Skip to main content

Help us improve the Digital Marketplace - send your feedback

Sandhill Consultants Ltd

erwin Evolve - Business Process

erwin Evolve supports strategic enterprise architecture and business process modelling initiatives, including digital transformation, cloud migration, portfolio and infrastructure rationalization, regulatory compliance and innovation management. A highly configurable enterprise architecture (EA) and business process modelling and notation (BPMN) tools enable organizations to map IT capabilities to business functions.

Features

  • Harmonise EA/BP modelling capabilities for greater visibility, control and intelligence
  • Easily explore, create models, model elements, links and dependencies.
  • Identify and understand the impact of changes.
  • Increase employee education, maintaining knowledge with persona-based views.
  • User-friendly, configurable interfaces for technical and business stakeholders collaboratively
  • Faster actionable insights, integrated views and central repository across initiatives.
  • Record end-to-end processes, assign responsibilities and owners to them.
  • Improvements with harmonised, optimised visible processes, heatmaps, dashboards and diagrams.

Benefits

  • Review, edit, analyse content, including heatmaps, reports, charts and graphs.
  • Draw diagrams, create model data, configure the metamodel.
  • Enable IT, business stakeholders collaboration through a user-friendly interface.
  • Schedule publishing of reports and documents using pre-defined templates.
  • Make content easily accessible to business ecosystems for complex analysis.
  • Access to templates for generic and industry-standard frameworks.
  • Templates to accelerate adoption, improve conformance and drive EA management.

Pricing

£7,540 a user a year

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.carter@sandhill.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

6 8 2 1 2 8 0 4 6 1 7 0 2 3 1

Contact

Sandhill Consultants Ltd Andrew Carter
Telephone: 01476 568708
Email: andrew.carter@sandhill.co.uk

Service scope

Software add-on or extension
Yes
What software services is the service an extension to
Data Modeling
Enterprise Architecture
Business Process
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
No
System requirements
Web browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
Sandhill provide 1st line email support and if required erwin will provide ticketed support. Bug issue resolution, provision of standard fixes and workarounds to known problems, managing your erwin relationship and issue escalations, license key assistance and management, rapid response on 'How to Support', Direct access to erwin experts by email, telephone, and remote desktop, guidance on upgrades, guidance on 'known issues', model testing, Answering product installation configuration and usage questions, in depth product knowledge of erwin and complimentary products. 24 x 7 technical support provided by vendor. All of the above in included within cost of product and maintenance.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Free of charge upgrades, bug issue resolution, provision of standard fixes and workarounds to known problems, managing your erwin relationship and issue escalations, license key assistance and management, rapid response on 'How to Support', Direct access to erwin experts by email, telephone, and remote desktop, guidance on upgrades, guidance on 'known issues', model testing, Answering product installation configuration and usage questions, in depth product knowledge of erwin and complimentary products. 24 x 7 technical support provided by vendor. All of the above in included within cost of product and maintenance.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Full education and training quick start programmes
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
CSV export.
End-of-contract process
Service ends at end of license subscription period. Data can be made available for 30 days after end of contract. No additional costs at end of contract.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install
Yes
Compatible operating systems
  • Linux or Unix
  • Windows
Designed for use on mobile devices
No
Service interface
Yes
User support accessibility
WCAG 2.1 AA or EN 301 549
Description of service interface
Browser based, easy to use, configurable user interface.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
N/a
API
Yes
What users can and can't do using the API
Import files. Create, read, update, delete objects and relationships
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • PDF
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
Fully customisable metamodel.
View based UI that can be limited to access controlled roles.
Customisable user experience.
Professional license users can customise.

Scaling

Independence of resources
Fully monitored service through Amazon Cloudwatch

Analytics

Service usage metrics
No

Resellers

Supplier type
Reseller providing extra support
Organisation whose services are being resold
Quest Software Inc

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Encryption of all physical media
Data sanitisation process
No
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
CSV export.
Data export formats
CSV
Data import formats
  • CSV
  • Other
Other data import formats
XML

