuration Management
• Project Management and Kanban Boards

Benefits

• Improved collaboration with many suppliers (seamless SLA evaluation)
• Increased productivity of support staff (internally and externally)
• Service Integration enables collaboration across multiple entities
• Leverage dynamic sourcing thanks to SIAM capabilities
• Excellent performance and user satisfaction.
• Prove compliance for your company certification
• Low administrative overhead.
• Low Total Cost of Ownership.

£10,000 to £60,000 an instance a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Chris.Hodder@itsmconsultancy.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

425011408034801

Contact

Chris Hodder
0208 050 3165
Chris.Hodder@itsmconsultancy.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Our commitment to providing exceptional service, as such, our standard service hours are designed to align with typical business operations, ensuring consistent and reliable support during these times: Service Hours: Our core operating hours are 8:00 AM to 6:00 PM, Monday through Friday, in the UK. Out-of-Hours Service Provision: Some projects or issues may require attention beyond standard hours; we offer extended service as needed but involve additional charges in line with SFIA guidelines. Chargeable Travel: Travel expenses incurred for client projects are billable. These costs are clearly outlined and agreed upon in the terms and conditions of our contracts.
• System requirements: Web Browser: IE11+, Microsoft Edge, Chrome, Firefox, Safari or Opera

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support is offered a different tiers depending on the solution between 8am - 5:30pm Mon-Fri by default. Enhanced hours are available based on managed service tiers. Default response times vary between 15 min and 30 mins depending on the priority of the ticket in line with our documented priority matrix and the tier of support required.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: We have actively engaged in testing web chat systems with assistive technology users to ensure accessibility and usability for all. This testing involves participants who use various assistive technologies like screen readers, speech recognition software, and keyboard-only navigation. We focus on identifying and resolving barriers that might impede user interaction, ensuring that our web chat interfaces are compliant with accessibility standards such as WCAG and ADA. Feedback from these sessions is integral to our development process, leading to enhancements in our chat interface designs to better accommodate the needs of users with disabilities. Our commitment to inclusive design drives us to refine our products through feedback loops and iterative testing continuously. By collaborating closely with users dependent on assistive technologies, we gain invaluable insights that help us improve usability. This process not only enhances the user experience for individuals with disabilities but also benefits all users by creating more intuitive and easy-to-navigate interfaces.
• Onsite support: Yes, at extra cost
• Support levels: CIHS offers 4 levels of support Bronze, Silver, Gold and Platinum providing a clear distinction between the units of work available, which vary depending on the supported platform and the additional benefits including: - Included Consultancy Time - Discounts on CIHS services - Discounts of CIHS products All tiers are supported by technical and Client Services dedicated resources.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: CIHS supports new users in starting with our service through a multifaceted onboarding process that includes assessment, professional services, online training, onsite training, and comprehensive user documentation.; ; Assessment Services: Before implementation, we thoroughly assess the user's current IT infrastructure and business needs. This helps customise the setup and ensures that our service integrates seamlessly with existing systems and processes. The assessment identifies key areas where our service can provide the most impact, facilitating targeted and effective deployment.; ; Professional Services: Our professional services team is involved from the outset, providing expertise in system integration, configuration, and optimisation. This team ensures the service is configured to meet the user's specific requirements, providing successful usage and realising ROI.; ; Online and Onsite Training: We offer self-paced modules covering basic functionality and advanced features. For a more tailored training experience, we provide onsite training sessions. These sessions are customised to address the organisation's specific needs and provide hands-on experience for effective learning.; ; By combining these elements, CIHS ensures that each user is well-prepared to integrate and leverage our service effectively, contributing to smoother transitions and optimal service use within their organisational context. This holistic approach to onboarding facilitates immediate productivity and long-term success.