CIH Solutions Ltd

CIHS Kelverion Automation as a Service

Kelverion Runbook Studio offers an intuitive, low-code/no-code solution for automating IT processes, integrating 800+ systems like Azure, ServiceNow, and AWS. It enhances operational efficiency by reducing human error and process cycle times, providing significant ROI through its automated runbook library and graphical design experience.

Features

• Automate employee onboarding and offboarding
• Automation of standard IT Tasks
• Automated Office 365 Management
• Automated Event to Service Desk Incident Management
• Remote Diagnostics and Remediation
• Virtual Machine Provision and Management
• Automated Patching
• System Integration with Service Desk and ITSM
• Rich graphical design experience

Benefits

• Free up high value IT Resources
• Cost Savings (up to 400%)
• Significantly Reduce process cycle times
• Increases compliance
• Removes process delays
• Improved accuracy of common tasks
• Self Service to task automation in one place

£2,500 to £9,000 a unit a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Chris.Hodder@itsmconsultancy.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

627208559889427

Contact

Chris Hodder
0208 050 3165
Chris.Hodder@itsmconsultancy.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Kelverion automation services can be integrated into existing service management solutions to automate common requests entirely end to end. The CIHS Automation as a Service takes this solution further by providing a fully managed service on automation, ensuring an automation-first policy for your business.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Our commitment to providing exceptional service, as such, our standard service hours are designed to align with typical business operations, ensuring consistent and reliable support during these times: Service Hours: Our core operating hours are 8:00 AM to 6:00 PM, Monday through Friday, in the UK. Out-of-Hours Service Provision: Some projects or issues may require attention beyond standard hours; we offer extended service as needed but involve additional charges in line with SFIA guidelines. Chargeable Travel: Travel expenses incurred for client projects are billable. These costs are clearly outlined and agreed upon in the terms and conditions of our contracts.
• System requirements: N/A

