Mosaic Island

Sparx Enterprise Architect and Prolaborate SaaS

Sparx EA combined with Prolaborate is the most popular EA modelling toolset in the world. We offer secure cloud-hosted Sparx EA and Prolaborate based SaaS solutions that cover a wide range of requirements and budgets. Our range of subscription based solutions are suitable for organisations of all sizes and complexity.

Features

• Cloud hosted, browser based access to Sparx EA client
• Cloud hosted Sparx repository (private or public)
• Prolaborate included
• Integrations - Jira, Confluence, Sharepoint (using Pro Cloud Server)
• Technical Support integrated with client 1st line support if required
• User Management (onboarding and offboarding)
• Backup/recovery services and platform operations
• Additional companion apps on request (e.g. EADocX, Model Xpert)
• Managed upgrades to new SW versions
• Solutions for small to large teams, choice of cloud provider

Benefits

• Complete Sparx toolset offered as a single SaaS
• Browser based access to full Sparx EA suite
• Powered by AWS/Azure with a choice of Cloud location
• Fully hosted solution, fully supported by Mosaic Island
• Fully tested and managed SW upgrades - client driven
• Fully managed service - reviews, governance, documentation
• Choice of Sparx EA editions and Repository technologies
• Integration with external data sources/repositories (optional)
• Migration services (from on-premise deployment) (optional)
• Fully secure - integrated with client SSO (optional)

£110 to £275 a user a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tony.silcock@mosaicisland.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

573917033985080

Contact

Tony Silcock - Head of Operations
07595594926
tony.silcock@mosaicisland.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: We offer a choice of SLAs with different levels of Service Availability, RPO, Response and Fix times depending on your budget and needs.
• System requirements:
  • Internet connection required
  • Access via HTML-5 enabled web browsers

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We have a choice of service levels available. The specific arrangement suitable for your needs/budget will be discussed as part of the initial requirements discussion.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We offer a choice of SLAs with different levels of Service Availability, RPO, Response and Fix times. Service credit models are also supported. ; ; We provide clients with a single point of contact for all service related matters. Governance for small solutions is lightweight. For larger solutions, we provide formal service governance (reporting, meetings with Vendor Management etc).
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide access to a technical user guide as part of the deployment - this shows users how to access the toolset. We also provide instructions for adding and removing users and for setting up their access rights. ; ; We also offer additional (separate) support services covering specific training and user guides for the tools. E.g for Enterprise Architects, Solution Architects, Business Process Modellers etc. Optionally we can also integrate onboarding/offboarding with your service desk.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
  • Other
• Other documentation formats:
  • MS Powerpoint
  • MS Word
  • Confluence Wiki
  • Sharepoint
• End-of-contract data extraction: We will provide the client with a full export of their repository. This will be in a format that can be readily imported into a separate deployment of Sparx EA. We can also provide an HTML based read-only version of content.; We can provide additional extracts of content in document form or as data extracts (via the Sparx API) on request.
• End-of-contract process: Exit plan is maintained within contract / standard operations. Termination notice is issued. Transition plan is agreed to implement the exit plan. Artefacts and data are transferred or destroyed as required:; ; Offboarding of all users is included.; Provision of export of repository is included.; Provision of read-only HTML version of repository is included.; Provision of additional exports at extra cost.; Migration services to load repository into a different tool at extra cost.; Other services available at extra cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: Buyers can specify a range of platform characteristics. For example: Security (e.g. VPN, SSO etc), cloud hosting arrangements (public, private, AWS, Azure etc). Editions of Sparx EA (Ultimate, Unified etc) Size of Prolaborate user base, number of repositories, URL, and so on.; ; We are happy to work with clients to add support for additional integrations, companion applications, plug-ins and add-ons.; Sparx EA has an API. ; ; We are happy to work with clients who wish to develop integrations via the Sparx API.; ; Optionally we can also provide integrations between our platform and other tools (e.g. CMDB, ServiceNow, LeanIX, Planview etc). ; ; Users can configure the desktop environment from within Sparx.; Users can configure role based access to the capabilities of the toolset.

Scaling

• Independence of resources: We use AWS (Azure available) services to ensure complete segregation of each client's deployment so that it is not possible for one client to compete for the same resources as another.

Analytics

• Service usage metrics: Yes
• Metrics types: Included: Number of Users per month.; ; At extra cost - we can provide customer specific usage metrics aligned with the clients own KPIs.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Sparx Systems Pty Ltd, Sixth Force Solutions Pvt Ltd

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Sparx EA provides in-built data export capabilities which can be made available to specific users or user groups via role-based configuration of the user permissions.; ; Export capabilities include; XMI, CSV, .EAP, and various document formats.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Microsoft Word
  • RTF
  • XML
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XMI/XML
  • External integrations to data sources (CMDB, Catalogues etc)

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: This varies based upon the size of the installation (itself based on the number of content authors). We have a range of SLAs available commensurate with your needs.
• Approach to resilience: Available on request.
• Outage reporting: Email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: For deployment and support/operation : Resource-level access controlled by AWS IAM.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: EY CertifyPoint
• ISO/IEC 27001 accreditation date: Not available - refer to AWS
• What the ISO/IEC 27001 doesn’t cover: This is AWS certification. Details at: ; ; https://aws.amazon.com/compliance/iso-27001-faqs/
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: SOC2 standards being followed, awaiting certification

