IBM United Kingdom Ltd

IBM Apptio One – IT Financial Management

IBM Apptio Costing and Planning combines financial and operational data associated with IT spend in a unified model to enable faster analysis and planning. Areas of coverage and focus include financials, labor, fixed assets, vendors, infrastructure and cloud, and projects.

Features

• Unified view of IT spend for IT, Finance & Business
• Leverage industry standard Technology Business Management framework
• Ingest financial & operational data from any source via Datalink
• Automate data classification upon ingestion using machine learning
• Rationalise & optimise application portfolio
• Receive automated insights for optimisation opportunities
• Industry leading cost allocation engine
• Communicate, benchmark the cost, quality & value of IT investments
• End user self-service report creation
• In-app comments and collaboration with email integration

Benefits

• Perform application rationalization and application optimization
• Determine addressable and non-addressable spend from an application view
• Provide consumption-based allocations to the organization
• Communicate the cost and value of the products delivered
• Influence technology investment and operational spending decisions.
• Accelerate IT budgeting & forecasting
• Improve budget transparency, and increase budget accountability
• Optimize resource utilization by aligning IT resources with organizational priorities.
• Allocate personnel, hardware, and other resources to projects

£42,000 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukcat@uk.ibm.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

790459700943786

Contact

Anne-Marie Wheeler
0207 202 3000
ukcat@uk.ibm.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: IBM Apptio products integrate and work other IBM products like Targetprocess, Cloudability, Turbonomic and Instana.
• Cloud deployment model: Public cloud
• Service constraints: N/A
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: See service terms here: https://www.ibm.com/support/customer/csol/terms/?id=i126-9701&lc=en
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Thorough and recurring testing with assistive technologies
• Onsite support: No
• Support levels: Initial Response: ; ; - Critical - 30 min response time; - High - 1 business hour; - Medium - 1 business hour; - Low - 1 business hour; ; Ongoing:; ; - Critical - 1 hour; - High - 8 business hours; - Medium - 2 business days; - Low - 3 business days
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: This service provides IBM Expert Labs Services in support of the Cloud Service, during which IBM, in partnership with the Client, will engage in working sessions where configuration and enablement activities are completed. Expected duration of the service is approximately thirty (30) to thirty-four (34) weeks. Together, the IBM team and the Client will select and prioritize use cases for Apptio Costing Standard and Planning capabilities designed to enable Client to achieve the following outcomes (depending on the use cases selected): Establish IT Financial Management (ITFM) Fundamentals, Provide Data to Make Informed Staffing Decisions, Manage Asset Lifecycle Cost, Optimize Vendor Spend, Automate Planning Process, Accelerate Forecasting Cycles, Integrate Investment Planning, Identify and Categorize Applications and Services, Rationalize your Portfolio, Optimize Application Costs, Optimize Application TCO, Track Business Unit Consumption; ; Deliverables:; • Mutually agreed upon Project Plan; • IBM Apptio Costing and Planning solution configured to support the Costing Standard and Planning capabilities agreed upon in the Use Case Alignment activity.; • Automate ingestion for up to fifteen (15) data sources via standard Datalink Connectors; • Standard reports configured with Client-provided data to support the agreed upon use cases; • Online product documentation; • In-Product Operational Runbook; • Summary and RecommendationsReport
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Deletion and Return of Content; • If requested prior to termination or expiration of the Cloud Service, IBM will return a copy of Content that is accessible to IBM within a reasonable period and in a reasonable format. IBM will delete the Content at the end of the period specified in the 'Duration of Processing' Section above.; • Client may also request removal of Content at any time prior to termination or expiration of the Cloud Service.; • Where IBM stores Client Personal Data, as part of the cloud service, IBM hereby certifies that all Client Personal Data are deleted at the end of the retention period specified in section
• End-of-contract process: Deletion and Return of Content; • If requested prior to termination or expiration of the Cloud Service, IBM will return a copy of Content that is accessible to IBM within a reasonable period and in a reasonable format. IBM will delete the Content at the end of the period specified in the 'Duration of Processing' Section above.; • Client may also request removal of Content at any time prior to termination or expiration of the Cloud Service.; • Where IBM stores Client Personal Data, as part of the cloud service, IBM hereby certifies that all Client Personal Data are deleted at the end of the retention period specified in section ; • IBM may charge for certain activities performed at Client's request (such as delivering Content in a; specific format).

