Konica Minolta Business Solutions (UK) Ltd

Forms Management - Nintex

Nintex Workflow Cloud - Forms Management streamlines paperwork for the public sector, saving time and money. Imagine creating online forms for everything - permit applications, license renewals, or service requests.

Features

• No code development
• Workflow
• Approvals and Tasking
• Data Processing
• Mobile Support
• Forms
• Logic
• System Integration
• Single Sign-on
• Dashboards

Benefits

• Quickly develop simple to design powerful workflows
• Build complex forms with an easy drag and drop designer
• Communicate between business systems
• Secure 3rd party integration
• Full mobile support
• Powerful system integrator
• Smart task management
• Automate simple processes quickly
• Easy to learn and maintain
• Remove the need for developers

£21,175.00 an instance a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidsandtenders@konicaminolta.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

874599617581022

Contact

Andy Cornish
01268 534444
bidsandtenders@konicaminolta.co.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Any services or software that can be surfaced via API using our powerful extensions system, We can also connect to on-premise platforms via a secure gateway.
• Cloud deployment model: Public cloud
• Service constraints: There are no service constraints.
• System requirements:
  • Supported client operating systems include; Windows 10, Windows 11
  • Supported web browsers include; GoogleChrome, MozillaFirefox, MicrosoftEdge and Safari

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support is provided Monday to Friday during standard business hours, and in accordance with the customer service agreement
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Support structures; ; 1st Line Support: They're the first point of contact for users, handling common issues like password resets or printer problems. They escalate unresolved issues.; ; 2nd Line Support: Equipped with deeper technical expertise, they tackle issues beyond 1st Line's capabilities. They diagnose and resolve complex problems.; ; 3rd Line Support: Specialists with in-depth knowledge, they handle highly complex problems often involving infrastructure or application expertise. They may also collaborate with vendors for external support.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: A users confidence in using the solution is key to the adoption of the investment, therefore, we provide extensive training to help build knowledge and confidence. This training is packaged relevant to the customers requirements and can be in the form of on-site or remote training, as well as train-the-trainer and end user documentation
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Customer data can be exported together with the metadata, ready for import into another ECM solution
• End-of-contract process: Customer data is stored in the solution in the native format of the specific document. As a result, if a customer chooses to leave the solution, data can be exported to an encrypted hard drive with an index file included so it can be easily imported into another system, if so desired. Customer data will be deleted permanently after the contract ends. There will be an additional cost if the customer requires us to undertake this service.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile interfaces are used primarily by users to access Documents, Forms, and Workflow tasks, while the Desktop Clients provides a more feature-rich interface for power users in order to configure the solution.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The solution provides an interface for point-and-click configuration of all major system components. This interface allows an administrator to accomplish the tasks of defining and administrating major system components. This limits the need for heavy IT involvement when introducing additional functionality into your solution.; .
• Accessibility standards: None or don’t know
• Description of accessibility: N/A
• Accessibility testing: The vendor is continuously researching the applicable requirements of the Web Content Accessibility Guidelines (WCAG) and striving for Level AA conformance. The product suite is a diverse solution; however, it cannot provide every interface with conformance to WCAG standards due to the nature of certain modules, such as Imaging, Capture, and Import Processors. For the end user, the solution has provided the Voluntary Product Accessibility Template (VPAT) for the Client and web client
• API: Yes
• What users can and can't do using the API: The solution provides robust API options and functionality through a variety of APIs. Which API is used will depend on your specific integration needs. ; These include: enable custom solutions to work with content, including the ability to store, query, retrieve and modify documents, including keywords. Additionally, solutions can be designed to retrieve workflow lifecycles, queues and items, and execute non-interactive tasks.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Certain areas of the user interface can be customised by the user (for example search results) and the ability to add customer names and logo.

Scaling

• Independence of resources: As the solution is based on a private cloud, the expected usage and scaling are included in the design of the solution to allow for peak usage

Analytics

• Service usage metrics: Yes
• Metrics types: Service metrics are specific to each customer and reports are created for specific use cases.
• Reporting types: Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Nintext

