Quantum of Value Ltd.

Performalise

Performalise provides real-time insight into your Agile Teams’ performance. Visual reporting for Teams, Scrum Masters, Product Owners and senior management identifies patterns so you can optimise practises to deliver projects better, faster and safer.

Features

• Real-time reporting with Team and project level dashboards
• Predictive analytics
• Polling functionality: pre-designed or create your own
• Modern design and leading-edge techniques to encourage user engagement
• Can be tailored to specific framework and policy requirements

Benefits

• Real-time dashboards so you know your Team’s ability to deliver
• Empowers your managers to lead change
• Optimise Team composition and know-how to accelerate delivery
• Predictive analytics to highlight risks, guide and support decision-making
• Measure and improve engagement with polls and Kudos points
• Gain powerful insights with anonymous polls
• People take ownership and visualise their professional development
• Stop know-how related time drains
• Assess process maturity and adherence to policy in real-time

£1 to £12 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at josef.bacher@quantumofvalue.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

780567871892625

Contact

Josef Bacher
02070606088
josef.bacher@quantumofvalue.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Secure browsers.
• System requirements:
  • Google Chrome Browser
  • Safari Browser
  • Firefox Browsers
  • Microsoft Latest Internet Browser
  • I3, 2 Ghz or higher
  • 1280 x 1024 high colour, 32-bit
  • Ram: 4GB or Higher

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 1 working day (Mon-Fri)
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Performalise provides support services if and when required. Performalise provides Third Tier Support to diagnose the problems, will make reasonable efforts to resolving reported and verifiable errors and advise regarding best practices. ; ; P1 - Failure, severe degradation or incorrect delivery of an IT service which will impact a high number of customers.; P2 - Loss or severe degradation of business-critical IT services that have an alternative short-term workaround or is acceptable.; P3 - Minor anomaly in business-critical IT services.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The Onboarding process is designed for ease and convenience – you can be up and running in less than a week. Clients can access the in-app user guide and Help Desk throughout the duration of their contract. With the help of an Implementation Specialist, you will receive a live demonstration and guidance to configure user permissions.; ; What's Included: A dedicated Implementation Specialist for the first 90 days of your Subscription; and, the Performalise Support Team contact details.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: During the term of your subscription to Performalise services, you can access and request to extract your customer data. Customers of Performalise services can retrieve a copy of their customer data at any time and for any reason. If you terminate a Performalise subscription or it expires (except for free trials), Performalise will store your customer data in a limited-function account for 90 days (the ”retention period”) to give you time to extract the data or renew your subscription. During this period, Performalise provides multiple notices, so you will be amply forewarned of the upcoming deletion of data. After this 90-day retention period, Performalise will disable the account and de-personalise the data, including any cached or backup copies.
• End-of-contract process: Export of client data is included.; An additional cost is incurred for consulting services.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 A
• API: Yes
• What users can and can't do using the API: Access can be configured on-demand.
• API documentation: No
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Customers can add their own logo. ; Role-based permissions can be set by the Customer Administrator.

Scaling

• Independence of resources: SLA for uptime, threshold monitoring

Analytics

• Service usage metrics: Yes
• Metrics types: User metadata
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: N/a
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.5%; no user refunding
• Approach to resilience: Available on request, Amazon Web Services hosted service
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to all service interfaces (for consumers and providers) should be constrained to authenticated and authorised individuals.; Access to our cloud platforms' management user interfaces, our cloud platforms' APIs and our service desk is restricted to that limited set of named accounts.; Access to the cloud platforms’ management interfaces is protected using usernames and passwords and self-managed customers are able to choose their own passwords. User accounts are managed using Active Directory and are limited to dedicated tenancies which are not re-used. ; Multi-factor authentication is enforced.; Federated access control to our cloud platforms’ management interfaces, based is available.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Adhered to ISO 27001, ISO 9001: 2015
• Information security policies and processes: 1. Information should be classified according to an appropriate level of confidentiality, integrity and availability and in accordance with relevant legislative, regulatory and contractual requirements and policy and Regulatory Obligations). Confidential, restricted, internal use, public.; 2. Staff with particular responsibilities for information are responsible for ensuring the classification of that information; for handling that information in accordance with its classification level; and for any policies, procedures or systems for meeting those responsibilities.; 3. All users covered by the scope of this policy must handle information appropriately and in accordance with its classification level.; 4. Information should be both secure and available to those with a legitimate need for access in accordance with its classification level.; a. On this basis, access to information will be on the basis of least privilege and need to know.; 5. Information will be protected against unauthorised access and processing in accordance with its classification level.; 6. Breaches of this policy must be reported.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Service components are tracked from idea to development to deployment through live and decommissioning through a cloud based collaboration tool with a clear audit functionality.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Potential threats are identified with a range of publicly available vulnerability scans. Vulnerability issues are triaged.High priority issues are immediately analysed, resolved and deployed on the live system.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: AWS Protective Monitoring service collects events and logs from a wide variety of network devices, host systems, endpoint systems and applications or software services. ; ; It provides:; - Intrusion protection service; - Log and secure log management services; - Firewall management; - Security messaging services; - Anti-DoS (Anti-Denial of Service); ; Incidents triaged at high priority are immediately analysed and resolved.
• Incident management type: Supplier-defined controls
• Incident management approach: ITIL aligned incident management process:; Incident identification; Incident logging; Incident categorization; Incident prioritization; Initial diagnosis; Escalation, as necessary, to level 2 support; Incident resolution; Incident closure; Communication with the user community throughout the life of the incident; ; User report incidents through an integrated incident management system

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Covid-19 recovery

  Covid-19 recovery

  Performalise enables remote teams to retain and/or improve their Agile processes when delivered remotely. It broadens the knowledge and expertise that could be limited to specific roles and makes it available to all members of the team on-demand.

Pricing

• Price: £1 to £12 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: All features included for a limited period. We'd like to show you how Performalise can boost performance and your organisation’s ability to deliver. A free trial is available. No credit card or commitment required.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at josef.bacher@quantumofvalue.com. Tell them what format you need. It will help if you say what assistive technology you use.