RSM

Accounting solution implemented within 4 weeks - Microsoft Dynamics 365 Business Central

A core financial application implemented quickly. RSM's Pre-Packaged version of Microsoft's cloud ERP solution, Dynamics 365 Business Central, is deployed within 4 weeks. Accounting software designed to streamline processes, improve customer interactions, make better decisions and enable growth. It's adaptable, feature-rich and unified with Office 365 (especially Outlook & Excel).

Features

  • Implementation of a pre-configured D365 BC solution that includes:
  • Strong financial management system with localised features for UK
  • Discovery session to design your Chart of Accounts + Dimensions
  • Deployment of Core Financials, Accounts Receivable & Accounts Payable
  • Operational and Financial reports built in
  • Report designer tool - Build your own reports
  • Unification with Office365 including Outlook & Excel Add-in's
  • Bank statement import and export
  • Add-ons including OCR Invoice automation and Expenses module

Benefits

  • Rapid adoption of Dynamics 365
  • Power Apps/Processes to add to existing Dynamics project
  • Knowledge transfer delivery leaving client team capable
  • Consultants who understand processes throughout public&commercial sectors
  • Training collateral for re-use in knowledge base and Learning Path
  • Integration team available to assist with back office data
  • Focus on end customer journey and outputs
  • Customer services, mobile/portal/ledgers all referencing same database
  • Fully integrated with Office 365, Outlook, SharePoint
  • Reporting in dashboards and PowerBI is current and dynamic

Pricing

£6 to £75 a person a month

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@rsmuk.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

6 7 0 7 2 0 1 7 8 3 8 9 6 3 0

Contact

RSM Kathryn Styler
Telephone: 0121 214 3100
Email: bidteam@rsmuk.com

Service scope

Software add-on or extension
Yes
What software services is the service an extension to
Microsoft Dynamics 365
Cloud deployment model
Public cloud
Service constraints
The Microsoft Dynamics 365 pre-requisites must be met including recent versions of the common browsers.
System requirements
  • Office 365 Account (can be created as part of service)
  • Browser including IE 10,11 Firefox, Chrome, Firefox, Safari
  • Office 2016, 2019 or Office 365 for Office integration

User support

Email or online ticketing support
Yes, at extra cost
Support response times
Priority 1 - Critical system failure - response time is within 2 hours.
Priority 2 - Degraded service - response time is within 4 hours.
Priority 3 - Moderate issue - response time is within 8 hours.
Priority 4 - Low rated issue - response time is within 5 working days.

Out of hours including weekends can be provided with same or different response time subject to additional cost.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 A
Web chat accessibility testing
Use Microsoft Teams which uses live captions for end users.
Onsite support
Yes, at extra cost
Support levels
RSM's support Desk for Dynamics 365 Business Central covers break-fix, answering “how to” questions, and new product update release support.

Our Support services are available through an hourly consumption contract. We would initially propose a support package of 20 hours at £110.00 per hour for the 1st year.

A Relationship Manager service to provides update reports and proactively works with you to maximise the use of the system & support team.

Support package includes:
Escalation point for ‘break/fix’ incidents – including liaising with Microsoft technical support engineers; Access to advice and problem resolution; Escalation point for ‘how to’ System/application questions; New product release notification (Microsoft release update cycle); Microsoft upgrades hand-holding; Escalation point to assist with environment management during update releases; System Administration of Dynamics 365 Users, Licence, Security and Environment Management; Wider access to experienced team of Technology, Reporting, Management Consulting and Dynamics professionals
Support available to third parties
Yes