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support is offered a different tiers depending on the solution between 8am - 5:30pm Mon-Fri by default. Enhanced hours are available based on managed service tiers. Default response times vary between 15 min and 30 mins depending on the priority of the ticket in line with our documented priority matrix and the tier of support required.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: We have actively engaged in testing web chat systems with assistive technology users to ensure accessibility and usability for all. This testing involves participants who use various assistive technologies like screen readers, speech recognition software, and keyboard-only navigation. We focus on identifying and resolving barriers that might impede user interaction, ensuring that our web chat interfaces are compliant with accessibility standards such as WCAG and ADA. Feedback from these sessions is integral to our development process, leading to enhancements in our chat interface designs to better accommodate the needs of users with disabilities. Our commitment to inclusive design drives us to refine our products through feedback loops and iterative testing continuously. By collaborating closely with users dependent on assistive technologies, we gain invaluable insights that help us improve usability. This process not only enhances the user experience for individuals with disabilities but also benefits all users by creating more intuitive and easy-to-navigate interfaces.
• Onsite support: Yes, at extra cost
• Support levels: CIHS offers 4 levels of support Bronze, Silver, Gold and Platinum providing a clear distinction between the units of work available, which vary depending on the supported platform and the additional benefits including: - Included Consultancy Time - Discounts on CIHS services - Discounts of CIHS products All tiers are supported by technical and Client Services dedicated resources.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: CIHS supports new users in starting with our service through a multifaceted onboarding process that includes assessment, professional services, online training, onsite training, and comprehensive user documentation.; ; Assessment Services: Before implementation, we thoroughly assess the user's current IT infrastructure and business needs. This helps customise the setup and ensures that our service integrates seamlessly with existing systems and processes. The assessment identifies key areas where our service can provide the most impact, facilitating targeted and effective deployment.; ; Professional Services: Our professional services team is involved from the outset, providing expertise in system integration, configuration, and optimisation. This team ensures the service is configured to meet the user's specific requirements, providing successful usage and realising ROI.; ; Online and Onsite Training: We offer self-paced modules covering basic functionality and advanced features. For a more tailored training experience, we provide onsite training sessions. These sessions are customised to address the organisation's specific needs and provide hands-on experience for effective learning.; ; By combining these elements, CIHS ensures that each user is well-prepared to integrate and leverage our service effectively, contributing to smoother transitions and optimal service use within their organisational context. This holistic approach to onboarding facilitates immediate productivity and long-term success.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats: Confluence pages
• End-of-contract data extraction: At the end of a contract, CIHS ensures a smooth and secure process for extracting your data, facilitating a seamless transition.; ; Notification and Planning: As the contract nears completion, we discuss the timeline and extraction requirements. This phase involves planning the extraction process to align with the needs and schedule.; ; Extraction Tools and Assistance: Tools and support to extract data are available. These tools handle large volumes of data, ensuring that all data can be retrieved in a usable format (such as CSV, JSON, or XML). Our technical support team can assist with any queries during this process.; ; Data Integrity and Security: Throughout the extraction process, we maintain the highest data integrity and security standards.; ; Final Data Review: Once the data is extracted, users are encouraged to review it for completeness and accuracy. ; ; Data Transfer and Deletion: Following confirmation that the user has transferred the data to their IT environment or another service provider. CIHS will proceed with securely deleting it from our systems in compliance with data protection regulations.; ; Support: CIHS provides continuous support throughout the end-of-contract process to ensure every step is clear and smoothly executed. We aim to make the transition as straightforward and secure as possible.
• End-of-contract process: At the end of a contract with CIHS, several procedural steps are undertaken to ensure a smooth and orderly closure. This includes data extraction, where users are supported in securely transferring their data out of our systems, followed by a systematic decommissioning of services and secure data deletion, adhering to compliance and privacy standards.; ; Regarding contract pricing, the core services included are access to the CIHS Kelverion automation service, regular updates, maintenance, and essential customer support. ; ; Additional end-of-contract costs may arise from any professional services needed to facilitate migration to a new service, including but not limited to enhanced support levels (e.g., 24/7 support) and advanced configuration or integration services tailored to new requirements.; ; Optional extended services and features not covered in the standard package can incur extra charges. These distinctions are clearly outlined at the contract's start to ensure transparency and help clients plan their budgets effectively.; ; This structure ensures that clients can align their investment with their actual service usage and needs, avoiding unexpected expenses while maximising the value derived from our services.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Feature parity.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The Kelverion Automation Portal is an easy-to-implement self-service front-end for automation solutions. It offers a versatile, user-friendly interface without the lengthy list of prerequisites required by other self-service portals available today. ; The Automation Portal ethos is to “keep things simple and flexible”,; integration with the automation tools takes place via the Automation; portal database or the REST API . The portal and mobile App are; intended to complement any automation platform or scripting; language that can read and write to the Automation Portal database; or REST API.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We have actively engaged in testing web chat systems with assistive technology users to ensure accessibility and usability for all. This testing involves participants who use various assistive technologies like screen readers, speech recognition software, and keyboard-only navigation. We focus on identifying and resolving barriers that might impede user interaction, ensuring that our web chat interfaces are compliant with accessibility standards such as WCAG and ADA. Feedback from these sessions is integral to our development process, leading to enhancements in our chat interface designs to better accommodate the needs of users with disabilities. Our commitment to inclusive design drives us to refine our products through feedback loops and iterative testing continuously. By collaborating closely with users dependent on assistive technologies, we gain invaluable insights that help us improve usability. This process not only enhances the user experience for individuals with disabilities but also benefits all users by creating more intuitive and easy-to-navigate interfaces.
• API: Yes
• What users can and can't do using the API: Pending
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
  • Other
• API sandbox or test environment: No
• Customisation available: No

Scaling

• Independence of resources: We guarantee this by implementing scalable cloud infrastructure and advanced load-balancing techniques. This architecture allows us to allocate resources as demand fluctuates dynamically, maintaining consistent user service levels. Additionally, we utilise monitoring and predictive analytics to foresee demand spikes and adjust resources proactively, ensuring a seamless and uninterrupted user experience across our platform.