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO 27001 controls in line with Mosaic Island Statement of Applicability. This includes a customer security assessment completed for each engagement by the engagement lead and approved by the Head of Information Security.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Change management is limited to ensuring that the latest software versions of all components are installed. For the parts of the service provided by AWS/Azure, this is handled by AWS/Azure.; ; Any major changes to the components comprising the service are assessed on a case by case basis and are tested prior to deployment for their potential security impacts.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Use AWS Trusted Advisor to monitor for potential vulnerabilities.; ; Minimise the window of vulnerability by timely application of patches from Sparx and Prolaborate.; ; Additional intrusion detection is available at an additional cost.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Underpinned by AWS and uses AWS IAM Access Analyser and CloudWatch with additional log analysis at an application level within Sparx Pro-Cloud Server.
• Incident management type: Supplier-defined controls
• Incident management approach: Via email or integration with client's trouble ticketing. Trouble ticketing can be provided at additional cost if needed.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  In 2021 we made the commitment to become a carbon neutral business as we work towards the goal of becoming net zero by 2030. We initially approached Commercial Energy Consultancy Advantage Utilities to help assess our carbon impact and understand what we needed to do to reduce and offset our effect on the environment across our Scope 1 and Scope 2 emissions. (Direct and indirect emissions). Carbon neutrality has a minimum requirement of covering Scope 1 & 2 emissions with Scope 3 encouraged. Net Zero must cover Scope 1, 2 & 3 emissions. Scope 1 – Direct Emissions – Emissions from owned or controlled sources including fuel combustion on-site such as from boilers and transportation of employees for business related activities in owned vehicles or vehicles operated by third parties, such as aircraft, trains, buses, and passenger cars. Scope 2 – Indirect Emissions – Emissions from the generation of purchased electricity, steam, heating, and cooling consumed by the reporting company. We have already acted by moving to an entirely remote working business, with no office space contributing to any on-site emissions. Employees are still required to travel for business meetings across the UK, which has been an unavoidable contributor to our direct emissions and has required carbon offsetting to enable us to become carbon neutral. Our team mileage in 2021 equated to 17 tonnes of carbon, so we have chosen to support the United Nations Framework Convention on Climate Change on their energy efficiency project in Mexico, to purchase 17 tonnes of carbon credits to become carbon neutral for the year 2021. As we continue our carbon neutrality journey, we will introduce several initiatives, one of which includes a company electric car scheme. We will then continue to offset our direct and indirect emissions to help reach our 2030 goal.
• Tackling economic inequality:

  Tackling economic inequality

  We are 100% UK based including our supply chain and our initial priority is to provide localised based service personnel to deliver the required service. This ensures that our service personnel understand the localisation needs of our clients such as language and culture. By always making use of our network and seeking out opportunities for collaboration with local suppliers, we believe that this has a positive impact on the local economy, its surroundings, the environment and the wider community: - We recruit Locally. We are invested in the growth of local economies, hence we invest a lot of time into building a localised talent pools, which we always recruit from, this also has a positive impact on our carbon footprint, by decreasing the commute time to our client’s offices which in turn can reduce costs for our local customers, where we can we pass on any cost savings directly to our customers, building consumer confidence Charitable Giving. Each year we support a new local charity and participate in a number of fundraising activities throughout the course of the year to help support them.
• Equal opportunity:

  Equal opportunity

  We are committed to eliminating discrimination and encouraging diversity amongst our workforce. Our aim is that our workforce will be truly representative of all sections of society and each employee feels respected. We want to provide equality and fairness for all in our employment and not to discriminate on grounds of gender, marital status, race, ethnic origin, colour, nationality, national origin, disability, sexual orientation, religion or age. We oppose all forms of unlawful and unfair discrimination. All employees, whether part-time, full-time or temporary, will be treated fairly and with respect. Selection for employment, promotion, training or any other benefit will be on the basis of aptitude and ability. All employees will be helped and encouraged to develop their full potential and the talents and resources of the workforce will be fully utilised to maximise the efficiency of the organisation. Our commitment: To create an environment in which individual differences and the contributions of all our staff are recognised and valued Every employee is entitled to a working environment that promotes dignity and respect to all. No form of intimidation, bullying or harassment will be tolerated. Training, development and progression opportunities are available to all staff. Equality in the workplace is good management practice and makes sound business sense.
• Wellbeing:

  Wellbeing

  We conduct regular initiatives to aid our peoples physical and mental health, this became more apparent throughout the current COVID-19 pandemic where even the strongest of mind sets were tested. An example initiative is a team step challenge to encourage the importance of keeping active. We also run weekly coffee mornings to ensure we are communicating regularly with the team, as well as encouraging people to take regular breaks. We also promote regular initiatives for mental health awareness week. We have a Diversity/Inclusion committee where regular workshops are held to discuss regular topics. We assess any risk, provide resources, promote mental wellness strategies and evaluate the effectiveness of any relevant initiatives we are running. Our most recent workshop was a campaign for workplace culture change called ‘bringing your whole self to work’ which empowers employees to bring their whole self to work and support their own and others wellbeing. We have Cycle scheme and Gym membership initiatives to encourage further physical and mental health benefits. We provide proactive support including an Employee Assistance Programme which provides access to support services including qualified, confidential guidance and counselling to ensure our people have the support they need whenever it is needed. All of these initiatives are supported by our employed Mental Health First Aider. We drive, where appropriate, the same behaviours through our supply chain and we commit to developing an approach to mental health at work that protects and improves mental health for everyone including our suppliers, customers and wider communities. We regularly review the way we do business to ensure our everyday working culture is as mentally healthy as possible. We conduct regular staff surveys and other research to build data about staff health and we use these findings to plan and deliver action and inform workplace policies.

Pricing

• Price: £110 to £275 a user a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tony.silcock@mosaicisland.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.