COFORGE U.K. LIMITED

Test Assurance using iTEST framework

iTEST allows organizations to accelerate their testing automation initiative for Pega applications. Based on Selenium & TestNG, iTEST provides a Data-Driven-Framework that has capabilities for testing Authentication, Role-based security, Portals, Role-wise Reports Access, Dashboards, Search and many other OOTB features of Pega.

Features

• BPM Tool-Specific Testing Methodologies
• On-demand, certified BPM testing consultants
• Functional testing of the application
• Checks the Guardrails for conformance
• Checks PAL for performance
• Checks Security Analyzer for vulnerabilities
• Checks Clipboard for memory footprint
• Well accustomed to Agile and DevOps environments

Benefits

• Lower application Total Cost of Ownership
• Use of industry best practices and accelerators
• Better leverage of automation to accelerate testing
• Overcome Skill Barrier for Automation – Selenium Skills not required
• Easily incorporate new test scenarios by data driven configuration
• New Selenium features can be easily adapted by the framework

£40,000.00 to £250,000.00 a licence

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids.eu@coforge.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

495802939601838

Contact

Ali Rahman
07801573323
bids.eu@coforge.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Hybrid cloud
• Service constraints: No
• System requirements:
  • Pega or Appian BPM Platform
  • Java
  • Selenium
  • Python
  • Microsoft Office

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: This is subject to the individual contractual agreements for each engagement.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: We provide application support at three levels: Level1 support : Level 1 support provides resolution to minor issues within an application Level2 support: Level 2 support will provide a secondary resolution function and management of solution configuration Level3 support: The Level 3 support will provide advanced technology diagnosis and resolution. The cost of each level of support is subject to different parameters per contract; e.g. the size of application, the hours of support required etc.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide training both onsite as well as remotely through channels such as video conferencing. The duration and medium of training is mutually agreed upon. We also provide user manual as part of our service which details the usage of delivered application for different categories of application users.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The application provides out of the box data export functionality using which users can filter and export their data in CSV/Excel file formats from the application. Incessant also provides bulk data extraction service in case required to provide full extract of live as well as historical data from the application into staging database tables or CSV/Excel file formats. This data can then be imported into any other application later on.
• End-of-contract process: The original contract by default does not include decommissioning of the application. Since the amount of data to be extracted would keep on increasing with time, an assessment is performed to identify the effort required for data extraction and decommissioning once the decision is made to discontinue the usage of the application. Accordingly the cost of extraction and decommissioning is determined.

Using the service

• Web browser interface: No
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The UI is dynamic and responsive and hence all features available on desktop are also available through mobile. Mobility feature has PWA and native application options. Solution works in both online and offline modes.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: Yes
• Description of customisation: ITest is built using modular approach, additional capabilities and customizations can be easily incorporated in iTest. Knowledge of Java, Selenium etc., is required for customizing iTest.

Scaling

• Independence of resources: We use standard global cloud services hosting platforms to host our applications which take care of independence of resources in case of concurrent access by multiple users.

Analytics

• Service usage metrics: Yes
• Metrics types: The application provides out of the box metrics and dashboard such as SLA Adherence, Pending Case Status, User Performance etc. Besides, users can also configure their own reports in the application as the application provides a simple drag and drop interface for creating reports.
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: The application provides out of the box data export functionality using which users can filter and export their data in CSV/Excel file formats from the application. Export of data can also happen through APIs.
• Data export formats:
  • CSV
  • Other
• Other data export formats: Excel
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Monthly uptime percentage of 99.95% is the typical SLA adhered to in our service provisions. In the event of Monthly uptime percentage not meeting the SLA during subscription month, a service credit model can be defined.
• Approach to resilience: This information will be available on request.
• Outage reporting: The outages are reported through dashboards and email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: The access restriction in management portals/interfaces and support channels through Access Groups. Each user is associated to one or more access groups. The access group associated with a user helps in defining the accessibility of the user to different portals within the application. It also determines which roles (such as Management role, Support role) the user can take within the application.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSCIC
• ISO/IEC 27001 accreditation date: 20 May 2021
• What the ISO/IEC 27001 doesn’t cover: This will be available on request.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We are certified ISO27001 . We follow the processes as per these standards.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: This information will be available on request.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: We have a documented vulnerability management process. This process is reviewed by an independent third party at least once in a year. The process is aligned as per the requirement of ISO2001. Detailed process document will be available on request.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: We have a documented protective monitoring process. This process is reviewed by an independent third party at least once in a year. The process is aligned as per the requirement of ISO2001 . Detailed process document will be available on request.
• Incident management type: Undisclosed
• Incident management approach: We have a documented protective monitoring process. This process is reviewed by an independent third party at least once in a year. The process is aligned as per the requirement of ISO2001. Detailed process document will be available on request.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  Our UK strategy has been informed by clients and our global environmental strategy. This is aligned with Government’s 25-year environmental plan, Fighting Climate Change theme from PPN 06/20, and with HMRC’s Greening Government Commitments delivered through carbon zero target, reduction of CO2 emissions and items entering landfill, promoting resource efficiency and green energy.; ; Our Organizational Targets ; 1.Be Carbon Net Zero by 2038 (reducing emissions 20% p.a.) within UK from a baseline of 185.7 tCO2e ; 2.Achieve quality standard, Green Mark’s EMS index (Sept 2026), and reach ISO 14001 (Sept 2026), reducing energy, water and material resource usage ; 3.Reduce carbon footprint by eliminating domestic air travel and promoting hybrid working. ; 4.Prioritise Cloud hosting over datacentre services lowering CO2 emissions.

Pricing

• Price: £40,000.00 to £250,000.00 a licence
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids.eu@coforge.com. Tell them what format you need. It will help if you say what assistive technology you use.