Trustmarque Solutions Limited

TRUSTMARQUE MICROSOFT 365 ENTERPRISE AGREEMENT MANAGED SUPPORT SERVICE

As a Microsoft Gold Partner, our M365 Enterprise Agreement Managed Support Service is designed to help you select the most advantageous Enterprise Agreement, enabling you to derive business benefits and technical fit at the prime price point. Depending on the services purchased, it can incorporate requirements definition and scenario demonstrations.

Features

• Customised Cloud reporting
• Software Renewal Management
• Bespoke/Agile Management platform
• Assist organisations with crucial factors when undertaking Software Products selection
• Recommend / identify potential products and support evaluation
• Support organisations to assess services offered by Microsoft
• Enable an objective, structured and rigorous process throughout
• Dedicated Public Sector practitioners will provide sector expertise
• Provided by a Microsoft Gold Partner
• Capability - holding six UK Microsoft designations

Benefits

• Improved management of estate maximising cost savings
• Timely renewal of licenses
• Improved transparency ensuring better license management
• Expertise to ensure the most value from your software investments
• Independent advice from a vendor-agnostic partner
• Process-driven licensing operations model enabling predictability for end users
• Specific guidance related to your department, agency or public body
• Flexible service adaptable to the clients changing business needs
• The Service will support the adoption of cloud technologies
• Empowering transparent decision making

£450 a unit

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@trustmarque.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

482150295990304

Contact

Darren Moyes
01904 934435
tenders@trustmarque.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: No
• System requirements:
  • Internet Access
  • Access device with Web Browser

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Monday to Friday, 9am to 5pm
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Via Microsoft Teams
• Web chat accessibility testing: N/A
• Onsite support: Onsite support
• Support levels: N/A
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Service on-boarding follow the following process: 1. Introduce Account Team 2. Initial scoping call/meeting 3. Agree communication plan 4. Confirm SLAs are appropriate 5. Define reporting requirements and frequency 6. Commence Service
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The data held by us is the procurement data from the service, this is provided upon request in the form of a CSV file.
• End-of-contract process: Data will be provided upon contract termination

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • MacOS
  • Windows
  • Windows Phone
  • Other
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: This is a managed procurement service. As such, during on-boarding, the service is tailored to the clients needs. For example, the cloud communication platform the client is using.

Scaling

• Independence of resources: We ensure that for every 10 enterprise scale organisation deploy we the following dedicated team: 1 x Client Director, 1 x Internal Account Manager, 1 x Licensing Specialist, 0.5 X Operational Admin , 0.5 X Procurement Admin, 0.2 X Vendor Alliance Manger. We use this model to scale this service and ensure that the integrity of the service is maintained at all times.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide a range of data based on client activity through the service. This is broken down into, purchase history, spend analysis, delivery, SLAs, individual/group/departmental spend.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: The data held by us is the procurement data from the service, this is provided upon request in the form of a CSV file.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: See Microsoft's Online Service Terms at http://www.microsoftvolumelicensing.com/Downloader.aspx?DocumentId=13655
• Approach to resilience: Please see https://www.microsoft.com/en-us/cloud-platform/global-datacenters and https://www.microsoft.com/en-us/TrustCenter/
• Outage reporting: Please see https://azure.microsoft.com/en-us/status/ and https://portal.azure.com/#blade/HubsExtension/ServicesHealthBlade

Identity and authentication

• User authentication needed: No
• Access restrictions in management interfaces and support channels: Not Applicable
• Access restriction testing frequency: At least once a year
• Management access authentication: Other
• Description of management access authentication: Not Applicable

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Lloyd's Register
• ISO/IEC 27001 accreditation date: 06/03/2020
• What the ISO/IEC 27001 doesn’t cover: The scope of this approval is applicable to: Information Security for the provision and support of the end-to-end IT services; software, cloud, cyber security, managed services and datacentre solutions; including strategy, planning and integration, licensing, deployment, and management of third-party service providers. In accordance with Statement of Applicability version 5.n.
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 29/09/2016
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: None
• PCI certification: Yes
• Who accredited the PCI DSS certification: Coalfire Systems Inc
• PCI DSS accreditation date: 01/04/2016
• What the PCI DSS doesn’t cover: Service Scope is identified here http://aka.ms/azure-pci
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • FACT
  • NHS IG Toolkit
  • FedRamp
  • NIST 800-171
  • EU Model Clauses

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We follow Capita's internal Information Security Policy which is available on request.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Not Applicable
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Not Applicable
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Not Applicable
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Not Applicable

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Trustmarque's Environmental Policy and Carbon Reduction Plan include delivering and supporting actions on reducing our carbon footprint and our impact on climate change. Our policies include 'Virtual First 'meetings, energy reduction plans, flexible working. Please contact Trustmarque to discuss the provision of Social Value. Any Social Value deliverable must be agreed with Trustmarque and be proportionate to the contract value and deliverables.
• Covid-19 recovery:

  Covid-19 recovery

  Trustmarque can provide re-training for those left unemployed by Covid-19 through skills training, CV and interview workshops. Please contact Trustmarque to discuss the provision of Social Value. Any Social Value deliverable must be agreed with Trustmarque and be proportionate to the contract value and deliverables.
• Tackling economic inequality:

  Tackling economic inequality

  Trustmarque tackles economic inequality through operating a diverse supply chain including a large number of SMEs and micro businesses. Our access to a broad range of suppliers ensures both resilience and capacity. Trustmarque is also continuously refining our supply chain to meet the ever-changing needs of our customers and to ensure we can always offer the best solution through capability, capacity and resilience at the best price. Our vendor agnostic approach among suppliers allows us to support innovation and disruptive technologies to deliver lower cost and/or higher quality goods and services to customers. Please contact Trustmarque to discuss the provision of Social Value. Any Social Value deliverable must be agreed with Trustmarque and be proportionate to the contract value and deliverables.
• Equal opportunity:

  Equal opportunity

  Trustmarque operates an Equal Opportunities policy that outlines our commitments including creating a workforce that reflects the diversity of our communities. Other initiatives include supporting disabled people to develop skills and supporting in-work progression. Please contact Trustmarque to discuss the provision of Social Value. Any Social Value deliverable must be agreed with Trustmarque and be proportionate to the contract value and deliverables.
• Wellbeing:

  Wellbeing

  We align our approach to mental wellbeing to the six standards in the Mental Health at Work commitment, including staff work and wellbeing sessions, flexible working, speak-up policy, etc. Please contact Trustmarque to discuss the provision of Social Value. Any Social Value deliverable must be agreed with Trustmarque and be proportionate to the contract value and deliverables.

Pricing

• Price: £450 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@trustmarque.com. Tell them what format you need. It will help if you say what assistive technology you use.