BIZZDESIGN UK LTD.

Bizzdesign Horizzon

Bizzdesign Horizzon is an Enterprise Architecture (EA) platform, recognised by major analyst firms. It helps organisations with investment prioritisation, transformation delivery and risk management; presenting multi-dimensional visualisations of the design and transition path to the targeted future. Success should not be a matter of hope. It should be by design.

Features

• Cloud based, collaborative, digital business design & transformation modelling solution.
• Business model canvas, PESTEL, SWOT, Porters Five Forces, Balanced Scorecard.
• Business & ICT Strategy development, alignment and publication.
• Capability based planning, scenario analysis, customer journey, business outcome journeys.
• Architecture with ArchiMate 3.2 and TOGAF ADM. Data with ERD
• Portfolio management and impacting; Investment planning and portfolio shaping.
• Process modelling (BPMN, DMN), Solution architecture (UML and C4).
• Governance, risk, security and compliance (GRC) modelling.
• Dashboards, powerful analytics, scenario analysis & what-if planning.
• Integration: Excel, SQL Databases, ServiceNow, JIRA, Confluence, SharePoint, Azure, API's.

Benefits

• Single platform permits greater stakeholder collaboration within and across disciplines.
• Communicates business vision and the transformation journeys across the enterprise.
• Increased transparency, enables evidence-based decision making through powerful analysis.
• Digitise baseline & target models, de-risk major transformation programme initiatives.
• Identify the impact of portfolio change on other portfolios.
• Standards based modelling, allowing easier start-up and no vendor lock-in.
• Unify design activities into common toolset to maximise reuse.
• Proven in complex environments including SIAM and multi-source delivery models.
• Prebuilt Integrations unlock information value through connection of data silos.
• Self-service analysis, feedback and workflow capabilities enable stakeholder collaboration.

£5 to £3,640 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at p.bouttell@bizzdesign.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

621609902603164

Contact

Paul Bouttell
07598 278279
p.bouttell@bizzdesign.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Planned maintenance windows, system requirements and other relevant information can be found on https://help.bizzdesign.com (https://help.bizzdesign.com/articles/knowledge-base/maintenance-windows-for-the-bizzdesign-cloud-solution for maintenance windows and https://help.bizzdesign.com/articles/knowledge-base/system-requirements-for-the-bizzdesign-horizzon-platform for system/network requirements)
• System requirements:
  • Modern browser for access
  • Internet accesss

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Priority 1: 1 hour ; Priority 2: 2 hours ; Priority 3: 1 business day; Priority 4: 2 business days
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: All subscriptions include 24x7 access to our support system, with 24x7 1-hour response time for highest severity level included, at no additional cost.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Getting started support includes free training (https://www.bizzdesign-academy.com/), extensive product documentation (https://help.bizzdesign.com), in-product guides, and ability to submit questions through our support system. ; ; More extensive online training, onsite training courses and public training courses are also available at additional cost. We also offer cloud support services to accelerate startup and time to value.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: User can export their data to certain file formats including Archimate Exchange Format, BPMN and CSV. There are also options to create reports from their models and to use our API to extract data. Users have up to 30 days after the contract end date to export their data as defined in the SLA.
• End-of-contract process: Users will need to export their data before the end of their contract period. At contract end, the service environment will be de-provisioned and customer data will be permanently removed. Any client data on backups will be removed within a specified period after contract termination.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Modelling component not available for mobile users.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Browser based access to the Bizzdesign Horizzon platform for Consume and Contribute users and system administration features. Design users access the modelling interface via AWS AppStream in the browser.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Access via the Horizzon portal and publication to HTML has been tested with screen reader technology such as JAWS and in browser extensions such as ChromeVox. Modeling features (delivered via AWS AppStream technology) are not excluded from accessibility testing/compliance.
• API: Yes
• What users can and can't do using the API: Bizzdesign Horizzon allows invited users to collaboratively model architectural structural objects, store these and publish them to selected user groups on the Horizzon platform. Instructions on how to use our open API can be found on the Bizzdesign support portal: ; ; General description: https://help.bizzdesign.com/articles/horizzon-help/bizzdesign-open-api; API specification: https://help.bizzdesign.com/articles/horizzon-help/open_api_specification
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Design users can customise metrics, attributes, profiles, menus and view templates (shapes, colour scheme’s, etc.) in accordance with the extensibility of each of the modelling frameworks included within the product (e.g. ArchiMate, BPMN, UML etc.)

Scaling

• Independence of resources: Automated scaling and predictive monitoring. For Enterprise Studio online, each user is fully isolated from others.

