Skip to main content

Help us improve the Digital Marketplace - send your feedback

Mosaic Island

EA Tooling - Sparx EA and Prolaborate SaaS

Sparx EA combined with Prolaborate is the most popular EA modelling toolset in the world. We offer secure cloud-hosted Sparx EA and Prolaborate based SaaS solutions that cover a wide range of requirements and budgets. Our range of subscription based solutions are suitable for organisations of all sizes and complexity.

Features

  • Cloud hosted, browser based access to Sparx EA client
  • Cloud hosted Sparx repository (private or public)
  • Prolaborate included
  • Integrations - Jira, Confluence, Sharepoint (using Pro Cloud Server)
  • Technical Support integrated with client 1st line support if required
  • User Management (onboarding and offboarding)
  • Backup/recovery services and platform operations
  • Security vetted (SC, BPSS) support team (option)
  • Managed upgrades to new SW versions
  • Solutions for small to large teams, choice of cloud provider

Benefits

  • Complete Sparx toolset offered as a single SaaS
  • Browser based access to full Sparx EA suite
  • Powered by AWS/Azure with a choice of Cloud location
  • Fully hosted solution, fully supported by Mosaic Island
  • Fully tested and managed SW upgrades - client driven
  • Fully managed service - reviews, governance, documentation
  • Choice of Sparx EA editions and Repository technologies
  • Integration with external data sources/repositories (optional)
  • Migration services (from on-premise deployment) (optional)
  • Fully secure - integrated with client SSO (optional)

Pricing

£110 to £300 a user a month

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tony.silcock@mosaicisland.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

8 1 0 2 2 6 9 6 8 6 7 6 8 2 1

Contact

Mosaic Island Tony Silcock - Head of Operations
Telephone: 07595594926
Email: tony.silcock@mosaicisland.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
We offer a choice of SLAs with different levels of Service Availability, RPO, Response and Fix times depending on your budget and needs.
System requirements
  • Internet connection required
  • Access via HTML-5 enabled web browsers

User support

Email or online ticketing support
Email or online ticketing
Support response times
We have a choice of service levels available. The specific arrangement suitable for your needs/budget will be discussed as part of the initial requirements discussion.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
We offer a choice of SLAs with different levels of Service Availability, RPO, Response and Fix times. Service credit models are also supported.

We provide clients with a single point of contact for all service related matters. Governance for small solutions is lightweight. For larger solutions, we provide formal service governance (reporting, meetings with Vendor Management etc).
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We provide access to a technical user guide as part of the deployment - this shows users how to access the toolset. We also provide instructions for adding and removing users and for setting up their access rights.

We also offer additional (separate) support services covering specific training and user guides for the tools. E.g for Enterprise Architects, Solution Architects, Business Process Modellers etc. Optionally we can also integrate onboarding/offboarding with your service desk.
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats
  • MS Powerpoint
  • MS Word
  • Confluence Wiki
  • Sharepoint
End-of-contract data extraction
We will provide the client with a full export of their repository. This will be in a format that can be readily imported into a separate deployment of Sparx EA. We can also provide an HTML based read-only version of content.
We can provide additional extracts of content in document form or as data extracts (via the Sparx API) on request.
End-of-contract process
Exit plan is maintained within contract / standard operations. Termination notice is issued. Transition plan is agreed to implement the exit plan. Artefacts and data are transferred or destroyed as required:

Offboarding of all users is included.
Provision of export of repository is included.
Provision of read-only HTML version of repository is included.
Provision of additional exports at extra cost.
Migration services to load repository into a different tool at extra cost.
Other services available at extra cost.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
No
Designed for use on mobile devices
No
Service interface
No
User support accessibility
None or don’t know
API
No
Customisation available
Yes
Description of customisation
Buyers can specify a range of platform characteristics. For example: Security (e.g. VPN, SSO etc), cloud hosting arrangements (public, private, AWS, Azure etc). Editions of Sparx EA (Ultimate, Unified etc) Size of Prolaborate user base, number of repositories, URL, and so on.