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Apptio provides three sets of APIs :; • Apptio Platform API – Supports automation of uploading and downloadingdata from Apptio applications; • Frontdoor API – Supports automation of user account management tasks; • DataLink API – Supports automation of DataLink connector execution andmodification of connector settings
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: There is capability to customise reports and insights inline with users needs.

Scaling

• Independence of resources: Each user has an independent instance and is not affected by other users.

Analytics

• Service usage metrics: Yes
• Metrics types: IBM calculates cost and utilisation metrics that include: total cost ofownership, average actual unit cost, price, over-under cost recovery, monthlyvariance to budget, cost trends over time, asset utilisation metrics, efficiencyunit cost, benchmark by cost pool, benchmark by IT resource/service tower,data quality, cost allocation quality. Customers can also create additionalcustom metrics using the product e.g. data center power efficiency (PUE),ROI, NPV, IRR.
• Reporting types:
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: API and regularly export capability.
• Data export formats:
  • CSV
  • Other
• Data import formats:
  • CSV
  • Other
• Other data import formats: Datalink connectors

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: '- IBM, its affiliates, and contractors of either, will access and use the Content solely for the purpose of providing and managing the applicable IBM Cloud Service or other Services.; - IBM will treat Content as confidential by only disclosing to IBM employees and contractors to the extent necessary to provide the IBM Cloud Services or perform other Services.; - IBM Data Security and Privacy Principles (DSP), at http://www.ibm.com/cloud/data-security, apply for generally available standard IBM Cloud Services and other Services.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: If the System Availability during any given month falls below 99.5% and Subscriber requests an SLA Credit, Apptio will provide Subscriber with a SLA Credit equal to 2% of the monthly subscription fee. If below 99%, the credit is 5%. If below 95%, the credit is 10%.
• Approach to resilience: We follow best practices outlined by the certified standards listed above
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Other
• Other user authentication: The application stores passwords within the database using a one-way computationally-intensive hashing algorithm; it is not based on a symmetriccipher. Customers are given an administrator account which allows them to manage and create additional accounts and roles for other members of their team. If Single Sign-On is used, then customer account authentication will be handled by the customers identity provider using SAML 2.0. The application’s roles can be mapped directly to an assertion based role in the identity provider configuration (ie using security groups). The solution is extremely flexible and can support many types of custom configurations.
• Access restrictions in management interfaces and support channels: In accordance to best practices outlined by the certified standards listed above, IBM takes commercially reasonable measures in compliance with best industry practices to prevent disclosure or dissemination of Subscriber Data to any person not having a need to know of or access to such information. IBM maintains access controls and policies to manage access from each network connection including the use of firewalls or functionally equivalent technology. Least privilege‐based authentication and authorization controls are maintained and periodically reviewed to ensure that access can only be granted to IBM personnel whose function and/or duties justifies such access.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Schellman
• ISO/IEC 27001 accreditation date: 15/6/2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 30/11/2021
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: N/A
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • SOC2 Type II Report and SOC3 Report
  • FedRAMP Certification
  • General Data Protect Requirements (EUGDPR)
  • California Consumer Privacy Act (CCPA)
  • EU-US Privacy Shield
  • ITIL Alignment

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: • ISO 27001; • CSA STAR Level 1 (Self-Assessment); • FedRAMP Moderate Impact Level; • SOC2 Type 2; • SOC3
• Information security policies and processes: • ISO 27001; • CSA STAR Level 1 (Self-Assessment); • FedRAMP Moderate Impact Level; • SOC2 Type 2; • SOC3

