Tisski Limited

Deliver: Dynamics 365 Extension for Project, Programme and Portfolio Management

Built on Microsoft Dynamics 365 technology, Deliver presents project management information in a single location, easing management and enhancing visibility and reporting of projects individually, within programmes and across portfolios. Deliver creates efficiencies for all levels of staff and management, allowing focus on the delivery of projects and programmes.

Features

• Guided process flows to manage artefacts related to project management
• Full RAIDO management; ability to convert between separate RAIDO components
• Business case management: options, constraints, alignment to policies and procedures
• Activity tracking, including actions and decisions related to appropriate components
• Stakeholder management including RASCI allocation
• Status management and automated status report collation
• Change management to handle change requests through to implementation
• Project baselining to understand changes over time
• Financial tracking of budgets, forecasts and actuals
• Power BI report suite for complete visibility at all levels

Benefits

• User-friendly interface for managing projects
• Modern, consistent and extensible platform, free of legacy technology restrictions
• Automate and run your project management functions from the cloud
• Implementation of standard processes with progress visibility
• Removal of silos of related project management data, e.g., spreadsheets
• A single version of the truth
• Enhanced decision-making based on real-time data
• Benefits tracking aligned to organisational strategic objectives
• Works with Microsoft Project for the Web/Dynamics 365 Project Operations

£37,000 to £44,000 an instance

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at dan.coupland@tisski.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

543647581044103

Contact

Dan Coupland
07535900510
dan.coupland@tisski.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No
• System requirements:
  • Microsoft Edge, Mozilla Firefox, Google Chrome or Apple Safari
  • Office Integration requires Office 365, 2016, 2013 & 2010

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Typically, operating Monday – Friday (excluding UK public holidays), with the option of weekend support, Tisski Service Desk offers customers two options for support availability and response times. Bespoke packages available upon request ; ; Option 1 (08:30 – 17:30) ; ; P1: 1-hour response (4-hour resolution). P2: 4-hour response (8-hour resolution). P3: 8-hour response (24-hour resolution). P4: 24-hour response (40-hour resolution) ; ; Option 2 (09:00 – 17:00) ; ; P1: 2-hour response (8-hour resolution). P2: 8-hour response (16-hour resolution). P3: 24-hour response (40-hour resolution). P4: 40-hour response (80-hour resolution)
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Typically, operating Monday – Friday (excluding UK public holidays), with the option of weekend support, Tisski Service Desk offers customers two options for support availability and response times. Bespoke packages available upon request ; ; Option 1 (08:30 – 17:30) ; P1: 1-hour response (4-hour resolution). P2: 4-hour response (8-hour resolution). P3: 8-hour response (24-hour resolution). P4: 24-hour response (40-hour resolution) ; ; Option 2 (09:00 – 17:00) ; P1: 2-hour response (8-hour resolution). P2: 8-hour response (16-hour resolution). P3: 24-hour response (40-hour resolution). P4: 40-hour response (80-hour resolution)
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We tailor on-boarding services based on client requirements, but these are typically aligned to ITIL v4 transition guidelines. This can be either tailored or provided using our standard, predefined service.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: We agree exit terms and processes at the time of contracting. The exact format turnaround and processes related to data extraction is determined at this point.
• End-of-contract process: End of contract scenarios are agreed in advance and either tailored to client requirements or we can provide a standard, predefined solution, based on ITIL v4 processes and guidelines.; ; Additional costs are determined on a case by case basis, dependent on size and complexities of activities.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: There is parity of functionality and service between mobile and desktop, each tailored to the form factor in order to provide a responsive user interface.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AAA
• Description of service interface: Microsoft Unified Interface
• Accessibility standards: WCAG 2.1 AAA
• Accessibility testing: Jaws screen-reader is supported under the latest Unified Client.; ; Visit https://docs.microsoft.com/en-us/dynamics365/customerengagement/on-premises/basics/accessibility-people-with-disabilities for accessibility information.
• API: Yes
• What users can and can't do using the API: There are many extensibility points within our services allowing customisations including user interface, data storage, reporting, work flow, authentication authorisation, line of business integration, customise portals and integration with custom mobile applications.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: There are many extensibility points within our services allowing customisations including user interface, data storage, reporting, work flow, authentication authorisation, line of business integration, customise portals and integration with custom mobile applications.

