Skip to main content

Help us improve the Digital Marketplace - send your feedback

NTT DATA Business Solutions (UK) Limited

NTT DATA Business Solutions – SAP Signature Management by DocuSign for Spend Management

SAP® Signature Management by DocuSign enables secure e-signing and management of documents online from any device. With an e-signature solution, any signing process is fast, straightforward, compliant, and secure, so you can digitally transform your business while enhancing the user experience.

Features

  • Integrate Digital Signature in the Contract Lifecycle
  • Secure e-signing and management of documents online from any device,
  • Reduce turnaround time from days to minutes
  • Supports e-Signing in SAP Ariba procurement solutions and SAP Fieldglass
  • Collect any number of signatures per process
  • Save time and go ink and paper free
  • Supports international and regional digital signatures
  • Optional add-on for 21 CFR Part 11 regulation
  • Supports EU eIDAS regulation eSignatures: Standard, Advanced, and Qualified

Benefits

  • Improved Contract Execution: contracts routed, signed, returned online seamlessly
  • Signed by departments, customers, partners, suppliers, and employees
  • Signatures in minutes, not days
  • Supports all Ariba contract types
  • Save the world’s forests

Pricing

£455.40 to £855.60 a unit a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at philip.newman@nttdata.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

7 8 8 3 5 9 1 0 8 8 4 6 2 6 3

Contact

NTT DATA Business Solutions (UK) Limited Philip Newman
Telephone: 07554555951
Email: philip.newman@nttdata.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
SAP Ariba Solutions and SAP Fieldglass
Cloud deployment model
Public cloud
Service constraints
Refer to current DocuSign service level agreements
System requirements
  • Modern HTML5 compatible web browser
  • Internet Connection
  • Access to the cloud service URL via any corporate firewalls

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response times based on priority of the incident raised. Initial response times based on priorities outlined below.
P1 – IRT: within 1 hour of case submission
P2 – IRT: within 4 hours of case submission
P3 – IRT: within 1 business day of case submission
P4 – IRT: within 2 business days of case submissio
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
No testing undertaken with assistive technology users.
Onsite support
Yes, at extra cost
Support levels
SAP Software Enterprise Support is included in the subscription fees outlined for this cloud service.

Additional support levels can be provided at additional cost.

SAP Preferred Success is an enhanced support offering provided by SAP over and above Enterprise Support. See separate Lot Listing for details.

NDBS can provide a fully tailored application and technical management support service having been providing support services to the SAP community since 1989, unique in the market. A global SAP certified partner, we offer the benefit of global capabilities with local presence.

Global SAP PCoE Certification which ensures adherence to standards set by SAP. NDBS are ISO9001 and ISO27001 certified providing assurance of quality for our flexible support models that are flexible to demands from the customer.

See separate Lot 3 Listing ‘NTT DATA – SAP Cloud Support Services’ for pricing details.

Governance of the service is provided by an assigned NDBS UK Service Delivery Manager, providing governance across all areas of the service including service management, incident and change management, continual service improvement and customer satisfaction.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
For new customers to SAP, onboarding to the service is generally undertaken as an activity during an implementation project, where the SAP application is personalised to the customer.

Skills transfer is provided through a combination of
- in-project coaching,
- structured self-learning through the SAP Learning Hub,
- on-line help within the application
- SAP Best Practice set-up and test scripts
- Click-thru tutorials available from within the application
- Other application specific learning tools.

Full documentation for the service is available on-line to customers once subscribed.

Additional training can be provided through the implementation process, such as classroom training, at additional cost.
Service documentation
Yes
Documentation formats
  • HTML
  • Other
Other documentation formats
  • On-line help within the application
  • SAP Best Practice set-up and test scripts
  • On-line help at help.sap.com
End-of-contract data extraction
Not Applicable. No data is stored by this service.
End-of-contract process
It is the customer responsibility to extract the data prior to the contract termination. The tools for the extraction are included in the subscription for the application.
At the end of the agreement, SAP will delete the customer data remaining on servers hosting the cloud service, unless applicable law requires retention.

Where a customer requires additional support from SAP or a partner for the data extraction then additional costs will apply.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Supports signatures on mobile devices and laptop/desktop computers.
Service interface
Yes
User support accessibility
WCAG 2.1 AA or EN 301 549
Description of service interface
SAP utilises a Web Based interface for end-user interactions with the software.