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Other
• Other data at rest protection approach: CSA CCM v. 4.0.1 in Partner Trust centre
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data can be extracted into CSV
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Our Datacentres that hosts the IT infrastructure for our service which guarantees 99.95% up time. Our technology can have several configuration options of its micro services and Access Point components which can be outside of our Hosted environment. Due to the architecture flexibility, guaranteeing the application availability cannot be done as there may be micro-services or access point components that are utilised outside of our control. Please be assured that High Availability is built in the hosting infrastructure and application architecture that typically will deliver above 99.95% availability from a software service perspective.
• Approach to resilience: Our service has been designed with high availability in mind. We use a load balancing technology combined with AWS resilience services to deliver both High Availability and Disaster Recovery. Further information is available upon request.
• Outage reporting: Our internal monitoring systems will alert our support teams in the unlikely event of an outage. Notification of outages to customers can be communicated via an API or email alerts. A cloud service status page is available and can be subscribed to for alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Username or password
  • Other
• Other user authentication: Authentication supported protocols: Microsoft AD/LDAP, Microsoft Azure AD, Okta, Azure OAuth2 and ADFS OAuth2.
• Access restrictions in management interfaces and support channels: Access controls are strictly enforced and provisioned as a function of user role or through rigorous just-in-time access requests.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Username or password
  • Other
• Description of management access authentication: Authentication supported protocols: Microsoft AD/LDAP, Microsoft Azure AD and Okta.

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: NQA
• ISO/IEC 27001 accreditation date: 14/11/19
• What the ISO/IEC 27001 doesn’t cover: The scope of our ISO27001 covers the Import and Distribution of Multi-functional Printing Devices and Associated Supplies including Software Solutions and services to Customers as part of Optimized Print Services and Optimized Business Services. This includes all Annex A controls.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Worldpay
• PCI DSS accreditation date: 07/04/21
• What the PCI DSS doesn’t cover: Covers the limited number of credit card transactions that we process. There are no credit card related payment processes outside of this scope.
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • Cyber Essentials
  • Cyber Essentials Plus

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO 27001; ISO 27017; ISO 9001; PCI DSS; ; Konica Minolta is committed to operating an effective Information Security Management System that will ensure information is protected from a loss of confidentiality, integrity and availability.; ; Given this, our basic approach to information security is to continuously make improvements by measuring and assessing risks associated with important information assets and applying effective measures to mitigate those risks.; ; To support this, we have identified key information security principles; and to ensure these key principles are met, we have established a set of information security objectives as part of our Integrated Business Management System which are monitored and reviewed regularly.; ; This Policy covers Konica Minolta Business Solutions (UK) Ltd and all relevant subsidiaries, including all UK regional offices. It is applicable to all colleagues, visitors, suppliers, customers and contractors related to business activities, products or services.; ; Compliance with the Information Security Policy is mandatory. All Leaders are directly responsible for implementing this policy and ensuring colleagues’ compliance within their Business Units and Shared Functions.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Change configuration is been tracked by YouTrack to create, authorize, monitor and implement changes within secure software development lifecycle. The change advisory council reviews the potential security impacts of the changes before approval.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Our solution developers use OWASP vulnerability assessment and threat modelling, we also use specific NIST and Microsoft SDLC guidance documents for selected areas. Our Cloud service is patched on a monthly cycle.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Actual, suspected, or potential breaches will be reported immediately to Data Protection Officer (DPO) and shall notify the implicated end-customer within 72 hours. Depending on the size and seriousness of a data breach, we may conduct an investigation into the circumstances surrounding the breach. Investigations may include an on-site examination of systems and procedures and could lead to a recommendation to inform data subjects about a security breach incident if end-customer has not already done so.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: An incident management framework has been established and communicated with defined processes, roles and responsibilities for the detection, escalation and response of incidents. Incident management teams perform 24x7 monitoring, including documentation, classification, escalation and coordination of incidents per documented procedures.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Other
• Other public sector networks: Konica Minolta Cloud solutions are sold into many government establishments.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  As the need for data centres grows, so too do the resources required to manufacture, build, and run these facilities. Konica Minolta is committed to providing Cloud services that are as sustainable as possible and uses various data centre providers for its services to target this goal.; As an accredited Microsoft Cloud Solution Partner, we offer several Microsoft services which are hosted in Microsoft’s data centres - four of which are LEED Gold certified, with 74 other projects going through certification. By 2025, Microsoft expects to power its data centres with 100% new renewable energy generation that matches its electricity consumption on an annual basis. Microsoft has also pledged to put more water back into the environment than they consume as well as to produce zero waste for its direct operations by 2030.; Konica Minolta’s Cloud Print Solution Workplace Pure is hosted in the Open Telekom Cloud. With a 1.3 PUE (Power Usage Effectiveness) rating it requires 30 percent less energy than comparable data centres. The data centre is powered 100% by electricity from renewable energy sources. ; In addition, Konica Minolta operates two of its own data centres in Hanover, Germany, and Stockholm, Sweden. From here it offers Infrastructure as a Service, a virtual IT infrastructure environment including a virtual network, virtual storage, and virtual server resources for customers. Both data centres operate with 100% renewable energy and are ISO 14001 certified.; At Konica Minolta, we've committed to becoming net zero in Scope 1, 2 and 3 by 2050. To help achieve this, in the UK we have published our carbon reduction plan for the last 3 years and are documenting a clear roadmap of how we get there. All employees undertake our Environment Essentials online training course annually.

