Tribal Education Limited

Tribal Dynamics

Tribal Dynamics is a consultancy and development service which specialises in implementing Microsoft Dynamics 365, in the Education market. The Tribal solution builds on Dynamics to deliver SaaS solution in Student Recruitment and Marketing, Business Engagement and Student Support and Wellbeing.

Features

• Secure, scalable, flexible online provision
• Maximum system availability
• Transferable to private or hybrid cloud
• Free, trial deployment available
• Fully customisable
• Availability of Tribal Accelerators
• Full implementation service provided
• User operational support available
• Planned upgrade path to new versions

Benefits

• Eliminates in-house infrastructure deployment and maintenance cost
• 24x7 browser-independent internet access from range of devices
• Flexibility of deployment is maintained
• Ideal for initial functional assessment & familiarisation
• Can be modified to suit organisational processes & business requirements
• Delivers additional CRM functionality at minimal cost
• Implementation in-line with business process assures maximum user adoption
• Issue resolution service for operational problems
• System evolution assured with minimal cost & disruption

£25,000.00 an instance a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at technology.bids@tribalgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

601763708629142

Contact

Fleur Brennan
0330 016 4000
technology.bids@tribalgroup.com

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: The Tribal Dynamics CRM solution is based upon the core CRM components of Microsoft Dynamics 365 and customers would need to have contracted for these services separately in order to enjoy the benefits of the Tribal solution which is tailored for specific sectors and business application areas.
• Cloud deployment model: Public cloud
• Service constraints: Full details of the Microsoft Dynamics 365 service can be found here - https://www.microsoft.com/en-gb/download/details.aspx?id=30185 and https://docs.microsoft.com/en-gb/dynamics365/#pivot=main&panel=apps
• System requirements:
  • • Tribal Dynamics solution requires Microsoft Dynamics 365 licences
  • • Infrastructure - https://technet.microsoft.com/en-us/library/hh699710.aspx

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Tribal publishes a Support SLA in which it contracts to adhere to designated response times depending on the level of support contract taken out by the customer. Target response time can be as short as 15 minutes depending on the support contract taken out and the severity rating of the incident.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Tribal provides user operational support of the whole solution via its Annual Support Agreement. Once live processing is achieved, support is provided by Tribal's in-house helpdesk and development teams covering Microsoft Dynamics CRM, Tribal Accelerators and custom software developments which form part of the customer’s implementation. Tribal works to a Service Level Agreement which monitors the service against target response times to ensure all operational issues are resolved according to their level of severity. The lowest level support option is available Monday-Friday 9.00 – 17.00 and is accessible by online Portal, email and telephone. Higher level support options are available at premium cost. The Tribal support team will respond to service related incidents and/or requests submitted by the Customer within the following time frames: • P1 – System Down - Within 1 business hour • P2 – Critical - Within 2 business hours • P3 - Standard - Within 8 business hours • P4 – Cosmetic - Within 2 business days Remote dial-in assistance will be provided in-line with the above timescales dependent on the priority of the support request. Each Tribal CRM customer is allocated their own Account Manager as a liaison and escalation point.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Tribal has developed its own implementation methodology to ensure that the software is deployed in line with the business objectives and operating requirements of each specific customer. it is based upon PRINCE 2 and combines CRM-specifics with the skills and experience which Tribal implementation staff have gained from their focus on specific business sectors. Tribal provides a framework to successfully deliver prescribed software solutions within budget, timescale and customer satisfaction levels. Tribal’s consultants work with our customers to ensure that their processes and methodologies are understood. As an outcome, the solution is created using a blend of standard software, Tribal Accelerators and specific customisations. The structured approach ensures that at each phase of the project all parties are engaged and have visibility on how the detailed customer requirements will be met by the solution. Throughout the implementation a number of disciplines are involved to ensure that the project remains on track, within time and cost constraints and meets customer satisfaction. The range of services includes technical consultancy, business consultancy, application consultancy, staff training and project management. Tribal is able to deliver all of these from its own in-house resources.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats: MS Word
• End-of-contract data extraction: Even with the solution hosted on Microsoft Dynamics 365 running in the Microsoft Cloud all the data created remains the property of the customer. At any point user can export data from Microsoft Dynamics 365. This uses the Software Development Kit (SDK) to manually export data using the data export functionally.
• End-of-contract process: At the end of the contract, the customer would be responsible for extracting any required data as described in the previous response, although Tribal is able to provide services to assist customers with this. No more than 180 days after expiration or termination of Customer’s use of an Online Service, Microsoft will disable the account and delete Customer Data from the account. Transfer of Customer Data. Unless Customer has opted out of the Standard Contractual Clauses, all transfers of Customer Data out of the European Union, European Economic Area, and Switzerland shall be governed by the Standard Contractual Clauses. Microsoft will abide by the requirements of European Economic Area and Swiss data protection law regarding the collection, use, transfer, retention, and other processing of personal data from the European Economic Area and Switzerland.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Dynamics 365 allows access and functionality to be provided via a mobile device, web browser or mobile application. The solution supports a model that only requires configuration to be carried once regardless of how the solution is accessed. With Dynamics Unified Interface, someone that is using a core Dynamics App will have the same experience on a mobile device or on a web browser on the computer or directly inside Outlook client. The liquid layout scales to optimize the viewing experience, adjusting for various screen shapes and resolutions.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The Web API provides a development experience that can be used across a wide variety of programming languages, platforms, and devices. The Web API implements the OData (Open Data Protocol), version 4.0, an OASIS standard for building and consuming RESTful APIs over rich data sources.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Tribal has its own dedicated development department which is responsible for developing its one product-based code and custom-code for specific customer deployments. The operability of assisted technology available in the core Microsoft product is always tested along with custom code as part of our internal software testing protocol.
• API: Yes
• What users can and can't do using the API: Please see https://docs.microsoft.com/en-us/dynamics365/customer-engagement/web-api/about?view=dynamics-ce-odata-9
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Both core Microsoft Dynamics 365 CRM and Tribal Accelerators provide core functionality "out-of-the-box" and also provide enormous scope for customisation and additional development to modify and extend this standard functionality. Entities, attributes, forms, business processes, business rules, workflows, scripts, reports and dashboards can all be customised using both tools provided within the core Microsoft product and via bespoke software development within the terms of the Microsoft SDK.

