Cognizant Worldwide Limited

assetSERV Digital Asset Management

Digital Asset Management enables management of digital content - images, videos, documents, etc. This is done through a central repository, metadata & collaboration features, workflows and API layer for publishing to applications like CMS and social media or to other users securely.

Features

• Secure repository as single source of truth
• Extensive search based on content indexing
• Role based access
• Collaboration features including sharing, collections, baskets, versioning, check in-out
• Basic image editing including brightness, cropping, modifying resolution, etc.
• Configurable workflows
• Real time notifications for all defined user actions
• Cloud based application, web application with browser based access
• Creating collections of assets

Benefits

• Manage rich media including images, videos and documents
• Easy, role based search on all content. Complete content indexing.
• Easy collaboration on all content, sharing, workflows, comments and annotations
• Workflows to ensure right reviews and approvals
• Easy to publish content to multiple devices
• Digital rights definition and control on the content
• Access to content from browser based interface. Responsive web design.
• Share content as emails, collections - time bound, protected links
• Download content in different formats, as collections, contact sheets
• Encryption in transport layer and at rest on server

£50 to £330 a user a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at inquiryPSandHealth@cognizant.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

665313401566029

Contact

Frank Mcdade
+44 (0) 7711 588 127
inquiryPSandHealth@cognizant.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: No specific constraints. Maintenance windows would be fixed after discussion with client. Cognizant provides implementation, application and infrastructure support for assetSERV.
• System requirements:
  • AssetSERV is a web based application
  • No specific system requirements
  • Compatible with all leading web browsers
  • Optional desktop installation for assetSERV drive

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: AssetSERV Standard SLA response and resolution times have been provided below:; ; Severity 1 (An incident which causes the platform to go down, making it unavailable) - Response within 1 Hour ; Severity 2 (An incident with Critical functionality that has no workaround, and stops production work.) - Response within 2 Hours ; Severity 3 (An incident with non-Critical functionality that has no workaround) - Response within 4 Hours ; Severity 4 (All other non-critical defects, enhancements and feature requests, training and documentation issues) - Response within 24 hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Cognizant offers 3 support levels for this service:; L1 - 24X7 phone and email support by team of trained analysts who will be first responders for initial resolution, debugging, minor support and help queries.; L2 - 8X5 or 16X5 support by team of trained developers and testers for debugging/ resolution following build/ deploy cycle for patches and resolution; L3 support addresses infrastructure, product code and other components. Responsible for fixes and deploying them into production in the build cycle.; Onsite, a technical support analyst can be provided for enhanced support
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onsite training session can be conducted for Client. We will follow a Train the Trainer methodology. Also, these would be supplemented with Workshops during Go-Live Webinars (Over WebEx), Recordings of training sessions, User Manual and Training Guide.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Using a combination of manual effort and automation scripts, we extract assets/metadata from the current DAM to be transferred/transform to the proposed system. Our approach to handover/migration is described below; 1. Get Assets from current system to a shared drive/portable drive; 2. Metadata information to be provided as a representation of existing database schema along with all the table relationship information; 3. Extract the metadata from the source database
• End-of-contract process: A contract, ending after running its due course is generally up for renewal. The rules, deliverables and costs can be renegotiated. Depending on the understanding the terms and conditions can be kept same. If there is no renewal, all the client data will be handed over. Software is on License basis, so the instance will be taken down as per prior agreement. assetSERV would need 3 months advance notice before contract termination. This period would be used for the content migration activity to ensure all client content and metadata is migrated back to client systems.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: AssetSERV provides a complete API accessible via HTTP/HTTPS. This API is the best way to integrate portals, workflow engines, ESBs, custom applications, etc. remotely with the assetSERV Platform. The API has the following endpoints.; For doing Create Read Update Delete (CRUD) on resources in a 100% REST style. Multiple resource endpoints are exposed.; eg. You can perform searches by query or page provider, store these searches and reproduce them later. /nx/site/api/v1/search/lang OR /nx/site/api/v1/search/pp OR /nx/site/api/v1/search/saved; Limitations are the same as any RESTful service has.; assetSERV provides for technical resources for any enhancements/ customizations. Users can be provided access to the APIs only on need basis.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: AssetSERV is a configurable DAM platform that can be customized as per buyer requirements. Some of the key aspects that can be customized are:; - UI as per buyer branding guidelines; - Metadata model; - Workflows and business rules for content; - Specific integration use cases ; - Notifications based on business rules; - Digital rights and access rights to content -; Cognizant provides for implementation services for all the above listed customizations and other enhancements needed on assetSERV.

