Diegesis Limited

ESG Asset Management Integration and Exploitation

We specialise in helping organisations use Maximo's cloud version, leveraging APIs for seamless data extraction and integration with other systems. For existing users, we facilitate data extraction through APIs, ensuring smooth integration. We also aid in provisioning and configuring Maximo for effective asset management, allowing optimisation and seamless integration.

Features

• offers real-time reporting capabilities
• provides remote access capabilities
• integrates with Geographic Information Systems to visualise assets on maps
• Tracks energy consumption and identifies opportunities for energy savings
• Provides audit trails
• Optimises resource allocation by matching skill sets
• Defines hierarchical relationships between asset
• API enable remote access between application

Benefits

• Maximo optimises asset performance, minimising downtime and maximising reliability.
• Streamlines maintenance processes, optimising resource allocation and workflow automation.
• Enforces safety protocols, documents activities, ensuring regulatory compliance.
• Provides actionable insights into asset performance, driving continuous improvement.
• Adapts to business needs, offers customisable workflows and integrations.
• Our service extracts data for integration with ESG and Cybersecurity.

£5,794.69 a licence

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at nick.denning@diegesis.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

903672716036889

Contact

Nicholas Denning
07710 338072
nick.denning@diegesis.co.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: This extends IBMs Maximo product for exploitation of the data it contains.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: N/a
• System requirements:
  • Verify OS, DBMS, and software licenses for Maximo compatibility.
  • Ensure antivirus software installed on Maximo hosting servers.
  • Allocate sufficient resources on virtual machines for Maximo.
  • Regular OS updates required for Maximo compatibility and security.
  • Procure licenses for compatible DBMS (e.g., IBM Db2).
  • Agree appropriate cloud hosting
  • Appropriate power for online hosting

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Up to 5 working days, but pretty instant
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Basic Support: Basic support often includes access to documentation, knowledge bases. It may also offer limited email support for general inquiries and troubleshooting.; Standard Support: Standard support provides additional benefits such as faster response times, extended support hours, and more personalised assistance from support teams. It may include phone support and ticket-based assistance.; Premium Support: Premium support offers the highest level of service, with dedicated support representatives, priority response times, and proactive monitoring of systems. It may include access to technical account managers or cloud support engineers for personalised assistance and strategic guidance.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Extensive user documentation, including guides and manuals, serves as a foundational resource for understanding Maximo's features and functionalities.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Users can programmatically access and retrieve their data using API calls documented by IBM for the core product. This method is suitable for users with technical expertise or those requiring automated data extraction processes.
• End-of-contract process: We have two contracts, one subscriptions based on IBM T&C's on Maximo and a contract for our services which relates to any support of solution such as implementation and integration. ; Contract Review: Both parties review the terms of the contract to understand their respective rights and obligations upon termination.; Notice of Termination: Depending on the contract terms, either party may need to provide advance notice of termination to the other party. This notice period allows for adequate preparation for the end of the contract.; Data Extraction: The user may need to extract their data from the service platform before the contract ends. This can involve exporting data through built-in tools, accessing data via APIs, or requesting data backups from the service provider.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • Windows
  • Other
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The mobile service of Maximo is tailored for on-the-go use, optimised for smaller screens, touch interfaces, and offline capabilities. It emphasises quick access to essential functionalities, such as creating work orders and updating asset information, catering to field technicians and personnel working remotely. In contrast, the desktop service offers a more comprehensive and feature-rich experience, leveraging the larger screen real estate for detailed data visualisation, complex analytics, and advanced configuration options. While both versions share core functionalities, they are designed to cater to different user scenarios and usage contexts, ensuring flexibility and usability across devices.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The service interface in Maximo comprises RESTful APIs, SOAP web services, and integration frameworks. These tools facilitate seamless communication and data exchange between Maximo and external systems, enabling organisations to integrate Maximo with their existing IT infrastructure efficiently. Security mechanisms ensure data protection, while the integration framework simplifies and accelerates integration projects. Overall, the service interface streamlines workflow automation, business process optimisation, and interoperability across systems, enhancing the effectiveness and efficiency of asset management operations.
• Accessibility standards: None or don’t know
• Description of accessibility: Users with disabilities can effectively navigate Maximo using keyboard shortcuts and screen reader compatibility. They can input data via accessible forms and controls, interact with features, and access information with text alternatives and sufficient color contrast. However, complex data visualisations may pose challenges for users relying solely on screen readers. Additionally, while Maximo aims to meet accessibility standards, individual configurations or customisations by organisations may impact overall accessibility. Users may encounter limitations in accessing certain functionalities if not appropriately configured for accessibility. Regular accessibility audits and user feedback help address these issues.
• Accessibility testing: N/a
• API: Yes
• What users can and can't do using the API: Users can utilise Maximo's API to automate setup, configuration, and data management tasks. Through the API, users can programmatically establish Maximo configurations, create assets, define asset hierarchies, configure workflows, and manage user permissions. This enables streamlined deployment and customisation of Maximo instances, reducing manual effort and ensuring consistency across deployments.; ; Additionally, users can make changes to Maximo data via the API, including creating, updating, deleting, and retrieving records for assets, work orders, inventory items, and more. They can execute business logic, trigger workflows, and perform transactions, empowering organisations to integrate Maximo seamlessly into their broader IT ecosystem and automate asset management workflows.; ; However, there may be limitations to the extent of setup and changes that users can perform through the API. These limitations could include restrictions on certain administrative tasks, dependencies on specific Maximo features not fully exposed through the API, or complex configurations requiring manual intervention. Users should be aware of these constraints and plan their API usage accordingly to ensure effective integration and customisation of Maximo. Regular updates and documentation from IBM help users stay informed about API capabilities and limitations, facilitating optimal utilisation of Maximo's API functionalities.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Under agreement we may make our IPR a deliverable to allow our customers to extend the service we provide.