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: At the end of a contract, CIHS ensures a smooth and secure process for extracting your data, facilitating a seamless transition.; ; Notification and Planning: As the contract nears completion, we discuss the timeline and extraction requirements. This phase involves planning the extraction process to align with the needs and schedule.; ; Extraction Tools and Assistance: Tools and support to extract data are available. These tools handle large volumes of data, ensuring that all data can be retrieved in a usable format (such as CSV, JSON, or XML). Our technical support team can assist with any queries during this process.; ; Data Integrity and Security: Throughout the extraction process, we maintain the highest data integrity and security standards.; ; Final Data Review: Once the data is extracted, users are encouraged to review it for completeness and accuracy. ; ; Data Transfer and Deletion: Following confirmation that the user has transferred the data to their IT environment or another service provider. CIHS will proceed with securely deleting it from our systems in compliance with data protection regulations.; ; Support: CIHS provides continuous support throughout the end-of-contract process to ensure every step is clear and smoothly executed. We aim to make the transition as straightforward and secure as possible.
• End-of-contract process: At the end of a contract with CIHS, several procedural steps are undertaken to ensure a smooth and orderly closure. This includes data extraction, where users are supported in securely transferring their data out of our systems, followed by a systematic decommissioning of services and secure data deletion, adhering to compliance and privacy standards.; ; Regarding contract pricing, the core services included are access to the CIHS Kelverion automation service, regular updates, maintenance, and essential customer support. ; ; Additional end-of-contract costs may arise from any professional services needed to facilitate migration to a new service, including but not limited to enhanced support levels (e.g., 24/7 support) and advanced configuration or integration services tailored to new requirements.; ; Optional extended services and features not covered in the standard package can incur extra charges. These distinctions are clearly outlined at the contract's start to ensure transparency and help clients plan their budgets effectively.; ; This structure ensures that clients can align their investment with their actual service usage and needs, avoiding unexpected expenses while maximising the value derived from our services.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Feature parity.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: 4me platform provides a web-based user interface in a form of an intuitive Self-service portal for employees, end-users, and customers.; ; Service Desk Agents, Specialists, and Managers benefit from a powerful, productivity-focused Specialist web-based interface.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: The 4me user interface adheres to 4me’s interpretation of the guidelines laid down in WCAG 2.1. It is 4me’s belief that the user interface complies with the guidelines’ main intentions regarding accessibility, as far as possible.
• API: Yes
• What users can and can't do using the API: 4me platform integrates very well with legacy and modern applications, platforms and toolsets. The APIs include GraphQL API, REST API, Bulk API, Events API, Mail API, Webhooks API, Single Sign-On, JIT Provisioning, SCIM Provision, CTI. 4me's APIs are tested for performance, reliability, and security. Full documentation is available at https://developer.4me.com/.; HaloITSM is an API-centric application, so all the functionality from the application is available within the API.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The customisations often include but are not limited to:; Design of Self-Service Portal (customer logo, colours scheme, layout); Workflows and process automation; Service request forms and ticket templates; Standard and bespoke integrations

Scaling

• Independence of resources: We guarantee this by implementing scalable cloud infrastructure and advanced load-balancing techniques. This architecture allows us to allocate resources as demand fluctuates dynamically, maintaining consistent user service levels. Additionally, we utilise monitoring and predictive analytics to foresee demand spikes and adjust resources proactively, ensuring a seamless and uninterrupted user experience across our platform.

Analytics

• Service usage metrics: Yes
• Metrics types: Service Availability and Service Performance of 4me is monitored independently, with current and historical data shared at http://status.4me.com/.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: 4Me

