Skip to main content

Help us improve the Digital Marketplace - send your feedback

BearingPoint Ltd

Infonova Digital Business Platform

Cloud-Native Infonova Digital Business Platform (DBP) hosted on AWS and utilizing AWS (serverless) technologies. Infonova DBP enables customers for an ecosystem play; allows to experiment, innovate & test with quick turnaround cycles; brings a marketplace new digital services; is build and provides new technologies and new and innovate business models

Features

  • Create & Sell: Product and Service Catalogue
  • Order & Fulfill: Order Management; Fulfillment & Orchestration
  • Rating/Charging; Invoicing/Collection; Customer Management; Product/Service Inventory
  • Grow Revenue: Partner Catalogue; Partner Management & Orchestration; Settlement
  • Product Catalogue driven ordering
  • Convergent Rating & Charging
  • Open APIs enable interoperability and extensibility of the platform
  • Cloud-native architecture: Container-based deployment; Cloud-managed data stores
  • Simplified operational management (container deployment, backup/restore, security)
  • SaaS Delivery, Open APIs, Serverless Integration Technology

Benefits

  • Platform for digital offerings experiment, launch and monetize new offerings
  • Reinvent new business models using ecosystems management and multi tenancy
  • Business orchestration and monetization capabilities
  • Launching product & bundles any pricing model in days
  • Business efficiency by sweating existing assets and removing internal silos
  • Collaborate, co-create, sell new solutions with new technologies/partners
  • Enable advanced billing, flexible catalogue and comprehensive order and fulfillment
  • Building an ecosystem of partners

Pricing

£1,100 a licence a month

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UKPublicSectorBD@bearingpoint.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

6 5 1 9 8 1 4 2 6 0 2 4 9 1 9

Contact

BearingPoint Ltd Gill Walker
Telephone: 07976 812978
Email: UKPublicSectorBD@bearingpoint.com

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
N/a
System requirements
SaaS accessed via Web (IE11, Chrome70, Firefox64, Safari12)

User support

Email or online ticketing support
Email or online ticketing
Support response times
SaaS service is 24x7
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
No
Support levels
N/a
Support available to third parties
No

Onboarding and offboarding

Getting started
Sandbox access, Training (online and on-site), documentation, community portal
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
  • Word
  • Powerpoint
End-of-contract data extraction
Through API
End-of-contract process
Data can be purged

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Firefox
  • Chrome
  • Safari
Application to install
No
Designed for use on mobile devices
No
Service interface
Yes
User support accessibility
None or don’t know
Description of service interface
Web interface to manage products, orders, customers, billing and partners
Accessibility standards
None or don’t know
Description of accessibility
Via authenticated users/operators which have different authorisations
Accessibility testing
N/a
API
Yes
What users can and can't do using the API
All Infonova functionality is exposed via APIs
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
No

Scaling

Independence of resources
Application scaling is managed in multiple different layers: application load balancing layer, K8s worker nodes / K8s deployments (apps) layer, persistence infrastructure layer. In some of the layers scaling can be automated, i.e., autoscaling can be used. Autoscaling helps to dynamically scale capacity up or down according to predefined rules.

Analytics

Service usage metrics
Yes
Metrics types
Customers, Orders, Billing, Service Inventory
Reporting types
API access

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Through API
Data export formats
Other
Other data export formats
  • JSON
  • XML
Data import formats
  • CSV
  • Other
Other data import formats
  • JSON
  • XML

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection between networks
Instances do not have public IP addresses and are thus separated from the public internet. Additionally, a so-called "Access" subnet is provisioned which is a "public" subnet, i.e. its EC2 bastion server is visible via a public IP-address. A NAT gateway in the public subnet enables private EC2 instances and K8s pods to communicate with public internet.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection within supplier network
The ALB is the single access point for all "customer-related" traffic via HTTPS, i.e., UI (frontend) requests or API (REST) calls. Depending on the use-case, the attached security group can be configured to be completely open or restricted to specific user groups.