Onboarding and offboarding

Getting started
A full range of services are provided by Microsoft and RSM for onboarding. From Microsoft there is a customer portal that provides access to extensive resources in a mix of media for setting up, training, administering and developing the Dynamics 365 solution. RSM will provide more specific and user role-oriented training and collateral suitable. Implementation of the Dynamics solution follows the recognised Microsoft Sure Step pathway through Analysis - Design - Development - Testing - Deployment.
Service documentation
Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
  • DOCX
  • XLSX
  • CSV
End-of-contract data extraction
Data export facilities are provided for users to extract data at any time. Microsoft provide a grace period to allow access data after termination. RSM work with customers to create an agreed plan and approach to assist with obtaining data as required.
End-of-contract process
At the end of the contractual period the customer can continue to subscribe to Microsoft licences either directly with Microsoft or through another provider and retain use of the solution or extract their data and cease using the system altogether.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Chrome
  • Safari
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Users can access Dynamics 365 through their mobile / tablet browser or through the Dynamics mobile app. Form design renders to a pleasing mobile app UI for mobile user environments although data is still sourced from the single data service.
Service interface
No
User support accessibility
WCAG 2.1 A
API
Yes
What users can and can't do using the API
Microsoft Dynamics 365 Business Central supports two types of web services: SOAP and OData. Web services are a lightweight, industry-standard way to make application functionality available to a variety of external systems and users. Web services can expose pages, codeunits, or queries. Whereas SOAP web services expose a WSDL document, OData web services expose an EDMX document containing metadata for all published web services.
API documentation
Yes
API documentation formats
  • HTML
  • ODF
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Users able to create and customise entities, forms, fields, views and layouts; create business and system processes.

Scaling

Independence of resources
Microsoft operate a global network of data centres including in the UK and capacity is maintained and benchmarked for Dynamics, Azure Services and Office.

Analytics

Service usage metrics
Yes
Metrics types
Metrics are available to show user logins, transactions and storage usage.
Reporting types
  • Real-time dashboards
  • Regular reports

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Microsoft Dynamics 365

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data can be exported to a number of document formats and can be edited and re-imported if required. Excel Add-ins are available to simplify the process.
Data export formats
  • CSV
  • Other
Other data export formats
  • XLSX
  • XML
Data import formats
  • CSV
  • Other
Other data import formats
  • XLSX
  • XML

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Service level is 99.9% uptime with a credit available of 25% if this falls below 99.9%, 50% if it falls below 99% and 100% if service availability falls below 95% relevant to that particular months subscription fee.
Approach to resilience
A detailed examination of data services and application development lifecycle are available at Microsoft's Trust website www.microsoft.com/trustcenter. Microsoft build trusted cloud on the four principles of Security, privacy, compliance and transparency. This party audits include SOC1 Type 2 reports, ISO/IEC 27001 and 27018, security assessments for penetration testing.
Outage reporting
System administrators are notified by email and the 365 portal updates a running notification, the Organisational Insights Dashboard will update and Yammer and social media may also be used.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Other user authentication
Multi-Factor Authentication requires use of multiple methods to access the cloud. Providing strong authentication with a range of verification options, while accommodating a simple sign-in process. It provides user-friendly experience that works with Microsoft Azure Active Directory and Microsoft accounts and includes support for wearables/fingerprint-based approvals. Password enforcement increases security of traditional passwords by imposing length/complexity requirements, forced rotation and account lockout.
Token-based authentication enables authentication via Active Directory Federation Services (AD FS) or third-party secure token systems.
Role-based access control (RBAC) enables access based on the user’s role, making it easy to only give the amount of access required.
Access restrictions in management interfaces and support channels
Role-based access control (RBAC) enables you to grant access based on the user’s assigned role, making it easy to give users only the amount of access they need to perform their job duties. You can customize RBAC per your organisation’s business model and risk tolerance.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
09/01/2017
What the ISO/IEC 27001 doesn’t cover
There are no elements of the hosting solution not covered by this certification
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Dynamics 365 relies on Azure Active Directory to provide authentication for user access, helping to protect Dynamics 365 from unauthorized access. It simplifies the management of users and groups, and enables you to assign and revoke privileges easily.
Dynamics 365 uses the same identity platform as Office 365, so a user of both services has the same username and password. Customers can federate an on-premises Active Directory or other directory stores to enable using corporate credentials to authenticate. Dynamics 365 uses encryption to protect your data. Connections established between customers and Microsoft datacenters are encrypted, and all public endpoints are secured using industry-standard Transport Layer Security (TLS). TLS effectively establishes a security-enhanced browser-to-server connection to help ensure data confidentiality and integrity between desktops and datacenters.