The SAP web-UI provides rich content to the user, enabling them to complete their activities effectively and efficiently, and providing an engaging blend of transactional and analytical content.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
N/A
API
Yes
What users can and can't do using the API
SAP offers a comprehensive set of standard APIs to support both inbound and outbound integrations with both SAP and non-SAP applications.

APIs generally support Create, Read, Update, and Delete (where appropriate).

Full API documentation is available on-line for customers at api.sap.com, which also provides a “test harness” capability for trialling the API.

Separate Dev and Test tenants support the testing of configuration, enhancement and integration, including the use of the APIs.
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Number of signatures & signatories can be configured per contract type.

Scaling

Independence of resources
This service is executed by DocuSign as a 3rd Party. Solution performance SLAs are aligned to the SAP product with which the service is being used.

Analytics

Service usage metrics
Yes
Metrics types
Service Usage is monitored at the user access level for license compliance purposes. Available service metrics are available to subscribers of the service from the SAP portal (SAP for Me) via Real-time dashboard.
Reporting types
  • Real-time dashboards
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
SAP

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Other
Other data at rest protection approach
All data at rest is encrypted and uses the primary encryption algorithm FIPS 197 (AES) standard. The AES-256 standard is recognized globally as the current standard for cryptography. SAP typically manage the encryption keys on behalf of customers. There is a roadmap item for customers to 'Bring your own Keys', planned for 2024.
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Not Applicable. No data is stored by this service.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
Connectivity between all clients, whether as part of the customer network or remote is provided over HTTPS, and supports TLS 1.2 / 1.3. Additional Access controls can be put in place to limit the connectivity via IP / Network range
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
SAP encrypts end-to-end data in transit with TLS 1.2 and Data at Rest with AES-256-bit encryption. SAP manages cloud networking within the SAP S/4HANA cloud, public edition setting up trust boundaries, there is built-in network level DDOS protection enabled

Availability and resilience

Guaranteed availability
Standard availability service level for this service is 99.7%

The service credit will be 2% of the Monthly Subscription Fees for the affected subscription-based Cloud Service or the monthly Cloud Credits (as defined in the Order Form) consumed for the affected consumption-based Cloud Service, for each 1% below the System Availability SLA, not to exceed 100% of the fees paid or Cloud Credit consumed by the Customer for the relevant Month for the affected Cloud Service

Downtime is defined as Total Minutes in the Month during which the production version of the Cloud Service is not available, except for Excluded Downtimes.

Excluded Downtime is defined as the Total Minutes in the Month attributable to a Maintenance Window; or any Major Upgrade Window for which the Customer has been notified at least 5 business days in advance; or unavailability caused by factors outside of SAP’s reasonable control, such as unpredictable and unforeseeable events that could not have been avoided even if reasonable care had been exercised.
Approach to resilience
SAP designs its services and supporting data centre architecture to be highly resilient, providing minimum availability to the end user of 99.7% as standard. Data Centre resilience measures are available on request, under NDA.
Outage reporting
Outage information is published and available to SAP customer in the SAP Trust Centre via the SAP for Me Customer Portal. This provides visibility and details of both current and historic availability, for each SAP application.

Email alerts for planned and unplanned system availability impacting events are also issued to subscribers of the affected applications.

Identity and authentication

User authentication needed
Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
Support staff require a User ID and Password for the customer specific instance of the service, which remains under control of the customer at all times. System access by user ID is auditable.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
MSECB
ISO/IEC 27001 accreditation date
21/12/2023
What the ISO/IEC 27001 doesn’t cover
Statements of Applicability are available on request
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
  • ISO 9001 - Quality Management System
  • ISO 27001 - Security Management System
  • ISO 22301 - Business Continuity Management System
  • ISO 10012 - Personal Information Management System
  • ISO/IEC27018 – Code of Practice for Personally Identifiable Information
  • ISO/IEC27017 – Code of Practice for Cloud Service Information Security

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
SAP are certified according to the following security policies:

ISO 9001: Based upon quality management principles including strong customer focus and with the involvement of top SAP management with the ultimate goal of continual improvement.

ISO/IEC 27001: Provides a holistic, risked-based approach to security and a comprehensive and measurable set of information security management practices.

ISO 22301: Protects business operations from potential disruption, i.e. extreme weather, fire, natural disaster, theft, IT outage, and more.

BS 10012: Includes employee security awareness training, risk assessments, data retention, and disposal.

ISO/IEC 27018: Guidance for cloud service providers to protect personally identifiable information (PII). Supports ISO/IEC 27001 by recommending information security controls for protecting personal data in the public cloud.