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We have specific individuals who are designated as “custodians” over customer data. Our asset management program includes critical assets, asset ownership and critical supplier relationships. Our asset tracking processes allows our company to track what assets, who owns, where each is located,who has it, when it was checked out, when it is due for return, when it is scheduled for maintenance, and the cost and depreciation of each asset.Basic mechanisms for label inheritance are implemented for objects that act as aggregate containers for data where applicable. (Subfolders will retain permissions/settings of parent folders).
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Vulnerability Assessments & Penetration Testing: We regularly assess our systems and applications for vulnerabilities using industry-standard tools. ; ; We subscribe to threat intelligence feeds to stay informed about emerging cybersecurity threats.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Security Incident Monitoring: We continuously monitor our systems for suspicious activity that might indicate a security breach.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: IBM team is alerted automatically by its monitoring services and appropriate operations and development personnel are paged within seconds of a failure or anomaly detection in any service component. These cloud services are built to be resilient to failure with load balancing and re-routing of transactions through redundant service roles deployed at each layer of the topology. These services are actively monitored on a real-time, 24x7 basis. Any service interruption or degradation of service is reviewed internally and improvements made to target faster Time-to-Detection, Time-to-Mitigation, and Time-to-Heal as part of the regular rhythm of operating the service.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  IBM are committed to achieving net zero greenhouse gas emissions globally by 2030. On this path, IBM are on track to have reduced; greenhouse gas emissions by 65% (against 2010 base) in 2025, and 75% of our global electricity consumption will be from renewables by; 2025. The IBM UK Carbon Reduction Plan (CRP) is published annually in which we report progress in achieving Net Zero; most recent in; September 2023.; In fulfilling our responsibilities under our contracts, our staff operate in line with our IBM Environmental Policy and implemented through; our worldwide Environmental Management System (EMS), which covers objectives including achieving our net zero greenhouse gas; commitment, reduction in water use, reduction in waste going to landfill, creating green space, enhancing the natural environment and; improving air quality. Local initiatives are in place around IBM and client’s locations, promoting e.g. shared or zero-carbon travel, various; cycle-to-work and car-share initiatives/incentives as well as environmentally focused volunteering.; To influence staff, suppliers, customers and communities through the delivery of the contract to support environmental; protection/improvement, we include Social Responsibility and Environmental Management requirements in subcontracts and encourage; staff to work with the wider teams on improvements. In some locations, an ‘Environmental Business Resource Group’ promotes Green; sustainability, also through community-based activities.; In 2020 IBM launched the ‘responsible.computing’ initiative, which addresses modern computing challenges and integrates aspects of; sustainability, climate, ethics, openness, privacy, and security. We assess proposed technical solutions against efficient energy usage.; IBM began detailed tracking and monitoring of our environmental footprint in 1990 - being forthright and transparent in our impact long; before it was fashionable or required. We have made significant improvements over the last 30 years and will continue to report; transparently on impacts and progress, using ‘Sustainable by Design’ framework and tools such as CO2 Emissions-Estimator and/or Envizi

  Covid-19 recovery

  We have continued promoting initiatives created to support COVID-19 recovery aimed at both communities and our/partners’ workforce.; To help local communities manage and recover from the impacts of COVID-19 IBM have created employment and re-training; opportunities. IBM provided a free, fully online offering called SkillsBuild Reignite, tailored for job seekers, and those needing to grow their; digital skills. Once an initial 30-hours of online learning was completed, Reignite offered free one-on-one coaching, seminars and; facilitated discussions from IBM volunteers.; IBM encourage our staff, suppliers, and customers to support our local communities through IBM Community Engagement Portal. The; IBM.org Volunteer’s Portal manages over 1.3 million hours of volunteering by IBM employees. IBMers are allowed to make a charitable; contribution of £7 for every hour of volunteering to their chosen charity.; We support our extensive ecosystem of external SME's managing/recovering from the impacts of COVID-19. IBM has invested to help; reduce barriers to entry that may preclude participation in delivery by SMEs. This could relate to financial standing, ability to accept risk,; invest in bids, or ability to supply sufficient volumes of resources.; We have had several initiatives to support staff with the impact of the COVID-19 and extended those initiatives to clients/partners. Mental; health support has been available at all times to all of our staff and their families, and we have trained volunteering staff as mental health; first aiders, with programmes in place to tailor a gradual return to work e.g. following illness.; IBM reimagined many of our workplaces and policies to support COVID-19 recovery. We have implemented our Work from Home Pledge; & Hybrid Working Pledge for all staff, which ensures we establish and respect new boundaries and support each other in this new way of; working and living. IBM continue promoting an ongoing Hybrid working approach

  Tackling economic inequality

  IBM invest to understand of the causes and effects of inequality. We run multiple initiatives to attempt to level opportunity, focused on; our stated social-responsibility goal to support education and skills development in Science and Technology, with a specific focus on those; who may not otherwise be attracted, or have the opportunity, to develop those skills.; The ‘IBM Ignite’ scheme, a national Movement to Work programme, offers vocational traineeships and work experience to disadvantaged; youth unemployed. Together with City Gateway, our London charity partner, IBM offer 2-week, onsite, workplace programmes to break; the cycle of ‘no work experience, no job’.; IBM are proud to have created skillsbuild.org. This is a global programme, and for the UK offering IBM have partnered with ACH.org.uk, a; social enterprise working to resettle refugees through labour market and social integration, City Gateway, a London charity working with; disadvantaged young people, women and families in deprived areas to build skills and ambition, and SaluteMyJob, a charity creating; opportunities for ex-Servicemen and women under the armed forces covenant. The SkillsBuild programmes offer training, in-person; support, credentials and opportunities to put the learning into practice. In addition to the direct training through charity partners,; SkillsBuild is now also available free to all online. The SkillsBuild training gives recognised qualifications to those searching for employment; in a digital economy. In addition, the programme gives job-search skills, teaches agile methods and design thinking, and has specific; training in growing IT fields, such as cybersecurity, big data, artificial intelligence.; IBM UK employ around 100 school-leaver apprentices every year. Our award-winning programme offers apprenticeships ranging from; Level 3 to Level 6, with all apprentices employed as permanent employees from Day 1. We also launched Early Professional Affiliates; Hiring programme enabling us to further acquire talent from underrepresented groups