Scaling

• Independence of resources: The service operates multiple scale groups in each data centre and automatically provisions new customers into a scale group. The architecture of scale groups is designed to meet the many needs of operating a service at scale, including security, scalability, performance, tenant isolation, serviceability, and monitoring. Each customer has their own individual database, separate from other customers’ databases. Data processing is logically segregated through capabilities specifically developed to help build, manage, and secure multitenant environments

Analytics

• Service usage metrics: Yes
• Metrics types: Organization Insights provides quick view of key Dynamics 365 metrics such as the number of active users and page requests. The Dynamics 365 Administration Portal provides an overview of each instances 'service health' including service degradation and storage capacity; Reporting types; • Real-time dashboards; • Regular reports; • Reports on request
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Other data at rest protection approach; The data within the Dynamics 365 system is encrypted using a PFX or BYOK encryption key. All instances of Dynamics 365 use Microsoft SQL Server Transparent Data Encryption (TDE) to perform real-time encryption of data when written to disk, also known as encryption at rest.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data is selected and segmented from within the CRM database by means of a wizard-led, query tool known as Advanced Find. This allows regular users to define an on-screen report known as a View consisting of a row for every record selected by the query and definable columns which represent the fields of data required from each record displayed. Numerous system views are provided with the core system and these form the basis of navigation and around the various system entities. In addition, users can define any number of specific Views to suit their purposes.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • MS Excel
  • Xml
  • Txt
  • Pdf
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Xml
  • Txt
  • MS Excel
  • Zip

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
  • Other
• Other protection between networks: Please see https://docs.microsoft.com/en-us/azure/security/azure-network-security
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Other protection within supplier network; https://docs.microsoft.com/en-us/azure/best-practices-network-security

Availability and resilience

• Guaranteed availability: http://www.microsoftvolumelicensing.com/Downloader.aspx?DocumentId=13655
• Approach to resilience: https://docs.microsoft.com/en-us/azure/architecture/resiliency/disaster-recovery-azure-applications
• Outage reporting: Via the service status portal, Email, Alerts or Mobile Application