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: At CIHS, users can export their data efficiently and securely through these steps:; ; Access: Users log into their account and navigate to the export section.; Select Data: Options allow filtering by date, type, or other criteria.; Choose Format: Users select from export formats.; Initiate Export: The system prepares the data file.; Download: Once ready, the file is available for secure download.; Support: If issues arise, the CIHS support team assists users.; This process ensures easy data portability and management, aligning with CIHS commitment to user autonomy and data security.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: AVAILABILITY. The service is to be available for at least 99.8% of the time during the service hours, 24x7 (Monday through Sunday). The service hours and support hours in this service offering and the service level agreements that are based on it are presented in UTC. This time zone is applied for all service level calculations related to this offering. The service may be down for up to 4 hours per calendar month due to scheduled maintenance. The maintenance window is: Saturdays from 10:00pm until Sundays 2:00am UTC.; RELIABILITY. During the service hours, the service will not be down more than 3 times per month.; PENALTIES. In case the Availability and/or the Reliability service level target of a customer’s service level agreement that is based on this service offering has been violated during a monthly reporting period, the affected customer will receive, free of charge, a number of prepaid user-months for future use. This number of prepaid user-months equals 25% of the number of user-months consumed by the customer during the reporting period in which the target violation(s) occurred.
• Approach to resilience: Multiple datacentres per region. Disaster recovery in a different region.
• Outage reporting: The customers' key contacts are notified as the service becomes unavailable or limited in use. The quality of 4me service is monitored independently, with information about outages and response times available at http://status.4me.com/.; ; For direct notifications, we use email alerts to inform customers of any service disruptions. These alerts include detailed information about the nature of the outage, the expected resolution time, and any steps to address the issue.; ; This multi-channel communication strategy ensures that all stakeholders are well-informed and can plan accordingly during service interruptions.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Access within 4me is on a strict need to know basis. Without the need to know for the work the person is doing, there is no access to functions not required for the line of work. 4me has no access to the customer's account(s) and management of the account is either done via a partner or the customer themself. Support is handled via partner and if necessary forwarded to 4me by the partner.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International Ltd.
• ISO/IEC 27001 accreditation date: 02/09/2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: In alignment with ISO 27001 and Cyber Essentials frameworks, our information security policies are designed to protect data integrity, availability, and confidentiality. We have implemented comprehensive risk management procedures that identify, evaluate, and mitigate risks, complemented by stringent access controls to prevent unauthorised data access. Our incident response strategy ensures quick action and mitigation of security breaches.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: CIHS operates an ITIL-aligned configuration and change management process set that integrates the systematic oversight of all configuration items with a structured process for implementing changes. It begins with maintaining an accurate Configuration Management Database (CMDB), essential for tracking the attributes and relationships of CIs. Change management coordinates all alterations to the IT environment, ensuring they are evaluated, approved, and documented to mitigate risk and minimise disruption. This combined approach enhances service reliability, compliance, and security, facilitating efficient incident resolution and continuous improvement. It ensures all changes are traceable, strategic, and aligned with business objectives.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: CIHS's best-practice vulnerability management approach involves continuous identification, classification, prioritisation, and remediation of software vulnerabilities. This process starts with comprehensive asset discovery and regular vulnerability scanning to detect potential security threats. ; ; Identified vulnerabilities are then evaluated and prioritised based on their severity and potential impact on the organisation. Remediation actions are systematically implemented, often through patches or configuration changes, followed by verification to resolve vulnerabilities. This proactive approach minimises exposure to security risks, maintains compliance with industry standards, and protects against breaches, ensuring the integrity and reliability of CIHS managed systems.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: CIHS' best-practice protective monitoring management approach involves the continuous surveillance and analysis of managed systems to detect and respond to security threats in real-time. It encompasses collecting, correlating, and evaluating log data across diverse sources, ensuring anomalies and potential breaches are identified swiftly. ; ; Implementing robust monitoring tools and setting clear thresholds for alerts is crucial. This approach is complemented by regular audits and updates to the monitoring rules based on emerging threats and system changes. ; ; Effective protective monitoring enhances security and supports regulatory compliance and operational resilience by enabling rapid risk detection and mitigation.
• Incident management type: Supplier-defined controls
• Incident management approach: CIHS operates an ITIL-aligned incident management approach that emphasises quick restoration of normal service operations with a documented, repeatable process, including identifying, logging, categorising, prioritising, and diagnosing incidents. Efficient automated communication and escalation procedures are crucial. The approach utilises our Service Desk to track incidents from detection to resolution. ; ; Root cause analysis is employed post-resolution to prevent recurrence. Key metrics, like mean time to resolve (MTTR), are tracked to gauge effectiveness and improve. This methodology ensures consistent, effective handling of incidents, enhancing overall service quality. Post-incident reviews are available for high-impact incidents and on request for other incident priorities.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  IH Solutions Ltd. recognises the urgent need for environmental stewardship and is committed to addressing climate change. Our Carbon Reduction Plan outlines our commitment to achieving Net Zero emissions by 2040. Our carbon reduction efforts' baseline year is from January 2023 to December 2023. CIHS has set ambitious carbon reduction targets to align with the commitment to achieving Net Zero by 2040. Targets are categorised into short-term, medium-term, and long-term objectives. Short-term Targets (2023-2025): • Implement energy-efficient measures to achieve a 10% reduction in Scope 1 emissions. • Invest in renewable energy sources to cover at least 20% of the company's total energy consumption, reducing emissions. • Collaborate with the top 30 suppliers to establish emission reduction goals within the supply chain. Medium-term Targets (2026-2030): • Achieve a 25% reduction in emissions through the adoption of low-carbon technologies and practices. • Increase the share of renewable energy in total energy consumption to 40%. • Expand the scope of supply chain engagement to include the top 50 suppliers. Long-term Targets (2031-2040): • Achieve Net Zero emissions by 2040 through emission reduction measures, investments in carbon offset projects, and technological innovation. • Advocate for industry-wide adoption of sustainable practices and contribute to systemic change.

