Beyond Systems Limited

Cloud Forecasting and Budget Manager for Oracle EPM /PBCS

The Beyond “Cloud Forecasting and Budget Manager for Oracle EPM/PBCS” is a product that is used by large organisations to maintain, manage and control their financial forecasting and budgeting processes

Features

• Central Finance controlled workflow
• Commentary entry at multiple levels
• Budget Managers review and update generated forecasts
• Fully auditable – who has reviewed which forecasts and when
• Cloud or on-premise
• Historical forecasts for trend analysis
• Integrated with source ERP security requirements
• Integrated with Cloud EPM/PBCS
• Writes back to Cloud EPM/PBCS

Benefits

• Easy to use and requires little or zero training
• Integrates seamlessly with Oracle Financials Cloud and EPM/PBCS
• Empowers budget holders to take ownership and accountability
• Time taken to forecast is significantly reduced
• Dramatically improved financial accuracy
• Optimal collaboration between budget manager and finance
• Streamlined forecasting
• Allows information from multiple systems to be brought together
• Reduce the cost of deploying Oracle EPM to large organisations

£31 a user a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@wegobeyond.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

598045532236805

Contact

Mark Daynes
08450940998
gcloud@wegobeyond.co.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: This is an extension to Oracle ERP/EPM/PBCS
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: No
• System requirements: Web Browser Access

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: During working hours Mon-Fri 9.00 -17.00 - questions are acknowledged same day. Response times are rolled forward to the next working day if raised at weekends.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: For all applications Beyond will provide a basic level of software support during business hours (excluding public holidays and the period between Christmas Day and New Years’ Day), Monday to Friday, 9.00am – 5.00pm. ; The customer will be expected to provide 1st line support and a documented scenario will need to be produced and reported to Beyond for investigation. Should the customer spawn a fault investigation that is subsequently proven not be a software error, then Beyond reserve the right to charge for that time consumed to aid the customer investigation.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: At the start of the engagement there is a one off on-boarding/implementation process. A feasibility study will be carried out prior to the engagement to ensure the customer setup is compatible with our software and a custom on-boarding plan will be built. Training can be procured separately. User documentation is embedded within the application.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Once the contract ends, the service will be deleted along with the data. For applications that hold users data, an extraction process will be agreed with the user prior to the contract end date where a charge will be agreed.
• End-of-contract process: At the end of the contract the cloud service will be terminated which is included in the cost. Additional charges will be agreed for any data extraction required at the termination.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 AAA
• Description of service interface: Service interface is provided through Oracle Apex.
• Accessibility standards: WCAG 2.1 AAA
• Accessibility testing: Oracle regularly conducts testing to ensure that the user interfaces are perceivable, operable and understandable by people with range of abilities. Continually testing coding, visual operation, manual operations, too-assisted operations across people with and without disabilities.
• API: No
• Customisation available: Yes
• Description of customisation: Reports in the application can be customised by the users and shared with other users.

Scaling

• Independence of resources: We do not provide the hosting services. The hosting services are provided by Oracle and this is their guarantee with the user. Our service is not shared between other users.

Analytics

• Service usage metrics: Yes
• Metrics types: There is an auditing function which records which users have reviewed the forecasts.
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Other
• Other data at rest protection approach: Data at rest is held on an Oracle Hosting Service and this is protected by Oracle's own standards.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Beyond export the data to users on their request in a specified format, e.g through a flat file or comma separated format.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: The data protection between buyer and supplier is controlled by third party hosting providers but this is usually - TLS (version 1.2 or above)
• Data protection within supplier network: Other
• Other protection within supplier network: The data protection within the supplier network is the responsibility of the third party hosting providers but usually this is not encrypted.

Availability and resilience

• Guaranteed availability: In line with Oracle http://www.oracle.com/us/corporate/contracts/ocloud-hosting-delivery-policies-3089853.pdf
• Approach to resilience: In line with Oracle http://www.oracle.com/us/corporate/contracts/ocloud-hosting-delivery-policies-3089853.pdf
• Outage reporting: In line with Oracle ; http://www.oracle.com/us/corporate/contracts/ocloud-hosting-delivery-policies-3089853.pdf

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: Specified as per customer requirements
• Access restrictions in management interfaces and support channels: Access is restricted in management interfaces and support channels by roles within the application to ensure only those authorised can access the system
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Description of management access authentication: Specified as per customer requirements

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Our security governance aims to be compliant with ISO:27001:2013
• Information security policies and processes: Beyond have a written security policy available on request.; ; Security roles are assigned to specific individuals with their defined responsibilities, including access security as well as the network.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All change is governed by a Change Management Board. ; A configuration and change management log tracks all changes needed and the reason, plus the person responsible for making the change. All change must be approved by our Project Manager and this approval date is recorded in the configuration log. All technical changes are controlled by source control system so we are able track any change that has triggered an error.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Monitoring and assessment is a continual process and we deploy counter measures before potential threats arise.; ; We work closely with Oracle who advise of potential threats and patches as they are identified.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Monitoring and assessment is a continual process. We work closely with Oracle who advise on any potential threats when they arise.; ; All potential compromises are dealt with as urgent and requiring immediate assessment and resolution.
• Incident management type: Supplier-defined controls
• Incident management approach: At the start of the engagement the incident management process is agreed with the customer along with how they wish to report incident as well as how they wish reports to be issued to them.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Covid-19 recovery:

  Covid-19 recovery

  The service can be accessed remotely, supporting people working from home and reducing travel

Pricing

• Price: £31 a user a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@wegobeyond.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.