Analytics

• Service usage metrics: Yes
• Metrics types: Runbooks
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Kelverion

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: At CIHS, users can export their data efficiently and securely through these steps:; ; Access: Users log into their account and navigate to the export section.; Select Data: Options allow filtering by date, type, or other criteria.; Choose Format: Users select from CSV, JSON, or XML formats.; Initiate Export: The system prepares the data file.; Download: Once ready, the file is available for secure download.; Support: If issues arise, CIHS support team assists users.; This process ensures easy data portability and management, aligning with CIHS commitment to user autonomy and data security.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Microsoft Azure availablity
• Approach to resilience: CIHS Kelverion Automation is designed with high resilience, incorporating robust data centre setups and adherence to best practices like the UK government's second cloud security principle, 'Asset Protection and Resilience'. Our data centres are strategically located to ensure redundancy, with backup systems and disaster recovery solutions firmly in place. Specific details about our data centre setup are available on request to protect sensitive operational aspects.; ; CIHS ensures the security and resilience of assets by employing multiple layers of physical and digital security measures. These include, but are not limited to, encrypted data storage, regular security audits, and continuous monitoring systems. Our approach aligns with the government's guidelines to protect data against a wide range of threats and to ensure its availability and integrity even in adverse conditions.
• Outage reporting: CIHS's Kelverion service includes a comprehensive outage reporting system to ensure transparency and timely updates. We utilise a private dashboard that displays real-time service status and any issues. This dashboard is accessible to all users for immediate visibility into system performance.; ; Additionally, we offer an API that allows customers to integrate real-time service status data into their own monitoring systems, providing a seamless way to monitor service health within their existing workflows.; ; For direct notifications, we use email alerts to inform customers of any service disruptions. These alerts include detailed information about the nature of the outage, the expected resolution time, and any steps to address the issue.; ; This multi-channel communication strategy ensures that all stakeholders are well-informed and can plan accordingly during service interruptions.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Pending
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International Ltd.
• ISO/IEC 27001 accreditation date: 02/09/2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: In alignment with ISO 27001 and Cyber Essentials frameworks, our information security policies are designed to protect data integrity, availability, and confidentiality. We have implemented comprehensive risk management procedures that identify, evaluate, and mitigate risks, complemented by stringent access controls to prevent unauthorised data access. Our incident response strategy ensures quick action and mitigation of security breaches.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: CIHS operates an ITIL-aligned configuration and change management process set that integrates the systematic oversight of all configuration items with a structured process for implementing changes. It begins with maintaining an accurate Configuration Management Database (CMDB), essential for tracking the attributes and relationships of CIs. Change management coordinates all alterations to the IT environment, ensuring they are evaluated, approved, and documented to mitigate risk and minimise disruption. This combined approach enhances service reliability, compliance, and security, facilitating efficient incident resolution and continuous improvement. It ensures all changes are traceable, strategic, and aligned with business objectives.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: CIHS's best-practice vulnerability management approach involves continuous identification, classification, prioritisation, and remediation of software vulnerabilities. This process starts with comprehensive asset discovery and regular vulnerability scanning to detect potential security threats. ; ; Identified vulnerabilities are then evaluated and prioritised based on their severity and potential impact on the organisation. Remediation actions are systematically implemented, often through patches or configuration changes, followed by verification to resolve vulnerabilities. This proactive approach minimises exposure to security risks, maintains compliance with industry standards, and protects against breaches, ensuring the integrity and reliability of CIHS managed systems.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: CIHS' best-practice protective monitoring management approach involves the continuous surveillance and analysis of managed systems to detect and respond to security threats in real-time. It encompasses collecting, correlating, and evaluating log data across diverse sources, ensuring anomalies and potential breaches are identified swiftly. ; ; Implementing robust monitoring tools and setting clear thresholds for alerts is crucial. This approach is complemented by regular audits and updates to the monitoring rules based on emerging threats and system changes. ; ; Effective protective monitoring enhances security and supports regulatory compliance and operational resilience by enabling rapid risk detection and mitigation.
• Incident management type: Supplier-defined controls
• Incident management approach: CIHS operates an ITIL-aligned incident management approach that emphasises quick restoration of normal service operations with a documented, repeatable process, including identifying, logging, categorising, prioritising, and diagnosing incidents. Efficient automated communication and escalation procedures are crucial. The approach utilises our Service Desk to track incidents from detection to resolution. ; ; Root cause analysis is employed post-resolution to prevent recurrence. Key metrics, like mean time to resolve (MTTR), are tracked to gauge effectiveness and improve. This methodology ensures consistent, effective handling of incidents, enhancing overall service quality. Post-incident reviews are available for high-impact incidents and on request for other incident priorities.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  CIH Solutions Ltd. recognises the urgent need for environmental stewardship and is committed to addressing climate change. Our Carbon Reduction Plan outlines our commitment to achieving Net Zero emissions by 2040. Our carbon reduction efforts' baseline year is from January 2023 to December 2023. CIHS has set ambitious carbon reduction targets to align with the commitment to achieving Net Zero by 2040. Targets are categorised into short-term, medium-term, and long-term objectives. Short-term Targets (2023-2025): • Implement energy-efficient measures to achieve a 10% reduction in Scope 1 emissions. • Invest in renewable energy sources to cover at least 20% of the company's total energy consumption, reducing emissions. • Collaborate with the top 30 suppliers to establish emission reduction goals within the supply chain. Medium-term Targets (2026-2030): • Achieve a 25% reduction in emissions through the adoption of low-carbon technologies and practices. • Increase the share of renewable energy in total energy consumption to 40%. • Expand the scope of supply chain engagement to include the top 50 suppliers. Long-term Targets (2031-2040): • Achieve Net Zero emissions by 2040 through emission reduction measures, investments in carbon offset projects, and technological innovation. • Advocate for industry-wide adoption of sustainable practices and contribute to systemic change.