Availability and resilience

Guaranteed availability
99.5%
Approach to resilience
Infonova DBP is deployed across multiple availablity zones within the AWS cloud
Outage reporting
Infonova DBP is constantly monitored using cloud monitoring systems which rais alerts to the Infonova DBP 24x7 team

Identity and authentication

User authentication needed
Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
Infonova UI access can only be established through authenticated and authorized users. Infonova API access require OAuth2 access
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
DMSZ GmbH Deutsche Managementsystem Zertifizierungsgesellschaft mbH, Griesheim, Germany
ISO/IEC 27001 accreditation date
1/11/2021
What the ISO/IEC 27001 doesn’t cover
N/a
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
  • ISO 27005
  • ISO 27002
  • Cyber Essentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
ISO 27002
ISO 27005
Cyber Essentials
Information security policies and processes
BearingPoint is ISO 27001 & ISO 27002 certified. Our risk assessment methodology follows the methodology promoted by ISO 27005. In terms of policies, we have documented, we review and update the policies below that cover the following (these policies can be available on demand): Antivirus Policy, External Accounts Policy, Firewall Policy, Information Technology Use Policy and Guidelines, Mobile Device Management Policy, Network Policy, Password Policy, Remote Access Policy, Web Filtering Policy, Wireless Networking Policy, Removable media & backup Policy, Cryptography Policy ,Downtime Policy, Use of external services Policy, Email & instant messaging Policy, IT standards Policy, IT Purchasing Policy, IT support Policy, User account management Policy, Patch Policy, IT Cloud & server Policy, Telephony acceptable use Policy, Data classification & handling Policy, Clean desk & digital media disposal policy.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
We are doing everything in DevOps. All DevOps code is commited in Git. All code is reviewed by 2 other people.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Infonova DBP is constantly monitored using cloud monitoring systems which rais alerts to the Infonova DBP 24x7 team
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Infonova DBP is constantly monitored using cloud monitoring systems which raise alerts to the Infonova DBP 24x7 team
Incident management type
Supplier-defined controls
Incident management approach
Customers get access to the Infonova DBP Portal and can log/manage incidents

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

BearingPoint is passionately committed to stewardship of the environment and has several internal initiatives in place which deliver against this policy outcome in our business-as-usual activity. BearingPoint has established an international working group to manage carbon emissions. We are a signatory to the UN Global Compact and working toward B Corp Certification. Our “Sustainable By Design” Leadership Committee established a firmwide emissions goal of 50% reduction in emissions by 2025. We established a network of Sustainability Agents who are responsible for generating/implementing new carbon reduction ideas in their countries and we will work with them to ensure adoption of additional measures under G CLoud 14 contracts. We adopt a data-driven approach to monitoring and improving carbon emissions, based on our 'Emissions Calculator' tool, and any new work undertaken under these contracts will be added into this model. In the UK, we have published a Carbon Reduction Plan which clearly sets out our roadmap to achieving our targets in Scope 1-3 emissions; any work undertaken under these contracts will be monitored under those business-as-usual arrangements. For example, we will
• minimise CO2 emissions by minimising business travel, working remotely wherever possible.
• where travel is necessary, use the most sustainable method, logging our journeys in Emissions Calculator.
• ensure any new IT required for the contract is sourced responsibly and sustainably.
• ensure any IT being disposed of is disposed of responsibly and sustainably.
• identify local charities that might benefit from used IT and phones and donate to them securely.
• encourage our contract workforce to avoid commuting wherever possible.
• ensure they have appropriate equipment to facilitate work from home.
• where commuting is necessary, ensure it happens in the most sustainable way, logging journeys in Emissions Calculator.