  Equal opportunity

  In 1942, IBM hired blind psychologist Michael Supa to create a programme for hiring and training people with disabilities. Supa then; worked in IBM institutionalising disability representation and equality for 37 years, and 80 years after he was hired IBM continue to lead in; Accessibility, Inclusive hiring, and Representation to reduce the disability employment gap. The Accessible Workplace Connection portal; makes it easy for managers to accommodate IBMers who consider themselves to have disabilities, and all recruitment activities are; accessible and open. IBM support all employees in training and developing new skills relevant to them, with at least 40 hours of structured; training required every year; called THINK40. The training can link to recognised, external qualifications, building skills relevant to the; contract. IBM is accommodating of those with additional needs, ensuring all training is inclusive.; IBM believes that a diverse and inclusive work environment drives higher quality delivery. We have created employment/training; opportunities for those with protected characteristics in the UK since 1912. Our 300+ employee-led communities support ethnic; minorities, neurodiversity, LGBTQ+, females, veterans and more through regular events within their communities. Every IBMer completes; regular mandatory Diversity & Inclusion training, including on unconscious bias. Based on 2022 survey nearly 9 in 10 IBMers felt; comfortable being themselves at work with ~5,000 more recommending IBM as a great place to work. IBM run a “BeEqual” campaign and; programmes, with tens of thousands of employees making a BeEqual pledge of allyship to colleagues from minority groups and 6000; IBMers globally are certified as LGBT+ Allies, with 90+ events across UK and Ireland in 2023 focusing on inclusion, with approximately 3.5K; attendees. IBM have a culture of promotion and recruitment aiming to addresses workforce inequality for all to have the opportunity to; fulfil their potential

  Wellbeing

  IBM has an advanced Health and Wellbeing Programme, recognising the criticality and benefits of a healthy and supported workforce. A; wide-ranging Employee Assistance Program is provided confidentially to all employees 24/7, at no cost to them, backed up by medical; insurance with annual health assessments available. IBM operate a Mental Health First Aid Programme, with over 200 qualified mental; health first-aiders volunteering in the UK. These colleagues make themselves approachable as a first step. IBM UK have Disability; Confident Level 2 status, winning in 2023 UK-IT-Industry Award – DEI and in 2021 the Best Employer for Diversity and Inclusion award from; WM UK, due to the broad focus on D&I throughout the pandemic, including hidden disabilities and neurodiversity. IBM has a global; neurodiversity hiring program (ND@IBM).; In the new model of home/hybrid working, various initiatives have been created to maintain and improve both mental and physical health; when working remotely. The IBM Working from Home Pledge includes commitments to take time out for yourself, and to check-in; regularly on colleagues. It was recognised that working alone can be challenging for some, and regular sessions, support programmes and; training in place to keep people connected. Managers have undertaken training to recognise those struggling and have tools of early; support. A “2020 health challenge” was taken up by 20% of the permanent employee population, with 69% of participants reported being; less stressed, 74% exceeded 10,000 steps a day. We continue organising ‘Exercise challenges’ on miles walked/weight loss linked to e.g.; World Heart Day. Ergonomic equipment to create a better working-from-home environment is available to all.; Within projects/programmes, and as part of contract delivery, IBM seek to make these various initiatives available to joint team of; staff/suppliers/customers and communities. Project and colleague-based support and health initiatives are expanded where possible to; all

Pricing

• Price: £42,000 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: IBM supports a limited scope/time 28 day free trial. The trial will include software and depending on the scope support from our consultants tohelp deliver against the agreed scope/success criteria. Outputs will typically include: delivery against the agreed success criteria, recommendations and cost savings/business case inputs.
• Link to free trial: https://www.apptio.com/schedule-demo/

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukcat@uk.ibm.com. Tell them what format you need. It will help if you say what assistive technology you use.