Analytics

• Service usage metrics: Yes
• Metrics types: System uptime/availability metrics via https://status.bizzdesign.io/, reports on ticket SLA/resolution times, hit counts for views in webportal, user statistics including last activity, service audit log including availability of that log via an API, etc.
• Reporting types:
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can perform full model exports using a variety of file formats. Exports of specific data sets are possible using export functions within the software. Data 'round-tripping' is also supported for offline editing and enrichment. An open API is available for data export/import too.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • ArchiMate model file exchange format
  • Xml
  • Html
  • Bpmn
  • Docx/pptx/xlsx
  • Sql
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Xml
  • Xlsx
  • Visio
  • ArchiMate model file exchange format
  • Bpmn
  • Sql

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: The application service availability target is set at 99.6% (or <3 hours of downtime per month). The ‘worst case’ Recovery Point Objective (RPO) is 24 hours based upon a backup strategy of once every 24 hours. The ‘worst case’ Recovery Time Objective (RTO) is 3 days. A premium SLA is offered with an availability target of 99.9%.
• Approach to resilience: Datacenters including datacenter availability is fully managed by AWS. A well-tested disaster recovery plan is in place which includes failover to a different AWS region in case of large-scale outages.
• Outage reporting: Internal monitoring and follow-up is in-place 24x7. A 24x7 hotline for reporting large-scale incidents is also available for customers. ; ; Announcements about outages are available at https://status.bizzdesign.io/ and customers can also subscribe to email notifications.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Multi-factor authentication is in place for all management access. Access is restricted to a limited number of employees. For more information, please refer to SOC2 report which is available upon request.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Brand Compliance B.V
• ISO/IEC 27001 accreditation date: 07/07/2021
• What the ISO/IEC 27001 doesn’t cover: The information security management system applies to all internal and external employees and includes product development, sales, marketing, service delivery, HR management, Business Operations (IT) and hosting of software solutions, on the following location(s): Location 1: Capitool 15, 7571 PL, Enschede, The Netherlands
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • SOC2 Type 2
  • CSA CAIQ Questionnaire is available upon request

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: SOC2 Type 2; Cyber Essentials and Cyber Essentials +.
• Information security policies and processes: The company has an Information Security Forum that has Board level contacts and representatives from all business areas, including Development, ICT Operations and Service Support. It also has regular contacts with various professional security bodies. The Forum meets regularly has an ISO 27001 compliant ISMS and SOC2 accreditation.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: A comprehensive software development lifecycle is available which includes change management, secure coding standards, change review etc. A full copy of the SDLC is available upon request.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We ensure that any published vulnerabilities are identified, assessed for applicability on our service and where necessary suitably mitigated. We identify vulnerabilities from the media, vendors and internal testing/scanning. Patches are generally deployed weekly, with faster deployment options during emergency maintenance available for critical vulnerabilities.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: The Protective Monitoring implemented for the service includes logging to a central SIEM system with automated alerting/correlation, host-based agents and network-level anomaly/intrusion detection. A formal Incident Response Plan is in place for responding to incidents; security incidents are treated as Priority 1 issues with a 1-hour response time (24x7)
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have an incident response plan (IRP) which can be followed when an incident is detected which covers various predefined events. IRP includes reporting of the incident to affected customers and both ongoing reporting during the incident and a final root cause analysis. User-reported incidents can be submitted through our online ticket system or a phone hotline, both available 24x7.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We will respond to any specific Buyer clarifications on Social Value as part of the G-Cloud buying process. The following statement reflects our overall position on this theme.; ; Bizzdesign is committed to minimizing our environmental impact and promoting sustainable ; practices. We strive to reduce our carbon emissions by switching from conventional to renewable energy sources and evaluating carbon offset strategies. We continually assess, monitor and report on our carbon footprint, sustainability and environmental impact, identifying areas for improvement and setting goals towards reducing our environmental/carbon footprint demonstrating our commitment to sustainability and our accountability. We assess our business operations and implement sustainability initiatives such as energy-efficient appliances, transportation alternatives, and waste diversion programs to reduce our environmental footprint. We strive to minimize waste, conserve resources, and promote sustainable practices in all our operations. We optimize resource use by reusing, reducing, and recycling. We evaluate investments for energy efficiency in order to proactively manage our overall energy consumption. We strive to adopt a paperless workflow, reducing our paper usage by digitizing as much as possible including electronic documentation, esignature and cloud-based storage solutions for information sharing. We encourage remote and home working options to employees and online meeting technology to reduce travel and associated environmental impact. Where business travel is necessary, our policies dictate the use of public transport by default and seek to use most appropriate resource for each customer to reduce distances travelled. We adopt recycling programs for office waste and reduce the use of single-use products in the office, encouraging the use of reusable options instead.. We use green cleaning products that are eco-friendly and free from harmful chemicals. We evaluate vendors for their commitment to sustainability, social responsibility and environmental practices and prioritize vendors who demonstrate commitment to best practice in line with our policies.

  Covid-19 recovery

  We will respond to any specific Buyer clarifications on Social Value as part of the G-Cloud buying process. The following statement reflects our overall position on this theme.; ; Our commitments to the other Social Value themes (Tackling economic inequality, Fighting climate change, Equal opportunity and Wellbeing) are equally applicable in the context of COVID-19 recovery. We refer the Buyer to our other responses accordingly.