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Other user authentication: Dynamics 365 uses Azure Active Directory for authentication. The customer can enable multi-factor authentication on their AAD tenant. For details on the Dynamics 365 security architecture: https://docs.microsoft.com/en-us/dynamics365/unified-operations/dev-itpro/sysadmin/security-architecture Dynamics 365 RBAC (Role based access controls) In role-based security, access is not granted to individual users, only to security roles. Users are assigned to roles. A user who is assigned to a security role has access to the set of privileges that is associated with that role. A user who is not assigned to any role has no privileges. For details on the Dynamics 365 RBAC: https://docs.microsoft.com/en-us/power-platform/admin/security-roles-privileges.
• Access restrictions in management interfaces and support channels: Role-based access control (RBAC) enables you to grant access based on the user’s assigned role, making it easy to give users only the amount of access they need to perform their job duties. You can customize RBAC per your organization’s business model and risk tolerance. https://docs.microsoft.com/en-us/dynamics365/unified-operations/dev-itpro/sysadmin/role-based-security https://docs.microsoft.com/en-us/dynamics365/customer-engagement/developer/security-dev/how-role-based-security-control-access-entities
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Lloyds Register LRQA
• ISO/IEC 27001 accreditation date: 02/05/2017
• What the ISO/IEC 27001 doesn’t cover: N/A - our ISO accreditation covers all of our business activities
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Tribal has been an ISO27001 certified organisation since 2009 and all of our development and delivery services will be delivered from locations which are specifically ISO27001 certified. The accreditation process included a review of Tribal’s Information Security Management System (ISMS) and our overall policy for handling data including how it is collected, held and maintained. We have local security forums for all of our offices, which feed into our central Information Security Governance forum which reports to the board. We have permanent Quality and Security Managers who form part of this board. As well as our regular certification revalidation process (carried out by external evaluators) we regularly test our systems and processes with a series of internal audits to ensure that policies and processes are being followed.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: For our software solutions, Tribal has a structured Change Control process for managing requests for change and enhancements. All Requests for Changes (RFCs) are raised via the Service Desk and go through internal vetting by the respective support team before gaining authorisation from Tribal. Regular Change Advisory Boards meet to review Emergency and non-standard changes. Details of all changes are provided to the Service Manager to review and will obtain final approval from the Contracting Body before proceeding. The Contracting Body will be involved in the change Process at each stage and included in any post implementation review as required.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: As part of our ISO27001 processes we have a risk/vulnerability assessment procedure which will be undertaken on any new customer site and service. Patches will be deployed depending on the severity of the problem and the level of testing required. Information about potential threats is found based upon initial and recurring risks assessments, internal procedures and known threats highlighted by both the industry and users.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our managed service includes the proactive monitoring of all services to identify potential compromises. Based upon the nature of the compromise we would then respond to the agreed SLA. The speed of the response will be determined by the severity of the incident.
• Incident management type: Supplier-defined controls
• Incident management approach: Our ISO27001 processes include a defined Incident Management process. All personnel are responsible for reporting incidents to the Information Governance Committee (IGC) or Security Forum representatives as quickly as possible. We have a formal Incident Report Form which staff use for recording the details of the incidents. Security weaknesses will be recorded on a spreadsheet for tracking purposes. Any person can identify weaknesses, which will be managed by the Quality team in conjunction with the Security Forums and IGC as appropriate.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Tribal has a corporate carbon reduction plan and is committed to achieving Net Zero emissions by 2050. Our full Action Plan is on our Website at www.tribalgroup.com. Energy Consumption Our electricity supplier, Opus Energy, are OFGEM-accredited providers of green electricity. Our carbon footprint is below the threshold required by the Carbon Reduction Commitment scheme. All equipment used in Tribal offices is Energy Star compliant; the printers / copiers / scanners will automatically shift into a low power sleep mode when not in use for a prolonged period, thereby consuming up to 50% less energy. Waste and Recycling • All redundant devices are disposed of in line with the Waste Electrical and Electronic Equipment (WEEE) directives. Our preferred supplier provides Tribal with the relevant documentation on disposal to support our environmental sustainability standards. • We recycle paper, cardboard, glass and plastic at all our offices. • Our waste supplier recycles 100% of the waste they collect, and their official statistics prove that they sent 0% to landfill. This supplier provides Tribal with annual environmental reports that shows a total recycling / recovery figure, up to date certificates and other related data. • We actively discourage our staff members from printing documents unnecessarily. • Printers are set to the duplex mode by default to minimise waste. • We recycle printer cartridges and use remanufactured ink cartridges where possible. Printing • We actively discourage our staff members from printing documents unnecessarily • Printers are set to the duplex mode by default to minimise waste • We recycle printer cartridges and use remanufactured ink cartridges where possible Furniture and Office Supplies • Where possible, redundant furniture is donated to charity or recycled • We review the products used and where we can switch to environmental alternatives. Recycled paper is already used in all offices