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Erwin shall make the Service available twenty-four (24) hours per day, seven (7) days a week with a minimum uptime level of ninety-nine and nine tenths of a percent (99.9%) measured on an aggregate monthly basis, with no single unscheduled outage exceeding four (4) consecutive hours in a single seven (7) day period. Should Erwin incur an unscheduled outage in excess of four (4) hours or more than two (2) unscheduled outages in excess of two (2) hours or more in duration within a single billing month, upon notice by Customer and confirmation by Erwin, Customer will be credited 10% of that month’s monthly recurring payment. Such service availability does not, however, include regularly scheduled maintenance or any unscheduled downtime due to failures beyond Erwin’s control (such as errors or malfunctions due to Customer’s computer systems, local networks or Internet connectivity).
Approach to resilience
Daily back-up of application and database server.
RTO (Recovery Time Objective) of 24 hours.
AWS Multi-AZ to ensure database is synchronised.
Outage reporting
Email alerts.
Public dashboard in roadmap.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
There is an option within the account section of the tool, where the client administrator can allow erwin support access, to log into a client’s area and test the issue they are seeing, or test fixes once applied. This access is completely controlled by the customer and is turned off by default.
For server maintenance, a Jump server is used to access any AWS remote production environments, including connecting through a provisioning server, requiring private key access. The Jump server is locked to the corporate network ip address and the provisioning server(s) can only be accessed using the Jump server.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
British Assessment Bureau
ISO/IEC 27001 accreditation date
31/12/2017
What the ISO/IEC 27001 doesn’t cover
Scope of certification is the provision of SaaS and Hosting Services
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
ISO 27001 Standards and Procedures. Reporting structure is Senior Vice President of Products of erwin managed through the Cloud Services teams.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
All changes are raised via the support ticketing system, Zendesk, and will be added into the development tracking system. Code changes are implemented with build script - we do use automated deployment tools for code movement and roll-backs from our beta, staging and live environments. Changes are approved by Development and Product Manager before being pushed.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Vulnerability scanning tool generates reports, tested against a known database of issues. Rule sets use common vulnerabilities and exposures (CVE), center for internet security (CIS) Operating System configuration benchmarks, and security best practices.
High and Medium issues resolved as quickly as possible. Low and Informational issues worked into the normal sprint plans.
Security pack covers whole platform of solutions:
- Intrusion Detection/Prevention and hosting of agents and manager within remote environment
- Security Information and Event Monitoring (SIEM – Manage Engine EventLog Analyzer) - and the hosting of the agents and manager within the remote environment
- Quarterly vulnerability testing.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
If the advanced security pack is chosen (on single tenant environments), we utilise an IDS/IPS tooling and all events are sent to a central management console, managed by DevOps team.
The IPS software will remediate and block issues where they are found.
Any alerts will quickly be responded to and remediated by the DevOps team, depending on criticality.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Incident record is created in the Quality Log
Incident Manager assigned to co-ordinate resolution and communications . Incident manager will work with the account manager to keep the customer informed.
Issues will be escalated to Product Management and Development Management.
Escalation beyond this is to the senior management team
Customer is notified of the issue/incident and the plans to resolve it by the account manager.
Development Manager will review the issue, any knock-on effects and devise the best fix method
Change management process follows attempts at resolving the issue.
Incident Report completed afterwards detailing the cause, lessons learned.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Tackling economic inequality

Fighting climate change

As a company Sandhill identify and implement activities to reduce emissions in the performance of contracts, such as improving energy efficiency, switching to renewable energy sources, reducing waste, water consumption, promoting low-carbon transport, and offsetting unavoidable emissions.

We'll seek external verification and certification of our carbon reporting, where possible.

Sandhill have committed to the following as part of their efforts toward fighting climate change.

Environmental Awareness - POLICY STATEMENT
It is the policy of Sandhill Consultants Limited (Sandhill) to minimise the potentially significant impacts of our operations and services on the environment. We will promote sustainability and environmental awareness at all levels of decision making.

In defining our program of improved environmental performance and pollution reduction, Sandhill will:

• Comply with the letter and spirit of all relevant environmental legislation.

• Adopt a purchasing program that takes into account the environmental impact of products and services in areas of key concern.

• Implement waste management strategies that promote waste minimisation, re-use, recovery and recycling where appropriate. Where these options are not available we will ensure that our waste is disposed of in a way that minimises its impact on the environment.

• Promote efficient energy use in all areas of business activity.

• Seek to manage and reduce internal and client-facing travel.

• Ensure that our staff are aware of the environmental impacts of their work activities and encourage them through awareness raising and training to minimise those impacts.

• Pursue a program of continuous improvement of our policies and practice.

• Ensure that our policy is available for public review on request.

This policy will be reviewed on a regular basis to evaluate continued relevance and to monitor compliance and in turn look to conform with ISO 14001.

The Sandhill Policy Statement is signed off by Simon Carter, CEO.

Tackling economic inequality

Fostering wider diffusion of new technologies and building complementary capabilities in the workforce can deliver both stronger and more inclusive economic growth. Technology offers opportunities for people to acquire new skills, engage in varied livelihoods, and participate in shaping cultural norms and democracy. Ensuring marginalized communities have the necessary skills, access, and tools is essential for inclusive growth. The Introduction of new software will offer potential opportunities for training and retraining and with the use of erwin Evolve Business should result in more efficient use of architecture, business process, resources, roles and people.

Pricing

Price
£7,540 a user a year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Full access to software for 30 day trial period

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.carter@sandhill.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.