  Tackling economic inequality

  We will respond to any specific Buyer clarifications on Social Value as part of the G-Cloud buying process. The following statement reflects our overall position on this theme.; ; We are committed to creating employment opportunities that are open to all, removing barriers from recruitment and increasing diversity within our workforce. We recognise cultural differences and believe diversity is a strength in our workforce. We promote a culture of respect, inclusion, and equality. Successful equality and inclusion initiatives demand a comprehensive strategy that involves every stakeholder. We are committed to providing equal opportunities to the disabled and other disadvantaged communities welcoming applicants from diverse walks of life as part of the recruitment process. All employees are trained and certified with relevant industry qualifications as part of our continual learning approach. We provide competitive compensation packages with fair remuneration, commensurate with the employee's qualifications and performance, and appropriate benefits. We support professional development and promote career progression, investing in training and mentoring to further enhance employee skills and career opportunities. We promote flexible working practices to ensure better work/life balance and flexibility. Regular forums ensure employees can engage with management about company culture, development opportunities, and growth paths. We create and evaluate company-wide diversity, equality, and inclusion. We celebrate the diversity and uniqueness of each employee. We offer accredited training courses as part of contract delivery, together with ongoing mentoring, to the Buyer to upskill their workforce and open career progression opportunities. Our delivery methods and software services are built around industry standards, reducing vendor lock-in and increasing supply chain capacity, resilience and overall competition. We ensure that all necessary cyber security accreditations are in place and we ensure our suppliers and partners maintain equivalent or better. We promote a culture of cyber security awareness, regularly briefing on responsibilities and obligations.

  Equal opportunity

  We will respond to any specific Buyer clarifications on Social Value as part of the G-Cloud buying process. The following statement reflects our overall position on this theme.; ; We recognise cultural differences and believe diversity is a strength in our workforce. We promote a culture of respect, inclusion, and equality. Successful inclusion initiatives demand a comprehensive strategy that involves every stakeholder. We are committed to creating employment opportunities that are open to all; removing barriers from recruitment and increasing diversity within our workforce. We recruit professionals and work closely with other SMEs across the UK. We provide competitive compensation packages with fair remuneration, commensurate with the employee's qualifications and performance, and appropriate benefits. We support professional development and promote career progression, investing in training and mentoring to further enhance employee skills and career opportunities. We promote flexible working practices and encourage our employees to adjust working hours to ensure better work/life balance and flexibility. We are committed to providing equal opportunities to the disabled and other disadvantaged communities. This includes across our workforce, partners, suppliers and customers. We will influence our network to promote equal opportunities and we will invest in training schemes that result in recognised qualifications. We develop regular forums where employees can engage with management about company culture, development opportunities, and growth paths. We create and evaluate company-wide diversity, equality, and inclusion. We evaluate initiatives that foster social equity. We celebrate diversity and the uniqueness of each employee. We encourage participation in community initiatives, voluntary activities and charitable causes that promote mental and physical wellbeing and support good causes.

  Wellbeing

  We will respond to any specific Buyer clarifications on Social Value as part of the G-Cloud buying process. The following statement reflects our overall position on this theme.; ; Bizzdesign fosters a safe, compassionate workplace environment. We promote a culture of respect, inclusion, and equality. Successful inclusion initiatives demand a comprehensive strategy that involves every stakeholder. We operate Human Resources policies that focus on employee welfare, including employee health and respect. These policies also include clear guidelines on how to prevent harassment, discrimination, and other unwanted behaviours in the workplace comprising Bizzdesign Code of Ethics and Business Conduct, Global Work From Home Policy, Bizzdesign Anti-Corruption and Anti-Bribery Policy, Disciplinary Policy and Procedures. We conduct regular surveys to understand employee needs and concerns, implement those suggestions where feasible. We provide competitive compensation packages with fair remuneration, commensurate with the employee's qualifications and performance, and appropriate benefits. We promote accountability for health and safety both in the workplace and through local benefits like that support employees. We promote flexible working practices and encourage our employees to adjust working hours to ensure better work/life balance. We cultivate a culture of open communication that encourages knowledge-sharing and mutual support. We develop regular forums where employees can engage with management about company culture, development opportunities, and growth paths. We create and evaluate company-wide diversity, equality, and inclusion. We evaluate initiatives that foster social equity. We celebrate diversity and the uniqueness of each employee. We encourage participation in community initiatives, voluntary activities and charitable causes that promote mental and physical wellbeing and support good causes.

Pricing

• Price: £5 to £3,640 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: A fully featured SaaS version of the Bizzdesign services is available for trial purposes (or proof of concept/pilot) on request.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at p.bouttell@bizzdesign.com. Tell them what format you need. It will help if you say what assistive technology you use.