We are happy to work with clients to add support for additional integrations, companion applications, plug-ins and add-ons.
Sparx EA has an API.

We are happy to work with clients who wish to develop integrations via the Sparx API.

Optionally we can also provide integrations between our platform and other tools (e.g. CMDB, ServiceNow, LeanIX, DOORS etc).

Users can configure the desktop environment from within Sparx.
Users can configure role based access to the capabilities of the toolset.

Scaling

Independence of resources
We use AWS (Azure available) services to ensure complete segregation of each client's deployment so that it is not possible for one client to compete for the same resources as another.

Analytics

Service usage metrics
Yes
Metrics types
Included: Number of Users per month.

At extra cost - we can provide customer specific usage metrics aligned with the clients own KPIs.
Reporting types
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Sparx Systems Pty Ltd, Sixth Force Solutions Pvt Ltd

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Sparx EA provides in-built data export capabilities which can be made available to specific users or user groups via role-based configuration of the user permissions.

Export capabilities include; XMI, CSV, .EAP, and various document formats.
Data export formats
  • CSV
  • Other
Other data export formats
  • Microsoft Office Compatible
  • RTF
  • XML
Data import formats
  • CSV
  • Other
Other data import formats
  • XMI/XML
  • External integrations to data sources (CMDB, Catalogues etc)

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
This varies based upon the size of the installation (itself based on the number of content authors). We have a range of SLAs available commensurate with your needs.
Approach to resilience
Available on request.
Outage reporting
Email alerts.

Identity and authentication

User authentication needed
Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
For deployment and support/operation : Resource-level access controlled by AWS IAM.
Access restriction testing frequency
At least once a year
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
Between 1 month and 6 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 1 month and 6 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
EY CertifyPoint
ISO/IEC 27001 accreditation date
Not available - refer to AWS
What the ISO/IEC 27001 doesn’t cover
This is AWS certification. Details at:

https://aws.amazon.com/compliance/iso-27001-faqs/
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
SOC2 standards being followed, awaiting certification

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
ISO 27001 controls in line with Mosaic Island Statement of Applicability. This includes a customer security assessment completed for each engagement by the engagement lead and approved by the Head of Information Security.

We are able to support higher levels of security as required by our clients. Additional technical options exist for clients who are managing sensitive information where restrictions around data storage, transfer and access have to be tighter than those provided in a “standard” deployment.

For an extra level of security, we are able to provide a UK based support wrap comprising BPSS and SC level security cleared Mosaic Island personnel.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Change management is limited to ensuring that the latest software versions of all components are installed. For the parts of the service provided by AWS/Azure, this is handled by AWS/Azure.

Any major changes to the components comprising the service are assessed on a case by case basis and are tested prior to deployment for their potential security impacts.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Use AWS Trusted Advisor to monitor for potential vulnerabilities.

Minimise the window of vulnerability by timely application of patches from Sparx and Prolaborate.

Additional intrusion detection is available at an additional cost.
Protective monitoring type
Undisclosed
Protective monitoring approach
Underpinned by AWS and uses AWS IAM Access Analyser and CloudWatch with additional log analysis at an application level within Sparx Pro-Cloud Server.
Incident management type
Supplier-defined controls
Incident management approach
Via email or integration with client's trouble ticketing. Trouble ticketing can be provided at additional cost if needed.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