Scaling

• Independence of resources: Maximo ensures user experience consistency through scalable infrastructure, efficient resource allocation, and load balancing techniques. Real-time performance monitoring detects anomalies, triggering proactive adjustments to maintain service quality. Capacity planning anticipates demand trends, enabling timely resource scaling. SLAs define performance commitments, ensuring agreed-upon levels of availability and responsiveness. By employing these strategies, Maximo aims to mitigate the impact of demand fluctuations, providing users with a stable and reliable asset management platform.

Analytics

• Service usage metrics: Yes
• Metrics types: Maximo provides users with comprehensive service usage metrics, encompassing asset performance, work order management, inventory, labor productivity, cost analysis, compliance, and safety. These metrics enable users to track key performance indicators (KPIs) relevant to their asset management processes. Users can monitor uptime, maintenance history, work order completion rates, inventory levels, labor hours, maintenance costs, and regulatory compliance. Custom KPIs can also be defined to track specific metrics aligned with organisational goals. By analysing these metrics, users can identify trends, optimise resource allocation, improve operational efficiency, and make data-driven decisions to enhance overall asset management effectiveness.
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: IBM

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users export data from services through built-in tools, APIs for programmatic access, requesting data backups, or manual extraction.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: SLAs typically outline the terms and conditions for availability guarantees, including the calculation of uptime, exclusions, and procedures for claiming compensation. Users should review the SLA provided by Maximo or their service provider to understand their rights and remedies in the event of service disruptions or downtime.
• Approach to resilience: Maximo's service resilience is ensured through meticulous design and infrastructure strategies. Our datacenter setup employs redundant systems and failover mechanisms to mitigate potential disruptions. Redundant hardware components, including servers, storage devices, and networking equipment, eliminate single points of failure, ensuring continuous operation. High availability architecture, featuring load-balanced clusters and automatic failover mechanisms, further enhances resilience by seamlessly managing workload distribution and maintaining service uptime during hardware failures or maintenance activities. Additionally, geographic redundancy across multiple datacenter locations provides disaster recovery capabilities, minimising the impact of regional outages or disasters. Continuous monitoring tools detect and address issues promptly, while regular data backups and offsite storage ensure data integrity and facilitate quick recovery in the event of data loss or corruption. Our commitment to resilience ensures that Maximo remains a dependable asset management platform, capable of meeting users' needs with reliability and stability. For detailed information about our datacenter setup and resilience measures, please contact us directly.
• Outage reporting: Maximo employs various methods to promptly report outages and service disruptions to users. Firstly, a public dashboard offers real-time service status and outage information, accessible to users to stay informed about ongoing issues and planned maintenance activities. Secondly, an API (Application Programming Interface) allows users to programmatically access service status information and outage notifications, facilitating integration with monitoring tools or custom applications for automated outage reporting and response. Additionally, email alerts are sent to users subscribed to outage notifications, providing timely updates about service disruptions, including details about the issue, estimated resolution time, and any relevant instructions or workarounds. Through these reporting mechanisms, Maximo ensures that users receive timely and accurate information about outages, empowering them to take appropriate actions and minimise the impact on their operations.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: On a user-facing level, the service defines three access levels: standard user, organisation manager and system admin. Access to sensitive data is confined to system admins. Organisations can only access their own organisational data. There is a fourth ''superuser'' access level that is restricted for by users. SSH access is managed via a secured gateway through a PKI system. SSH access is also restricted via IP address whitelisting. Access to the AWS console is strictly restricted (following the principle of least privilege) and is protected by TFA.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • IASME Cyber Assurance level 1