  Covid-19 recovery

  CIHS is committed to aiding recovery from COVID-19 by enhancing safety, supporting remote work, enabling contactless interactions, promoting health awareness, and boosting community resilience. Our comprehensive service provision ensures rigorous safety protocols are in place, reducing the risk of virus transmission and safeguarding our clients and their customers. By facilitating efficient remote work configurations, we enable businesses to continue operations seamlessly, ensuring high productivity while minimising physical contact. Our technology solutions also support the implementation of contactless transactions, crucial in maintaining business continuity and customer interactions without health risks.

  Tackling economic inequality

  At CIHS, our commitment to reducing economic inequality is realised through various strategic initiatives. We offer affordable access to our technological solutions, ensuring that all segments of society can benefit from digital advancements. This approach democratises technology access and helps mitigate the widening economic gap caused by technological disparities. In addition to access, we emphasise financial literacy as a fundamental component of our service. Educating individuals and communities about financial management empowers them to improve their economic well-being.

  Equal opportunity

  The success of CIH Solutions Ltd as an organisation depends upon the effective use of the abilities of each of our employees. With this in mind, the company is committed to providing equality and fairness for all recruitment applicants and employees and not discriminating against anyone because of their gender (including sex, marital status and gender reassignment), race (including ethnic origin, colour, nationality and national origin), disability, religion, belief or age. In addition, CIH Solutions Ltd will not discriminate against anyone associated with another individual protected under equality legislation. We oppose all forms of unlawful and unfair discrimination. All employees will be treated fairly and with respect. Selection for employment, promotion, training, or any other benefit will be based on aptitude and ability. The company is also committed to preventing discrimination of any type against its employees by third parties like suppliers, clients, and the general public. The responsibility for upholding this commitment is shared by every employee and intended to benefit them.

  Wellbeing

  At CIHS, enhancing well-being is a core objective achieved through a holistic health and lifestyle support approach. We provide mental health resources and initiatives, understanding mental well-being's critical role in overall health. Our services also promote work-life balance by offering technologies that support remote and flexible work arrangements, helping individuals manage their time more effectively.

Pricing

• Price: £2,500 to £9,000 a unit a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Chris.Hodder@itsmconsultancy.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.