Tackling economic inequality

BearingPoint is passionately committed to tackling economic inequality and has several longstanding initiatives in place which deliver against this policy outcome in our business-as-usual activity. In addition to our many routine Corporate Social Responsibility activities, engagement teams work hard to ensure that the communities in which clients live and work are supported in tackling economic inequality through, for example, offering paid internships, access to training, ensuring diversity and collaboration in our supply chain (for a particular contract or more generally), and through advice and provision of pro-bono consulting support on issues relating to modernising delivery of public services and increasing value for money without negatively affecting front-line local services.
BearingPoint also has well established procedures for working in true partnership with and maintaining/improving diversity in our supply chain and takes pride in having a fair and responsible approach to working with local partners in delivery of contracts. We use local associates or companies wherever possible, to help keep the benefit of the client's consulting spend in their local area. We maintain a Supply Chain Code of Conduct that mirrors our own internal Standards of Business Ethics, and which we require all our supply chain to sign up to and apply. As part of this contract, while we do not anticipate using a significant supply chain, we undertake to apply these fair and responsible processes to any subcontractors who are involved and to ensure that the principles in the Supply Chain Code of Conduct are upheld.

Equal opportunity

BearingPoint is passionately committed to equal opportunities in our contract workforce and has several internal initiatives in place which deliver against this policy outcome in our business as usual activity. We will use G Cloud 14 contracts to deliver ADDITIONAL initiatives and/or ENHANCE our existing initiatives in this area. For example, by:
• provision of training, coaching, and mentoring to members of the contract workforce who are from disadvantaged backgrounds or who have protected characteristics, or otherwise face barriers to employment or progression
• use of paid internships for people from disadvantaged backgrounds or who have protected characteristics, or otherwise face barriers to employment or progression
• subject to the length of the contract, use of apprenticeships to deliver training and qualifications to those facing barriers to employment or progression
• opportunities for the contract workforce to engage with and influence the work of our existing Diversity and Inclusion team
• opportunities to attend lunch and learn sessions relevant to the contract or the skills it requires from its team
• partnering or collaborating opportunities for small companies, and fair and ethical treatment of those in our supply chain
• fundraising or pro-bono work for charities or not-for-profit organisations working in this field
We require all subcontractors to adopt our Supplier Code of Conduct, which includes measures to ensure equality and diversity in the contract workforce.
We build delivery of Social Value into the routine cadence of our Engagement Management process, ensuring regular communication and transparency of progress.

Wellbeing

The wellbeing of our workforce features heavily in our Sustainability strategy. We engage regularly with our staff via People Surveys, in terms of perceived belonging, psychological safety, and levels of engagement. Our results indicate high and stable levels for all these indicators. Other measures implemented include remote social sessions, resilience training, and a monthly Wellbeing newsletter. We continue to offer a wellbeing programme around stress management, nutrition, and ergonomics. We have also implemented a health-oriented leadership training manual to embed physical and mental health in our work and to empower our people to act with care. This includes advice on identifying when people's health might be posing a challenge and how to design a work environment that is not damaging wellbeing.
As part of our engagements, we identify practical, measurable ways in which we can extend our own initiatives and offer support to help with improving wellbeing. For example:
• Designing ways of working which will minimise potential negative impacts on wellbeing, and which will enable the engagement team to identify and manage any potential health and wellbeing issues at an early stage, minimising risk of longer-term detrimental impacts to the workforce and to delivery of our service. We can make use of regular ‘pulse check’ surveys to facilitate anonymous monitoring of health and wellbeing issues in the team.
• Opportunities for the contract workforce to engage with and influence the work of our existing Diversity and Inclusion team (where our health and wellbeing initiatives are managed).
• Opportunities to be part of our internal initiatives promoting health and wellbeing issues. We encourage the contract workforce to jointly create their own fundraising and awareness-raising activities.

Pricing

Price
£1,100 a licence a month
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Guided sandbox access with support to model and test use cases

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UKPublicSectorBD@bearingpoint.com. Tell them what format you need. It will help if you say what assistive technology you use.