Scaling

• Independence of resources: AssetSERV is a Digital Asset Management system having a robust architecture which supports dynamic scaling. That consists of multiple server components with particular responsibilities. This ensures the possibility to scale each component independently depending on customer requirements. The 4 major components of the system are:; 1. Web Application Server; 2. Search Server; 3. Storage Server; 4. Conversion Server

Analytics

• Service usage metrics: Yes
• Metrics types: AssetSERV provides statistics for all asset and user centric related actions. You can view statistics for uploads, downloads, logins and drill down statistics on individual asset and user level. Asset usage is tracked for channels that are directly connected.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Other
• Other data at rest protection approach: AssetSERV provides a 256-bit encryption of the data at rest by leveraging AWS security services. This can be provided based on client requirement. Encryption in flight if via TLS.
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: For administrative users, the Platform allows download of log files/data or allows administrators to export them via API.; Regular users can use various means like:; - Downloading CSV cantainting asset details/Metadata; - Use assetSERV Drive ; - Download collections/Lightboxes
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks: IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We shall make commercially reasonable efforts to provide at least 99.5% Platform Availability, measured on a per calendar-month basis.
• Approach to resilience: With cloud infrastructure we provide high failure resiliency. Server auto light, auto scaling and modularized design of assetSERV ensures compartmentalized operations and seamless failure recovery.
• Outage reporting: Outages will be ascertained based on severity of issues that need to be fixed and communicated via the appropriate channels.; Usual channels include email alerts to designated users. Also, notifications/pop-ups/banners on the log-in and landing pages are put up to let users know the status.

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: AssetSERV has a strict access monitoring and management system. ; assetSERV supports integration with an existing Identity System (IDP) via Federated Identity. IDP’s are governed by their own privacy policies and can control what information they share with an Service Provider (SP). With Federation, we can set up a Circle of Trust (CoT), where a remote IDP can send a message to the SP, with appropriate information on authentication and authorization. The SP then decides whether to let the user access its service.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: EY CertifyPoint
• ISO/IEC 27001 accreditation date: 11/12/2013
• What the ISO/IEC 27001 doesn’t cover: All Amazon Web Services components and relevant locations for assetSERV are covered in the certification.
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 31/01/2016
• CSA STAR certification level: Level 2: CSA STAR Attestation
• What the CSA STAR doesn’t cover: LEVEL THREE: CSA STAR Continuous Monitoring; ; Currently under development, CSA STAR Continuous Monitoring enables automation of the current security practices of cloud providers. Providers publish their security practices according to CSA formatting and specifications, and customers and tool vendors can retrieve and present this information in a variety of contexts.
• PCI certification: Yes
• Who accredited the PCI DSS certification: Coalfire Systems Inc.
• PCI DSS accreditation date: 11/07/2016
• What the PCI DSS doesn’t cover: AWS is PCI Level 1 Service Provider. Hence it covers all the requirements;; 1. Service Provider Criteria for VISA; 2. Validation Requirements for VISA; 3. Service Provider Criteria for MasterCard; 4. Validation Requirements for MasterCard
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • C5 [Germany]
  • Cyber Essentials Plus [UK]
  • DoD SRG
  • FedRAMP
  • FIPS
  • IRAP [Australia]
  • ISO 9001, ISO 27001, ISO 27017, ISO 27018
  • MLPS Level 3 [China]
  • MTCS [Singapore]
  • SOC 1, SOC 2, SOC 3