Fighting climate change

Mosaic Island recognises the importance of environmental and sustainability issues, and how these contribute to overall climate change. We therefore consider these matters in all our business decisions, ensuring we adhere to our company environmental policy, demonstrating our commitment to the wider community and clients. Remote working has a positive impact on a company’s environmental footprint and is a huge factor into why we made a permanent shift to having a remote workforce, and closing our main office which therefore brings a reduction in our individual and business carbon footprints. We prioritise the procurement of eco-friendly products and services from local suppliers, emphasising the reduction of environmental impact throughout our supply chain and ensuring that they are produced and supplied in a sustainable fashion, do not contain toxic materials, and can be recycled and/or are produced from recycled materials. We actively seek suppliers who share our dedication to sustainable practices. By collaborating with environmentally conscious suppliers, we aim to create a network that collectively contributes to the preservation of our planet. Our services prioritise energy efficiency, and we advocate for the adoption of green technologies that align with carbon reduction goals. We also work closely with our customers to implement strategies that optimise their eco systems, reducing overall carbon footprint. We have an efficient use of equipment – by keeping our surplus electronic equipment out of the landfill. At times when our business replaces electronic items, we recycle as much as possible, by holding technology auctions to our employees. All proceeds are then donated to charity. We have introduced a work cycle scheme, encouraging all our people to be eco-friendly with their transportation. In addition, we report on our carbon footprint which helps increase transparency and accountability in our supply chain.

Equal opportunity

Our Diversity & Inclusion committee is in place to ensure we are prioritising an inclusive working environment. As part of this ongoing commitment to creating an inclusive workplace and to close the disability employment gap, we ensure our entire workforce undertakes compulsory training on equality and diversity. We also make sure our hiring process is inclusive, and we ensure we include language that appeals to a wider breadth of people. We also carry out work assessments which provide a framework of questions to help understand how best to cater for our people’s needs; this provides equality to all and ensures no one feels isolated. We also make sure we use the most modern and up to date technology to create more opportunities for people without restrictions, as well as operating a fully flexible working environment which ensures restrictions such as inaccessible public transport can be avoided as an example.  We have clear policies that outline our position on equality including a statement on the prevention of Modern Slavery and Human Trafficking. These policies affirm our zero-tolerance approach and governs all our business dealings and the conduct of all persons or organisations with whom we contract directly or who we appoint on our behalf. We have compiled a supplier code of conduct which formally explains how we expect suppliers to operate, which includes relation to avoiding labour exploitation and driving equal opportunities. All our contracts require our suppliers to adhere to this policy and we will not engage with any supplier that does not. We have adequate controls in place to manage, monitor and mitigate such risks which inform us which parts of our Supply Chain or Business areas are most vulnerable. Our risk assessment is reviewed periodically and updated to ensure that our controls remain appropriate and robust.

Wellbeing

As a fully remote working organisation, it is especially important for us to combat any potential feelings of isolation and ensure our people are happy, engaged, and productive. Health and wellbeing play a large part in this and is always encouraged throughout our workforce. We conduct regular initiatives to build stronger physical and mental health, this became more apparent throughout the COVID19 pandemic where the strongest of mindsets were tested. Initiatives such as team step challenges to encourage the importance of keeping active. We also run weekly coffee mornings to ensure we communicate regularly with the team, also encouraging people to take regular breaks. We run regular initiatives for ‘mental health awareness week’, which include encouraging time spent outdoors, connecting with nature, checking in with people and taking breaks, supported by our 5 qualified Mental Health First Aiders, who act as a point of contact for all mental health and wellbeing matters. We have a Diversity/Inclusion committee which includes the topic of mental wellbeing, where monthly workshops are held. We assess risk, provide resources, promote mental wellness strategies, and evaluate the effectiveness of relevant initiatives running. Our most recent workshop was a campaign for workplace culture change called ‘bringing your whole self to work’ which empowers employees to support their own and others wellbeing.  We have active Cycle Scheme and Gym membership initiatives to encourage physical and mental health benefits.  We provide proactive support including Employee Assistance Programmes which provide access to support services including qualified, confidential guidance and counselling to ensure our people have the support needed.  All of these topics and resources are documented on our central ‘hub’ accessed by our workforce, including details of any initiatives we run, signposting to useful organisations and helpful guidance and advice on health and wellbeing.

Pricing

Price
£110 to £300 a user a month
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tony.silcock@mosaicisland.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.