We also provision you with your own logically isolated data repository to maximize the security and integrity of your data. And, when systems become outdated or are no longer operational, Microsoft operations personnel follow rigorous data-handling procedures and hardware disposal processes.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
All development in Microsoft Dynamics 365 is carried out in the Security Development Lifecycle which helps developers address compliance requirements.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Dynamics 365 is hosted in Microsoft datacenters and uses their security measures and mechanisms to protect data. Microsoft blocks unauthorized traffic to and within datacenters using a variety of technologies. We constantly maintain, enhance, and verify the infrastructure, and employ regular penetration testing to continually validate the performance of security controls and processes.
Dynamics 365 is designed on the principles of the Security Development Lifecycle, a mandatory Microsoft process that embeds security requirements into every phase of development. The Dynamics 365 operations team also follows the rigorous standards set by Microsoft Operational Security Assurance to help protect customer data.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
To ensure that activities within the service are legitimate, and to detect breaches or attempted breaches, Dynamics 365 takes advantage of the cloud service infrastructure and security mechanisms. The Dynamics 365 environment deploys antimalware software that helps protect infrastructure against online threats. Microsoft also provides intrusion detection, distributed denial-of-service (DDoS) attack prevention, and regular penetration testing to help validate security controls.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Microsoft employs a risk-management model of shared responsibility with the customer.
Microsoft is responsible for the platform including services offered and provides a cloud service that can meet the security, privacy, and your compliance needs.
As a customer, you are responsible for the environment once the service has been provisioned. You must identify which controls apply to your business and understand how to implement and configure them to manage security and compliance with applicable regulatory requirements. RSM offers implementation guidance to help accomplish these tasks and better manage the risk. Any incident can be reported through the 365 portal.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Fighting climate change

Fighting climate change

It’s important that we make a positive contribution to supporting sustainability. We aim to be a net-zero emitter of carbon by 2030. We are implementing new strategies and systems to monitor, manage and lessen RSM’s impact on the environment, including: - electricity from renewable sources; - reducing paper usage and spend in our offices by moving towards digital solutions/storage; - centralised travel booking platform, providing data on emissions; - promoting and educating climate awareness leading to an environmentally proactive workforce; - offsetting residual emissions with accredited carbon offset projects; - monitoring performance and progress in achieving these aims at board level and acting on those findings. We have an environmental operations group, consisting of representatives in leadership, facilities, procurement, people, and operational finance roles. The group focuses on engaging with staff to raise awareness of the best ways they can contribute to a more sustainable future, as well as holding RSM accountable for the ways our work impacts the environment. When business needs require travel, we encourage car sharing, public transport and bike schemes. The Covid-19 pandemic has led to increased adoption of remote/hybrid working. We utilise software to enable virtual meetings, and an online deliverables portal to ensure documents can be shared and uploaded securely and remotely. This has led to a significant reduction of business mileage, further reducing our environmental impact. We ensure all employees understand and follow our environmental principles and policies, and we continuously strive to improve our activities to prevent pollution and wastage. RSM subscribes to EcoVadis and is assessed on the Energy Savings Opportunity Scheme and Streamlined Energy and Carbon Reporting; reflecting RSM’s dedication to reduce it’s impact on the environment. Feedback from the assessments will shape improvements to our environmental strategy. https://www.rsmuk.com/-/media/files/who-we-are/rsm-carbon-reduction-plan.pdf
Covid-19 recovery

Covid-19 recovery

The coronavirus pandemic has caused disruption and uncertainty across the globe and many businesses are still facing unprecedented challenges as a result. As the Government continues to announce support and advice, RSM will continue to provide useful insights on critical areas, including reliefs for business, funding and business continuity, to ensure that our clients are kept up to date. The coronavirus has presented many businesses in the UK and across the Globe with unprecedented challenges, highlighting the importance of preparing your business for emergencies. As coronavirus lockdown restrictions eased and the Government continues to announce support and advice, businesses across the country have been faced with and are still facing a period of reactivation, readjustment and rebuilding. In order to support clients during this team we have provided clients with webinars and briefings on key issues faced as part of the Covid 19 pandemic and set up an online coronavirus hub with the latest updates and offering support and guidance. Our experts have shared their advice for rebuilding and succeeding in a significantly changed world.
Tackling economic inequality