Scaling

• Independence of resources: We leverage Microsoft Online Services which in turn utilises various Cloud Scale techniques and technologies, to ensure multi-tenant services are not affected in terms of peak usage. More information on request.

Analytics

• Service usage metrics: Yes
• Metrics types: Many metrics are available including user logins, transactions, storage etc. Reported metrics are agreed on a contract by contract basis.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can extract data using various techniques including integration with Office clients and various integration technologies.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • Excel
  • ODBC
  • ODATA
  • Original Document Format as uploaded
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Excel
  • SQL
  • Access
  • ODATA

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Monthly Service Level; 1. The Service Level is 99.9%.; 2. The Monthly Uptime Percentage is calculated for a given calendar month using the following formula:; ; Monthly Uptime Percentage = ; Total number of minutes; in a given calendar month minus Total number of minutes of Downtime in a given calendar month ; ; More information available on request.
• Approach to resilience: Datacenters implement numerous techniques and technologies to achieve resilience including significant power, hardware, data and network redundancy. Detailed information is available upon request.
• Outage reporting: Outages can be communicated by multiple methods including Dashboards, accessible via APIs, email alerts and via phone.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Our solutions implement role based access control, determined by the customer on a case by case basis.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: NQA
• ISO/IEC 27001 accreditation date: 30/10/2020
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 19/06/2020
• CSA STAR certification level: Level 2: CSA STAR Attestation
• What the CSA STAR doesn’t cover: N/a
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: ISO/IEC 27018:2014 Management system for the protection of PII

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We have an ISO27001-certified information security management system, which is subject to internal and external audit. We are also certified to Cyber Essentials and Cyber Essentials Plus standards.; ; Our information security management system and certification is available on request. We have rigorous induction and training methods which ensure policies are followed. Reporting Structure is also available on request.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We strictly align our configuration and change management processes, including component life cycle tracking and security impact assessments, according to the ITIL v4 Framework Guidelines.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Potential threats are monitored through multiple sources, including external repositories and vendor feeds proactively according to internally defined processes. Assessment of patches, hot fixes updates and associated deployment guidelines are dictated by severity, client requirements and/ or vendor recommendations.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We use various tools, technologies and techniques in order to identify potential compromises and respond on a case by case basis, based on the nature, complexity and severity. We offer various levels of response times, depending on Service Level Agreements. Further information is available upon request.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Our ISO27001 information security management system has an incident management procedure in the event of any information security incident. Incident reporting frequency and format is agreed with the customer on a case by case basis. Users can report incidents via multiple channels including telephone, dashboards and email. We have predefined processes for common events and leverage the guidelines defined by the ITIL v4 Framework.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Tisski has an Environmental Policy which outlines our commitment to reducing our environmental impact and to continually improving our environmental performance as an integral part of our business strategy and operating methods. Our Net Zero Plan (which outlines our baseline data, targets, the measures we have in place and how we plan to reach net zero by 2030) and our PPN 06/21 Carbon Reduction Plan (in line with UK government requirements for the procurement of major government contracts) are both published on our website at Corporate Social Responsibility and we plan to update our progress annually. Our Environmental Policy outlines the measures Tisski has in place to fight climate change and our plans to reduce emissions from energy, transport and procured goods and services. ; In particular:; • Reducing emissions from business travel: Tisski’s workforce can operate fully effectively remotely. We make full use of travel alternatives, including video conferencing and collaborative tools such as Microsoft Teams and Azure DevOps. We actively promote the use of travel alternatives to colleagues, customers and other stakeholders to minimise the need to travel to carry out work on behalf of Tisski. Travel is limited to essential meetings; colleagues will only attend customer premises to carry out work if specifically requested by the customer; • Tisski's office and company cars are all electric; Tisski is piloting an electric vehicle salary sacrifice hire scheme for employees to support them in shifting from fuel engines to electric vehicles; • Tisski's main supplier is Microsoft who have set a target to be 'carbon negative' by 2030; • We purchased 220 tCO2e carbon offset credits in the Darfur Efficient Cook-Stoves Project, Sudan. This covers our emissions (including those scope 3 emissions generated by staff travel and home workers) for 2021 which means Tisski is now a carbon neutral company.
• Covid-19 recovery:

  Covid-19 recovery

  Tisski’s senior managers moved quickly as the Covid-19 pandemic took hold in March 2020 to protect our employees and customers. Our Covid-19 Policy states that our business model is based on a 100% mobile enabled workforce that utilises centralised cloud technologies for all our operations, therefore our workforce can operate fully effectively remotely. We make full use of travel alternatives, including video conferencing and collaborative tools such as Microsoft Teams and Azure DevOps. All our employees are on ‘working from home’ contracts and we actively promote the use of travel alternatives to colleagues, customers and other stakeholders to minimise the need to travel to carry out work on behalf of Tisski. Travel is limited to essential meetings; colleagues will only attend customer premises to carry out work if specifically requested by the customer.; ; We have a Covid-19 Risk Assessment in place for our office and have developed our own booking system which ensures that numbers in attendance are capped so that social distancing between desks can be maintained.
• Equal opportunity:

  Equal opportunity

  Tisski is committed to equality, diversity and a culture of inclusion within all areas of its operations and are members of ENEI (Employers Network for Equality and Inclusion). We are committed to promoting equality of opportunity within our business and with customers and other organisations that we work with. We recognise that the strength of the business is built on the understanding of our individual strengths and differences, and we seek to respect these. ; ; We recognise that certain groups and individuals in society are disadvantaged because of discrimination experienced. We seek to ensure that our organisation respects and includes everyone, and that no customer or prospective customer, supplier or prospective supplier, employee, temporary worker or job applicant receives less favourable treatment on the basis of: ; • age ; • disability and/or medical conditions ; • marital status ; • race, language, ethnic or national origins ; • religious belief ; • responsibilities for care of dependants ; • sex (including gender reassignment) ; • sexual orientation ; • trade Union membership and/or political views or affiliations; ; Tisski request and process personal data from staff for Diversity and Inclusion monitoring purposes. The data collected is used to help our leaders at all levels identify where there may be equality issues within the organisation, who they affect and to help us take action to improve staff experiences and well-being. Any data supplied regarding age, disability status, ethnic origin, gender reassignment, marital or civil partnership status, religion or belief, sex, sexual orientation and carer responsibilities is done so voluntarily, and employees have the option to choose ‘prefer not to say’. Only a small number of HR staff at Tisski have access to individual-level data collected from equality monitoring. ; ; All staff attend mandatory diversity and inclusion training.; ; Tisski also has an anti-slavery policy, an anti-harassment and bullying policy and a whistleblowing policy.
• Wellbeing:

  Wellbeing

  Tisski is committed to providing a healthy working environment and improving the quality of working lives for all staff. ; ; Tisski has a Health and Wellbeing Strategy designed to improve the health, safety and wellbeing of all Tisski staff and to prevent work associated ill health, for the overall benefit of staff and the organisation. This encompasses the physical, mental and social health of employees and recognises that employees’ personal development and work for Tisski contribute to their overall wellbeing at work.; The time individuals spend at work emphasises the importance of promoting health and wellbeing in the workplace. Investing in staff wellbeing can have positive outcomes both for staff and for Tisski. ; Tisski has 4 Health and Wellbeing Champions who work as a team to share useful information and signposting to services and organise targeted health campaigns such as step challenges, healthy eating, mindfulness and meditation, good MSK health etc.; ; Tisski has a workplace culture that prioritises and values mental health. All our line managers are trained in adult mental health, and we also have a team of 8 volunteers who have qualified as Mental Health First Aiders.; ; Tisski are part of the Thrive at Work wellbeing scheme which focuses on key organisational enablers such as health and safety, manager training etc. in addition to health areas such as mental, musculoskeletal and physical health and promoting healthy lifestyles. Tisski has achieved our Foundation level and are working towards Bronze.; ; Tisski has a Health & Safety Policy, all staff undertake mandatory training and complete a home worker risk assessment and stress questionnaire.

Pricing

• Price: £37,000 to £44,000 an instance
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at dan.coupland@tisski.com. Tell them what format you need. It will help if you say what assistive technology you use.