  Covid-19 recovery

  During the Covid 19 Pandemic, Tribal moved all of it's project delivery to remote working and we have continued this practice since the pandemic. This has had a positive impact in several ways including: - significantly reduced travel, reducing air pollution - reduced costs to customers due to no onsite consultant expenses - increased productivity due to no travel/commuting taking up time during the working day - improved wellbeing - happier workforce due to more flexible working - reduced office costs

  Equal opportunity

  Tribal is committed to embedding equality, diversity and inclusion in all employment policies, procedures and practices. Tribal’s Diversity and Inclusion Policy sets out our commitments to our employees, customers and supply chain, which include: • Ensuring that all individuals are treated with dignity and respect • Making opportunities available on a non-discriminatory basis • Providing a safe, supportive and welcoming environment for all • Encouraging a diverse workforce. To implement our policy effectively, we: • Train those who deliver continual personal development training (CPD) to our employees are trained in equal opportunities and diversity issues • Make training opportunities equally accessible to all • Monitor who takes part in training in terms of age, gender, ethnic origin and disability, and across departments to ensure staff are not excluded • Provide online training to all staff members that covers Diversity and Equality, finished with a post-course examination that must be passed • Are flexible to accommodate the diverse range of needs of our employees, such as: · flexible working patterns · religious requirements, including worship and diet · special arrangements, including wheelchair access and signing communication Please see ‘Tribal Group - Equality, Diversity and Inclusion Policy’ on our website

  Wellbeing

  We recognise that maintaining both physical and mental wellbeing is essential to effective work performance to enable us to achieve our strategic aims. We have a duty of care to our staff members, which extends to the active promotion of their health and wellbeing. We invest in services and support which are designed to encourage and promote wellbeing. We aim to ensure that all employees are able to work in a positive, safe and supportive working environment, by seeking at an organisational level to: • Promote a culture of consultation, participation and open communication throughout Tribal; • Provide a safe and healthy working environment and implement appropriate control measures to minimise risks to health and wellbeing; • Ensure that there are appropriately trained individuals available within the organisation to identify risk, implement controls and provide support (or refer to relevant services) at any times of crisis or accident • Encourage a workplace culture where mental health and physical health are regarded as equally important and can be openly discussed; • Promote equality of opportunity, and provide a workplace free from harassment and bullying, as set out in the globally applicable Dignity at Work policy; • Ensure that all employees are effectively onboarded, receive a local induction, ongoing training and development for their role; • Provide a framework encouraging frequent and high-quality discussion about performance and meaningful opportunity for employees to discuss wellbeing • Identify lifestyle and workplace factors that may negatively affect the health and wellbeing of our employees; • Offer proactive support to those with underlying medical conditions, including use of specialist services as appropriate to offer advice, guidance and solutions; • Engage with employees to support them in facilitating a healthy working environment with regards to both physical and mental health, and provide more targeted support where necessary

Pricing

• Price: £25,000.00 an instance a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Microsoft Dynamics 365 Customer Engagement (CRM) Online is available as a FREE 30 day trial for any potential customer. This is designed to familiarise the prospective user with the GENERIC capabilities of the core product and to allow familiarisation with the flexibility offered within core functionality. http://trials.dynamics.com/
• Link to free trial: http://trials.dynamics.com/

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at technology.bids@tribalgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.