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Compliance mandates such as PCI DSS, HIPAA, ISO 270001, GLBA and SOX require businesses to protect, track and control access to sensitive information.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Cognizant will work with the Client to assess change management requirements and will design and implement a Change Management Plan tailored to your needs and culture.; With extensive industry domain expertise and next-generation RIM 2.0 services, which include Cognizant's industry-leading OnTarget™ ITIL-based platform and unique Operations Maturity Model, Cognizant IT IS helps clients reduce infrastructure management costs, mitigate risk, and improve business performance.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: AssetSERV is hosted on AWS cloud which complies with SAS70 Type II. We also use Qualys Web Scan to test for the latest vulnerabilities including the OWASP Top 10 and any vulnerabilities found are rectified.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Performance monitoring and optimization tools used are Brocade for Traffic Management, AlertLogic for security and vulnerability assessment and AWS Monitoring tools.; ; assetSERV uses AWS CLoudWatch, CloudTrail and custom SQL scripts to manage database intrusion attempts or unusual activity and SIEM log monitoring and WebApplication Firewall to detect network intrusion attempts or unusual activity.; ; We provide complete audit log for all user activities on the system along with timestamp of activity. In addition to the above, we can provide IP address of all users connected to assetSERV system. We manage forensic investigations in alignment with DSS requirement A 1.4.
• Incident management type: Supplier-defined controls
• Incident management approach: System has an automated monitoring for network, platform availability & Security incidents. Error handling has been built into the application to handle scenarios such as - upload failure, save failure, download failure, workflow triggering etc. Any additional failure scenarios would be added based on platform's configuration during the course of the engagement. If the users come across any other problems they can raise a ticket for resolution. Any additional analysis in order to prevent issues can be availed as additional services that are offered based on the support level agreement signed with assetSERV.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  We take our environmental responsibilities seriously and have committed to becoming a more sustainable business, achieving net zero emissions by 2030. Cognizant is compliant with ISO14001 (Environmental Management System) and operates within multiple environmental policies, as set out in our ESG report and overseen by our Chief Sustainability Officer. ; We reduce waste and develop sustainable products by leveraging technology advancements in AI, data and analytics, cloud and IoT, with the resulting solutions exploiting our experience, expertise and resources to help address climate change in our own activities and to help our clients meet their sustainability goals and reduce their carbon footprints. Some examples include: transitioning energy-intensive data centres to public cloud use; designing IoT-enabled smart buildings that manage electricity, heating, cooling and water consumption more efficiently to reduce power needs; and using IoT and cloud solutions in transportation and supply chain applications for real-time vessel emissions monitoring to improve shipping route planning and increase fuel efficiency.; Specific initiatives to achieve net zero include:; • Aligning to climate science. Science-based emissions reduction targets submitted for third-party validation with the Science Based Targets initiative (SBTi).; • Ongoing investments in renewable energy. In India over a quarter of Cognizant's energy already comes from renewable sources and we plan to expand our use of onsite solar energy and enter new power purchase agreements with clean energy developers. ; • Renewable Energy Buyers Alliance. A global initiative bringing together the world's most influential businesses committed to procuring 100 percent renewable electricity.; • Increasing energy efficiency. We are investing in new energy efficient equipment and technologies across owned offices and data centres globally. Including green commuting, prioritising telecommuting and focussing on paperless working, energy efficient lighting, equipment, and retrofitting cooling systems.; Further information can be found at www.cognizant.com/us/en/services/sustainability-services
• Covid-19 recovery:

  Covid-19 recovery

  As a major employer in the UK Cognizant is pleased to have the opportunity to continue helping communities to manage and recover from the impact of COVID-19. We announced a five-year, $250 million effort to support recovery and advance economic mobility in communities around the world. ; ; During and after the pandemic, Cognizant has provided critical resources to strengthen public health systems, education and workforce institutions, jointly developing the Lateral Flow Test AI/ML component for the DHSC and partnering with the Cabinet Office on a data science awareness & training programme. As our company has continued to expand whilst office space has been restricted, we have encouraged Home Working and invested in the concomitant equipment and processes to support, including the rapid expansion of our existing Mental Health programme - adding a significant number of Mental Health First Aiders. ; ; We have actively supported communities in managing and recovering from the impact of the pandemic, including providing those worst affected or shielding with the provision free services to digitally equip charities such that they can operate more efficiently and serve better. Our award winning “Cognizant Assist” App was also developed to support the virtual mobilisation of charities, volunteers and those in need to connect, drawing on our Google Firebase cloud platform experience and other open-source tools. This platform is provided free to community volunteering groups and charities, with volunteers from our organisation also supporting the app setup for these organisations. ; ; Amidst our effects to support the creation of employment, re-training and other return to work opportunities, we have considered the delivery location of the services to focus on community or regional SMEs, to diversify the supply chain and create more localised opportunities. ; ; https://news.cognizant.com/2021-02-25-Cognizant-Commits-250-Million-to-Global-Corporate-Social-Responsibility-Initiatives
• Tackling economic inequality:

  Tackling economic inequality

  We are committed to tackling economic inequality in employment and skills, with an approach that focuses on People, Communities and Accountability: ; People: Supported by ‘Cognizant Academy’, our people continuously develop through training for soft skills and technical understanding. Training is made available to project staff and extends into communities we work with. Unconscious-bias training ensures that recruitment, performance and retention activity are creating the best platform for diversity to thrive. By educating, influencing and leading by example, we believe that we can inspire personal accountability to minimise inequality in the workforce.; Communities: As an employer of almost 8,000 people in the UK, we have a powerful sense of community purpose. We work with charities and social enterprises across the UK, including through our Outreach programme, to give back to the community and make a difference to society. We provide access to skills training and identify opportunities for employment, to help level the playing field and support individuals in securing the skills necessary for successful employment. Including:; -Employability Workshops; to provide core business skills (interview techniques, CV writing, LinkedIn training) ; -Bootcamps; for training technology skills to underrepresented individuals; -Engaging local universities to co-develop digital skills, for supporting new job creation in regeneration locations; -Participating in initiatives that create work opportunities for the severely disadvantaged, such as the ‘Vital Regeneration’s’ Homeless, Employability and Learning Project (HELP); -Leverage the Government’s Kick Start scheme to facilitate job placements and apprenticeships; Accountability: We utilise monthly and annual governance cycles to agree, measure and report on KPIs/metrics during contract term. Our ESG report increases transparency and accountability of our commitments to social responsibility. We focus in detail on diversity and actions taken to attract, develop and retain a diverse workforce, including partnering to overcome the skill-gap challenge and utilising our Digital Academy to upskill staff.
• Equal opportunity:

  Equal opportunity

  Cognizant is committed to Equal-Opportunity-Employment, regardless of protected characteristic. We take affirmative action to employ and advance all people and our policies ensure that no one is discriminated against, harassed or victimised due to a protected characteristic. We continue to invest in supporting people facing barriers to employment, especially those from under-represented groups in our industry (sex, age, disability and ethnicity), working with SMEs and local organisations to provide further opportunities for people to fill skills gaps in our industry. ; Our Code of Ethics, Human Rights Policy, Modern Slavery Act Statement, and Supplier Code of Conduct address how we conduct business with integrity, respect human rights, and trade ethically. Additionally, our Code of Ethics training which is mandatory for all Cognizant associates includes a module on diversity and preventing discrimination and harassment.; We are a member of ‘the Valuable 500’, a global business collective of 500 CEOs/companies, that innovate together for disability inclusion through business leadership and opportunity. Our disability affinity group ‘Unite’ provides a community and additional support/resources for associates with disabilities, caregivers and their allies. ; We are exploring partnerships with organisations such as Disability Rights UK, to ensure that our recruitment/retention approaches are accessible. Our explicit HR disability policies and expansion of our disability reporting for monitoring and retention processes are positive steps that we have already taken to level the playfield for people with disabilities.; Our Diversity Pipeline Programme drives greater diversity within our recruiting channels and adjustments are made to ensure candidates with disabilities are supported throughout the recruitment process. Our Code of Ethics is clear that discrimination of any kind is not tolerated, including in our recruitment process. ; We conduct an employability training program for visually challenged graduates, where volunteers from our Outreach community train candidates on interview techniques, good interview practices and resume writing.
• Wellbeing:

  Wellbeing

  Our wellbeing objectives as an organisation and during contract delivery are to: Provide safe, secure and healthy environments for our staff, Support the needs of our team, implement longer-term positive approaches to thriving at work, integrate diversity and inclusion into wellbeing - covering race, religion, gender, sexual preference, disability and accessibility, and maximise the benefits of national and international awareness.; ; We invest heavily to ensure the physical and mental health and wellbeing of our teams, including development/access to our health and wellbeing portal and other resources e.g. Monthly ‘Town-halls’ focusing on mental health awareness and available support, Interactive webinars, (e.g. financial wellbeing support), Wellbeing and Mental health surveys, Mental health first aiders and champions, Access to weekly wellbeing sessions, Health from home (managing wellbeing at home), as well as access to a fully funded Employee Assistance Programme offering short-term professional counselling, family support services, legal support-services and financial support services.; ; We encourage a culture of open communication where colleagues can raise both concerns and ideas relating to wellbeing and health, and we take a comprehensive approach to influencing our staff, suppliers and communities by following the principles of: Leading from the top / Being publicly accountable / Making training accessible to all.; ; Improving community integration is a critical part of our commitment to improving the lives of our people, customers and citizens. We Think Local, supporting local initiatives, charities and schools. Annually, our UK workforce benefit from time off to volunteer an average of 12,000 hours in local communities or for charities.

Pricing

• Price: £50 to £330 a user a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at inquiryPSandHealth@cognizant.com. Tell them what format you need. It will help if you say what assistive technology you use.