  • IASME Cyber Assurance Level 2

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials
• Information security policies and processes: Acceptable use policy, information security policy and we are compliant with IASME ICA Level 1, ICA Level 2, CE and CE+. All security issues is reported to our system administrators.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All the components of our services are software components running as cloud resource across various AWS-supplied services. All build procedures are defined within YAML templates to ensure a consistent, repeatable, identical build and configuration. All changes are reviewed by our in house AWS specialist. Prior to deployment, all software development takes place within our Atlassian/Jira/Bitbucket environment. Changes are defined, reviewed, implemented and tested to ensure standards are strictly adhered to. We use Bitbucket Premium giving MFA protection, enforced code reviews and mandatory testing prior to merging to enhance.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We use Qualys to regularly scan our internal development network, our production network, our AWS product network and all company workstations. Any detected vulnerabilities are assessed against CVSS criteria, prioritised and patched at the earliest opportunity within a defined order of priority. We have an RMM agent deployed to all laptops as a secondary layer providing asset monitoring and automatic patch management. We apply all patches on a weekly basis to all development and production machines.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We monitor system load and performances using the AWS console. We monitor user activity by analysing the user service access logs and looking for strange and inconsistent usage such as excessive operations of a particular type. Where possible, we deploy vulnerability scanning agents and RMM agents for real-time monitoring of potential compromises. We also conduct a weekly network scan for systems to which these agents cannot be deployed. We schedule annual penetration testing. All incidents are responded to at the earliest opportunity. We comply with the following standards: CE, CE PLUS, IASME Cyber Assurance L1 and IASME Cyber assurance L2.
• Incident management type: Supplier-defined controls
• Incident management approach: We have a predefined incident management policy and specified general workflows for managing incidents. We have specific processes for common/ well-defined incidents. Users can report incidents by raising an alert through our company solution or internal help desk. All workflows related to an incident are recorded in the system and can be reported upon. Incident reports are generated on a case-by-case basis and shared with relevant personnel on a need-to-know basis.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Health and Social Care Network (HSCN)

Social Value

• Social Value:

  Social Value

  • Equal opportunity
  • Wellbeing

  Equal opportunity

  Our solution is compliant with WCAG 2.1AA and hence available to disabled users. We recruit highly able people. On occasions during our recruitment process we identify people that have challenges and where we're able to support them we ensure that they aren't excluded from our recruitment process as a consequence of any issue that they may have.

  Wellbeing

  We have a strong mentoring and buddy system underpinned by wellbeing policies to ensure that our staff feel safe and supported at work. We carry out regular briefing to ensure that all staff are aware of how to identify potential issues and how to escalate them to management in an appropriate manner that respects individual privacy while providing the appropriate level of support to the individual.

Pricing

• Price: £5,794.69 a licence
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We offer a free trial for a month and have access to all functionalities.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at nick.denning@diegesis.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.