  Covid-19 recovery

  CIHS is committed to aiding recovery from COVID-19 by enhancing safety, supporting remote work, enabling contactless interactions, promoting health awareness, and boosting community resilience. Our comprehensive service provision ensures rigorous safety protocols are in place, reducing the risk of virus transmission and safeguarding our clients and their customers. By facilitating efficient remote work configurations, we enable businesses to continue operations seamlessly, ensuring high productivity while minimising physical contact. Our technology solutions also support the implementation of contactless transactions, crucial in maintaining business continuity and customer interactions without health risks.

  Tackling economic inequality

  At CIHS, our commitment to reducing economic inequality is realised through various strategic initiatives. We offer affordable access to our technological solutions, ensuring that all segments of society can benefit from digital advancements. This approach democratises technology access and helps mitigate the widening economic gap caused by technological disparities. In addition to access, we emphasise financial literacy as a fundamental component of our service. Educating individuals and communities about financial management empowers them to improve their economic well-being.

  Equal opportunity

  The success of CIH Solutions Ltd as an organisation depends upon the effective use of the abilities of each of our employees. With this in mind, the company is committed to providing equality and fairness for all recruitment applicants and employees and not discriminating against anyone because of their gender (including sex, marital status and gender reassignment), race (including ethnic origin, colour, nationality and national origin), disability, religion, belief or age. In addition, CIH Solutions Ltd will not discriminate against anyone associated with another individual protected under equality legislation. We oppose all forms of unlawful and unfair discrimination. All employees will be treated fairly and with respect. Selection for employment, promotion, training, or any other benefit will be based on aptitude and ability. The company is also committed to preventing discrimination of any type against its employees by third parties like suppliers, clients, and the general public. The responsibility for upholding this commitment is shared by every employee and intended to benefit them.

  Wellbeing

  At CIHS, enhancing well-being is a core objective achieved through a holistic health and lifestyle support approach. We provide mental health resources and initiatives, understanding mental well-being's critical role in overall health. Our services also promote work-life balance by offering technologies that support remote and flexible work arrangements, helping individuals manage their time more effectively.

Pricing

• Price: £10,000 to £60,000 an instance a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: 4me provides the trial instance accompanied by comprehensive learning materials, videos and exercises published at https://learning.4me.com/training/, to accelerate understanding of its platform features and benefits.
• Link to free trial: https://www.4me.com/request-a-demo/

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Chris.Hodder@itsmconsultancy.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.