ISO/IEC 27017: Codes of practice for information security controls for cloud services. Supports ISO/IEC 27001 by providing guidance on cloud-specific information security controls.

Further information available upon request or can be accessed at www.sap.com/corporate/en/company/security.html

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
All processes/policies are defined following industry standards. The majority of these are internal and are audited in our SOC2 audit, which is undertaken twice a year and available to customers on request. Most products within the SAP suite will have at least a non-production and production environment. The production environment is locked down for direct changes, so configuration/code changes must be completed in non-production, tested and release prior to being moved to production. A full audit log is available of all changes created. This will typically have a 3-system landscape, segregating development, test and production capabilities.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
SAP’s vulnerability management program monitors the cybersecurity emergency response (CERT) advisory services. A CERT advisory is an alert that provides information on discovered vulnerabilities. SAP uses the Common Vulnerability Scoring System (CVSS), for assessing the severity of computer system security vulnerabilities. CVSS assigns severity scores to vulnerabilities, allowing responders to prioritise responses and resources according to threat. Vulnerabilities are communicated to the responsible LoB/business unit on a regular basis, where an implementation plan is created, based on the level defined on the CVSS rating. Scanning is carried out on a weekly basis as well as regular proactive security patching.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Scanning and monitoring is completed on a regular basis, the Vulnerability Advisory Services (VAS) team is responsible for monitoring vulnerabilities and providing the criticality and priority rating in alignment with the LoB/business units. Additionally, VAS is accountable for publishing/updating SAP CERT notifications, or SCNs, for all relevant vulnerabilities containing the latest criticality and priority rating. Each day, VAS ingests the daily NIST vulnerability feeds and monitors software vendors’ Web sites relevant to SAP’s environment to identify new vulnerabilities. SAP will identify vulnerabilities that may not have a Common Vulnerabilities and Exposures (CVE) designation, with responses aligned to the CVSS.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
All processes and policies are defined following industry standards. Most of these are internal and audited in our SOC2 audit which is made twice a year and available to the customer.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

NTT DATA established the Climate Action Committee (now the Green Action Committee) to lead our climate change initiatives. In October 2021, we created the Green Innovation Office with a focus on advancing green innovation. We are an active steering member of the Green Software Foundation, which is committed to continuous emissions reduction within the ICT industry.
NTT DATA aims to achieve net zero for direct and indirect emissions from its own operations for data centres by 2030, the entire company including offices and other facilities by 2035, and its entire supply chain by 2040, with an immediate aim to reduce GHG across the organisation by 50,000 tons by 2025.
One of these initiatives is our “Work Where It Works” scheme, which gives employees more freedom over their work location. This has reduced the proportion of time our staff spend in office locations which, in turn, has reduced the carbon emissions associated with business travel and employee commuting which are our two biggest contributors to our carbon footprint.
A second initiative we offer is a subsidised electric car scheme and preferential deals on electric vehicles to encourage employees to switch from away from diesel and petrol vehicles to an all-electric vehicle.
We operate our “One Day, One Tree” campaign, where we provide a tree planting donation every quarter, with a seedling planted for each recorded day in UK consulting. Over the last 2 years, we have we donated 101,833 trees to 7 different international projects, ultimately absorbing approx. 2,036 tons of CO2 every year.
We analyse our carbon footprint annually and report our results publicly via the SECR (Streamlined Energy ad Carbon Reporting) and ESOS (Energy Savings Opportunity Scheme). We action any recommendations from the consultancies involved in the audits.

Covid-19 recovery

Prior to the pandemic, NTT DATA were already ahead of their competitors in terms of flexible working. Post pandemic, this commitment has been recognised by NTT DATA, and remote/flexible working has become our new norm through our “Work Where It Works” initiative, which ultimately allows all employees more freedom over remote and hybrid working.
During the pandemic, strict Health and Safety protocols were implemented and maintained in all NTT DATA office locations, including regular sanitisation, social distancing measures and access to testing and vaccination information. Whilst these have eased post pandemic, there is still a firm focus on making every NTT DATA office a safe and welcoming place to work.
Our people are at the heart of everything we do, and it was vital, both during and post the pandemic, to find ways to keep employees engaged and connected, even if they are working remotely. NTT DATA host regular formal and informal get-togethers across business units, with each team having their own informal weekly team meeting, and monthly check-ins between employees and line managers to ensure wellbeing.
Furthermore, the pandemic had a significant impact on mental health, which NTT DATA have responded to by providing mental health support, such as mental health first aiders and counselling services to help employees cope with stress and anxiety.
NTT DATA continuously monitor the World Health Organisation for updates and new guidance, and subsequently follow a defined process for implementing and communicating any changes throughout the organisation. The leadership team also take the WHO status into consideration whilst reviewing and adapting business operations based on the current situation and forecasts, and in preparing comprehensive contingency plans that outline steps to be taken in case of future/similar disruptions.

