Softcat Limited

Automation Anywhere - FortressIQ

Automation 360 product is used for Robotic Process Automation (RPA). Automation 360 is a single, integrated platform that transcends front office and back office technology siloes to automate business processes across all systems and applications, including both SaaS and legacy apps.

Features

• Easy decisions based on current status and future possibilities.

Benefits

• The only truly cloud native web-based solution

£6,744.00 a unit

• Free trial available

Service documents

• Pricing document

  ODT

• Service definition document

  ODT

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at psitq@softcat.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

546160619665427

Contact

Charles Harrison
01628 403403
psitq@softcat.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Can be an extension to Windows or web-based application. Platform's purpose is to automate complex business processes that are conducted within one or many of these systems. Certain applications, such as Microsoft Excel, Salesforce, ServiceNow and Workday, we have specific integrations that make Automation 360 an extension of those platforms.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Whilst the Automation 360 Control Room can be accessed from any device supporting a modern web browser, bots can only be run on a Windows (7, 8, 10,11 and Server) machine, therefore the platform can only automate applications that are supported by that operating system. Details of this can be found below:; https://docs.automationanywhere.com/bundle/enterprise-v2019/page/enterprise-cloud/topics/deployment-planning/on-prem-install/cloud-bot-agent-compatibility.html; ; The Automation 360 solution is available in 3 possible deployment models. Details about the models can be found below:; https://docs.automationanywhere.com/bundle/enterprise-v2019/page/enterprise-cloud/topics/migration/choose-deployment-model.html; ; However, migrating from on-prem to cloud or vice-versa is not available currently. This means that the initial deployment model cannot be changed.
• System requirements: Control Room (if deployed on-premise) (N/A if AA Cloud)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: The SLA for Average first response time of our Support is 95% of the tickets needs to be replied <=1 or 8 hr. and Average Total Resolution time target is, ticket should be resolved completely in <=96 hrs.; ; Complete Support SLA Details based on different models available here: https://www.automationanywhere.com/customer-support
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: The chat is available on our automationanywhere.com portal as soon as the person browses for less than a minute.
• Web chat accessibility testing: N/A
• Onsite support: Yes, at extra cost
• Support levels: SLA: Severity 1 Initial Response: 4 hours, 2 hours, 1 hour based on Support Model Selected; SLA: Severity 2 Initial Response: 8 business hours, 4 business hours, 2 business hours based on Support Model Selected; SLA: Severity 3 Initial Response: 16 business hours, 12 business hours, 8 business hours based on Support Model Selected; SLA: Severity 4 Initial Response: 16 business hours; ; Complete Support SLA Details based on different models available here: https://www.automationanywhere.com/customer-support
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Firstly, we provide a Free Trial or the Community Edition which is our free software solution to try our solution hands-on. Apart from that we have broad free e-learning modules as well as our very own YouTube channel (https://www.youtube.com/c/Automationanywhere) and resource page (https://www.automationanywhere.com/resources/asset-library). ; ; We have a complete onboarding service wherein right from product license to usage training and analysis or consultancy for RPA program is provided.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: All Data can be extracted in form of Bot Files and other Database Files. As such, Automation 360 only stores Audit Logs, User Role-Based Access Details, Training data for IQBot extraction method and Bot Insight analytics.; ; Customers can ask for Audit Log and Database files during offboarding process.
• End-of-contract process: Automation Anywhere will keep customer data, configs (bots), IQ Bot data, and most logs for 30 days after the customer’s subscription ends. Some logs may be kept for up to 180 days after the customer’s subscription ends. Full details of the Data Processing Addendum and data retention policy can be found here:; automationanywhere.com/support/DPA.pdf

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Yes (for the web-based Control Room); ; The Mobile App is a subset of Control Room features to expand the reach of RPA and accelerate the development of the digital-first enterprise.; ; The Automation Anywhere Mobile App allows users to start, stop, pause or resume bots, monitor the status of bots, and measures the ROI from their digital workforce in real-time.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Automation 360 has an API (Application Programming Interface) that allows users to deploy bots, manage files, administrate users and more. This is accessible through the REST protocol and allows full programatic access of the platform.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We have undergone the "Voluntary Product Accessibility Template" Test for our product/service conforms with Section 508 of the Rehabilitation Act of 1973
• API: Yes
• What users can and can't do using the API: The Automation Anywhere Control Room provides various APIs that allow you to customize the way that you (and your bots) interact with Automation Anywhere. Users can perform tasks such as manage bot deployments, create and manage credentials in the Credential Vault, create and manage user accounts and roles, and create and manage queues.; ; More detailed information: https://docs.automationanywhere.com/bundle/enterprise-v2019/page/enterprise-cloud/topics/control-room/control-room-api/cloud-control-room-apis.html
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: No

Scaling

• Independence of resources: We have a performance check in place as well as we guarantee 99.9% uptime with extremely low 0.001 milisec latency. Our Cloud Ops team constantly monitors and manages the resources. Each User has its own individual Tenant ID and each tenant's performance will not be affected by another.