  Covid-19 recovery

  At Konica Minolta delivering social value is a key part of our Environmental, Social, and Governance (ESG) strategy, which ensures that as a business and a team of people we are responsible to the wider communities we live and work in, as well as delivering our products and services to customers. ; This commitment to people, places, and the environment is ingrained in Konica Minolta as a global business, but it is also vitally important at even the most local of levels. As well as supporting national causes, we have refocussed on a place-based approach to social value. This means understanding the most challenging issues and opportunities in the communities where our employees and customers are and collaborating with others to make the biggest impact and to support the recovery from Covid-19.; Since the pandemic, people’s needs have changed and as a business we have had to adapt to be more agile to support the needs of our employees, customers and suppliers. For example, our choice based working policy enables those with caring responsibilities to balance the requirements of life and work around the needs of our business. ; Through our Social Impact Working Group we have established three charity partnerships across the UK to raise awareness and raise funds to support the vital work of our partners. This focus on local community partnerships has enabled us to ensure we are prioritising the needs of our local communities and supporting with the recovery.

  Tackling economic inequality

  Apprenticeships are a fantastic way to build a CV that showcases that an individual has that all important experience in the modern working world. Meanwhile, for the employer the rewards of running an apprenticeship programme are many. It provides access to a rich and diverse talent pool of motivated people that want to learn and progress. This has never been more important, especially in sectors where skills shortages are impeding productivity.; At Konica Minolta our nationwide apprenticeship programme has been developed to attract people from different walks and stages of life, to provide them with opportunities to flourish and provide a clear career path that retains them within the business, as part of an ongoing programme of progression. ; The programme includes Early Careers Business Professional apprenticeships designed for school and college leavers to kickstart their careers, develop skills and make an impact. It is complemented by an initiative for existing employees to develop their skills further in a specific area, or to transition into another part of the business, as well as a scheme for fulfilling junior level vacancies. ; As a Top Employer, we want to ensure we go above and beyond the governments National Minimum Wage, with focus on ensuring our employees receive at least the Real Living Wage and enabling access to all for purchasing our top wellbeing benefits.

  Equal opportunity

  At Konica Minolta, we have a commitment to promote a culture of diversity, equity, and inclusion and have clear targets to achieve this by 2030. Equality and true inclusivity will help drive diverse perspectives, skills and ideas, leading ultimately to a more sustainable business and contributing to a more equal society.; Our aspiration is to be an Employer of Choice where individuality is understood, valued, and celebrated. We meet the varied needs of our employees, taking an intersectional approach and embrace diverse thoughts and opinions. We aspire to be a Partner of Choice, an ethical business that does the right thing. We work with our customers, suppliers, and partners to set clear expectations, share best practice and to look at ways to support each other to drive progress forward.; Our policies, programmes and initiatives support the delivery of our 2030 targets. We seek to continuously push ourselves further, with accreditations and commitments such as the Race at Work Charter and being a Disability Confident Committed organisation.

  Wellbeing

  As a Top Employer in the UK, supporting people’s wellbeing has never been so important. Since the pandemic, our people’s needs have changed. People are far more conscious of their wellbeing now, than ever before. The lockdowns gave people little choice by way of going out and socialising, but it did give time to reflect and focus on what is important – our overall health.; Through our Breathe Employee Resource Group (ERG) we enable our people to own their own holistic wellbeing, and to provide them with the tools and resources to do just that. Under 3 strategic pillars – Mental, Physical and Social Wellbeing, the ERG run awareness campaigns and engagement initiatives on specific wellbeing topics such as nutrition, healthy eating, mental health and financial support. They have an active community which provides a platform for anyone in the organisation to get involved, connect with initiatives and access resources. ; All people leaders in our organisation have participated in mental health awareness training. This course gives our leaders the tools to be able to support our people at a foundation level and helps them spot the signs of struggle earlier. It also educates them on how to signpost to further support, whether that be through our employee assistance programme, or external professionals. Our policies, programmes and initiatives support our employees and their wellbeing including our choice-based working policy which enables a better life balance for our employees.; We work with our customers, suppliers, and partners to set clear expectations, share best practice and to look at ways to support each other to drive progress forward.

Pricing

• Price: £21,175.00 an instance a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Free trials can be available upon request however will require further due diligence so we can assess the scale of the trial required.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidsandtenders@konicaminolta.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.