Tackling economic inequality

Our people team have developed an over-arching action plan covering the employee life cycle with the aim of reducing the pay and bonus gaps for both gender and ethnicity by especially focusing on our talent pipeline and succession planning to increase the representation of women, disadvantaged and minority groups. Through this action plan we have improved our processes for internal salary decisions to eliminate bias and introduced clearer salary ranges at all levels, ensuring consistency of equity for all employees. RSM fully supports the living wage and pays the Living Wage Foundation rate to all employees, including apprentices and those on extended work experience. RSM does not have formal living wage accreditation as the procurement arrangements for our third-party contractors (such as suppliers, cleaners, building management, facilities, and maintenance in all offices) currently impact upon our formal accreditation status. However, RSM is working towards becoming a fully accredited Living Wage employer by the end of 2022. We have made considerable progress in the delivery of our Equality, Diversity, and Inclusion strategy “Listen. Educate. Act.” through dialogue, understanding and action. We have four employee networks, EmbRACE, Empower, LGBT+ and Faith alongside the Black Employee Network Group who all play a crucial role in the delivery of our Listen. Educate. Act Strategy. We issue information on our gender pay gap annually, and last year we published our first ethnicity pay gap report as part of our continued transparency and dedication to becoming a truly diverse and inclusive firm. We will continue with this transparency into the future and will publish reports such as these annually. https://www.rsmuk.com/who-we-are/diversity-reports
Equal opportunity

Equal opportunity

Our people team have developed an over-arching action plan covering the employee life cycle with the aim of reducing the pay and bonus gaps for both gender and ethnicity by especially focusing on our talent pipeline and succession planning to increase the representation of women, disadvantaged and minority groups. Through this action plan we have improved our processes for internal salary decisions to eliminate bias and introduced clearer salary ranges at all levels, ensuring consistency of equity for all employees. RSM fully supports the living wage and pays the Living Wage Foundation rate to all employees, including apprentices and those on extended work experience. RSM does not have formal living wage accreditation as the procurement arrangements for our third-party contractors (such as suppliers, cleaners, building management, facilities, and maintenance in all offices) currently impact upon our formal accreditation status. However, RSM is working towards becoming a fully accredited Living Wage employer by the end of 2022. We have made considerable progress in the delivery of our Equality, Diversity, and Inclusion strategy “Listen. Educate. Act.” through dialogue, understanding and action. We have four employee networks, EmbRACE, Empower, LGBT+ and Faith alongside the Black Employee Network Group who all play a crucial role in the delivery of our Listen. Educate. Act Strategy. We issue information on our gender pay gap annually, and last year we published our first ethnicity pay gap report as part of our continued transparency and dedication to becoming a truly diverse and inclusive firm. We will continue with this transparency into the future and will publish reports such as these annually. https://www.rsmuk.com/who-we-are/diversity-reports
Wellbeing

Wellbeing

RSM is committed to developing a working environment and culture in which we can 'work well' and all thrive. We want to create a culture where there is no stigma attached to any aspect of wellbeing. We also want to be proactive by putting in place early interventions to prevent any illness becoming more serious but also be there to best support our people at times when it is most needed. The case for supporting health and wellbeing is overwhelming. Working in a happy, healthy, inclusive, and supportive environment can improve aspects such as job satisfaction, performance, productivity, and reduce absenteeism. RSM have invested in wide-ranging tools and benefits to support digital wellbeing and physical and mental health, in the workforce: • Work well at RSM • Healthy minds • Physical wellbeing • Financial wellbeing • Social wellbeing RSM reports on disability, mental health and wellbeing for its own purposes. All data remains anonymous and is used as a guide to gain information on whether the services available are being used and how frequently rather than who is using them. At RSM we try to implement an ‘upstream’ approach to wellbeing. This means finding out where key areas of focus are through data and feedback and then putting an intervention in place at the earliest opportunity to prevent issues becoming greater. We have developed several initiatives to influence staff, suppliers, customers and communities to support health and wellbeing • Employee Assistance Programme • Flexible working policy • Health Matters • Mental health at work policy • Mental Health First Aid (MHFA) Champions • Mental health while working from home • Occupational Health service • Personal development courses • Health Management guidance - how to talk to your manager about mental health • Mental health awareness

Pricing

Price
£6 to £75 a person a month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Full versions with dummy data provided on a trial basis that can then be converted to a full subscription if required.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@rsmuk.com. Tell them what format you need. It will help if you say what assistive technology you use.