Tackling economic inequality

NTT DATA have implemented various practices to promote fair treatment and opportunities for all, helping to tackle economic inequality.

NTT DATA ensure all employees receive not only a competitive salary, but comprehensive benefits which support financial stability, including healthcare, pension schemes and paid leave.
We recognise and value talent and offer clear career development pathways which are accessible to all employees, regardless of their level within the company. To help maximise employee’s potential and improve employability, NTT DATA provide a range of training and further education, including enrolment in one of the top business schools and mandatory CPD hours. We also encourage employees to volunteer their time and skills with organisations tackling economic inequality issues. This fosters social responsibility and connects the company to the needs of the community.
Additionally, in line with our DEI policies, NTT DATA are committed to diversity and inclusion in hiring by reaching out to underrepresented groups, using unbiased recruitment tools (and delivering unconscious bias training), and creating an inclusive workplace culture that values different perspectives.
NTT DATA strive to maintain sustainable business practices and ultimately reduce environmental degradation, which disproportionately affects low-income populations.
This extends to ensuring we operate responsible supply chains, working only with ethical suppliers and partners who adhere to fair labour practices, pay fair wages and provide safe working conditions

Equal opportunity

NTT DATA is an equal opportunity employer and is fully committed to a policy of treating all employees and job applicants equally.

We have a zero-tolerance approach to any form of behaviour which leaves an employee feeling discriminated against, bullied or harassed and we will treat any complaints of this nature seriously. Discrimination, bullying or harassment based on protected characteristics is not tolerated at NTT DATA under any circumstances.

Gender equality and diversity are issues of major importance to NTT DATA, and we believe that DEI is indispensable for the development of our company, and it is clearly stated in the NTT DATA Group Code of Conduct.
Staff diversity is promoted at all levels of the organisation by several measure and activities, including a variety of networks within NTT DATA that were created to promote a safe space for minorities to connect with their peers across the organisation, including:
• Women in Business
• Fathers Network
• LGBTQ+
• Family & Co
• Dis-/Ability
The Women in Business initiative, as an example, if part of a wider strategy geared at NTT DATA increasing the percentage of positions held by women within the organisation. Currently, this sits at 31.05%, with a view to increase this to 33.33% by 2028. In addition, NTT DATA strive to have women make up no less than 20% of the Global Leadership team within the same period.
In order to achieve this, NTT DATA offer a number of programs to support young women in the workplace, along with flexible working and enhanced family-friendly policies, along with the unwavering commitment to recognise, nurture and promote talent, regardless of age, gender, race, disability and/or sexual orientation.

Wellbeing

In 2024, NTT DATA was one of the only 17 organisations to be recognised as a Global Top Employer, for our outstanding People policies and practices worldwide, by Top Employers Institute.
Achieving this award is a testament to the priority NTT DATA put on the wellbeing of our people.

NTT DATA recognise the importance of work/life balance, and in giving employees flexibility, which is reflected in our “Work Where It Works” policy previously referenced, and our “Free Friday” initiative, which sees every employee in NTT DATA eligible for 12 days leave in addition to the standard annual leave entitlement, in the form of one Friday off every month.
NTT DATA also partner with Help@Hand to offer total health and wellbeing support for employees and eligible family members, via their app, which includes:
· 24/7 Helpline & Remote GP
· Mental Health Support
· Physiotherapy
· Financial & Legal Support
· 360 Wellbeing Scoring & Guidance
· 1-2-1 Lifestyle Coaching
· Special offers to support everyday finances

We also have a dedicated fit-solutions team, who are tasked with coordinating virtual and in-person events for all NTT DATA entities, with annual events such as:
· World Health Day
· NDBS Soccer Cup
· International Yoga Day
· World Mental Health Day

NTT DATA recognises that for some, wellbeing is found through charity work, and therefore we foster an environment that supports employees involved in charitable causes, with paid days off for charity work, options to be involved in global/company outreach programs, and of course, support of our own employees fundraising activities.

Pricing

Price
£455.40 to £855.60 a unit a year
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at philip.newman@nttdata.com. Tell them what format you need. It will help if you say what assistive technology you use.