Analytics

• Service usage metrics: Yes
• Metrics types: We don't provide service usage matrix as our pricing is not dependent on the hours use. Certain reports can be asked or are shared proactively by CSMs.; ; We have certain metrics around licensing and associated usage that can be shared by the assigned Customer Success Manager,
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller (no extras)
• Organisation whose services are being resold: Automation Anywhere

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: BotFiles, Audit Logs, BotInsights everything can be exported as XML, CSV or PDFs.
• Data export formats:
  • CSV
  • Other
• Other data export formats: XML, PDFs for Reports.
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats: Word File, Database Files, HTML, PDFs, Images etc.

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.90%
• Approach to resilience: All our Services have High-availability and Disaster recovery. Automation Anywhere maintains emergency and contingency plans and has ISO; 22301 BCMS certification.; High Availability: Each regional data center presence Is designed with application-level high availability and highly available public cloud services across the region. Automation 360 Cloud follows industry standards best practices with a cloud uptime SLA of 99.9%.; Disaster Recovery: Backups are taken and maintained in an encrypted format to restore the service in the case of a disaster. Backups are taken every 6 hours to another region. If a disaster is declared for the primary region, a secondary; region is instantiated for all tenants using the backup taken every 6 hours. The current objectives for this recovery are:; • RTO (Recovery Time Objective): Time to get a new region up and running with the last backup; data restored = 6 hours.; • RPO (Recovery Point Objective): The maximum duration for data loss during a restore = 6 hours.
• Outage reporting: We have a status page where all service statuses are updated in Realtime.; ; Status Page: https://status.automationanywhere.digital/

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Access is deny-all and allow by exception based on roles, domains as defined in Role-based Access Control (RBAC). These roles can also be limited to specific groups. ; e.g. Only those users who have access to User Management will be able to manage users in system. Authorized users can assign various combinations of these access rights to different sets of users and roles, as the business requires.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus ISOQAR
• ISO/IEC 27001 accreditation date: 25 September 2019
• What the ISO/IEC 27001 doesn’t cover: Scope of Registration: The Information Security Management System at Automation Anywhere encompasses all information assets and processes utilized for deployment, maintenance and management of cloud infrastructure required to support the product stack for the customers and provision of IT infrastructure ; management services provided by Information Technology, Information Technology Cloud Solutions and Cloud Operations team.
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 03/25/2022
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: https://cloudsecurityalliance.org/star/registry/automation-anywhere/services/automation-360/
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: https://www.automationanywhere.com/compliance-portal

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Automation Anywhere Inc.'s Global Information Security Policy (GISP) and procedures identifies responsibilities and establishes the goals for consistent and appropriate protection of the organization’s Information Assets. Implementing this policy reduces the risk of accidental or intentional disclosure, modification, destruction, delay, or misuse of Information Assets. This policy enables the Information Security (IS) Office to provide direction for implementing, maintaining and improving the security of Information Assets. ; ; Please see the security overview document as attachment.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All teams at Automation Anywhere follow Agile methodology for delivery and can respond swiftly and effectively to any change that the business demands. A change request works its way from various sources (customers, stakeholders, product vision etc.) to the product backlog as user stories from where the team can pick them up as a part of iterations. Hence, Agile allows changes to happen on a regular basis– not as any special change event. The regular show and tell of the ongoing work keeps the stakeholders well informed and helps to make any course correction as & when required.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Cloud infrastructure is configured based on industry and vendor-specific security best practices to ensure that misconfigured resources do not result in data exposure. All cloud infrastructure is continuously monitored to meet these best practices and any deviation is remediated based on risk to customer data assets. In addition to security configuration, all cloud resources including virtual machines, 3rd party software components, and applications are regularly scanned for security vulnerability and then prioritized and remediated in accordance with defined SLAs. Network access to infrastructure and cloud application is limited to approved TCP/IP ports and VPN connected devices.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Visibility into activity in cloud environments is critical for monitoring and identifying security events and incidents. All resources in Automation Anywhere cloud are configured to log security events and send them to a centralized SIEM solution. SIEM is used to build a usage baseline of cloud activity to detect deviation, monitor changes to security posture, and correlate threat data which is then investigated by the security team.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: "Security Incident Management policy and process shall apply to all incidents resulting from violation of Information Security policies or processes / standards. ; These include but are not limited to: ; • attempts (either failed or successful) to gain unauthorized access to a system or its data ; • unwanted disruption or denial of service ; • the unauthorized use of a system for the processing or storage of data ; • changes to system hardware, firmware, or software characteristics without the owner's knowledge, instruction, or consent

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Please contact
• Covid-19 recovery:

  Covid-19 recovery

  Please contact
• Tackling economic inequality:

  Tackling economic inequality

  Please contact
• Equal opportunity:

  Equal opportunity

  Please contact
• Wellbeing:

  Wellbeing

  Please contact

Pricing

• Price: £6,744.00 a unit
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: There is no limited features in free version. We provide the complete Automation 360 solution with its full features.; • Automation 360 has you covered:; • End-to-end automation with a cloud-native platform; • Automatic process discovery; • Real-time RPA analytics; • AI-powered document extraction
• Link to free trial: Free Trial: https://www.automationanywhere.com/start-free-trial

Service documents

• Pricing document

  ODT

• Service definition document

  ODT

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at psitq@softcat.com. Tell them what format you need. It will help if you say what assistive technology you use.