Corporate Financial Management Systems Limited (CFMS)

JEDOX Financial Planning and Analysis Solutions

Jedox is corporate performance management software that helps businesses streamline their budgeting, forecasting, and financial consolidation. It integrates data from multiple sources, enabling real-time reporting and analytics. Suitable for various industries, Jedox can be customised for specific needs and empowers users with self-service capabilities to enhance decision-making and collaboration.

Features

Real-Time Reporting
Budgeting and Forecasting Tools
Financial Consolidation
Scenario Modeling
Compliance Management
Risk Management
Advanced Analytics
User-Friendly Interface
Customizable Dashboards

Benefits

Immediate updates for quicker decision-making.
Manage finances anytime, anywhere via cloud.
Advanced tools for detailed financial planning.
Integrates data for accurate global reporting.
Tools to simulate and prepare for future scenarios.
Ensures adherence to financial regulations.
Identifies and mitigates financial risks.
Provides deep insights with data visualization.
Simplifies management with intuitive design.
Tailor dashboards to focus on key metrics.

£805 a user a month

Education pricing available

Service documents

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at <removed>@9dbbd8ba-ccbd-49bf-9d94-c7cab2f28014.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

Contact

Corporate Financial Management Systems Limited (CFMS) <removed>
Telephone: <removed>
Email: <removed>@9dbbd8ba-ccbd-49bf-9d94-c7cab2f28014.com

Service scope

Software add-on or extension: No
Cloud deployment model: Hybrid cloud
Service constraints: None
System requirements: Modern Browser

Stable Internet Connection

User support

Email or online ticketing support: Email or online ticketing
Support response times: Our average response time from support is around 125 minutes and critical issues are usually addressed within an hour.
User can manage status and priority of support tickets: No
Phone support: Yes
Phone support availability: 9 to 5 (UK time), Monday to Friday
Web chat support: No
Onsite support: Yes, at extra cost
Support levels: There will be a technical engineer, the technical engineer would be typically the consultant that worked with the client to develop their model.

The support service will be available at 10% of the implementation cost. (subject to change and agreement)
Support available to third parties: No

Onboarding and offboarding

Getting started: Jedox offers three different training options - classroom training, online training, and self-studies where customer will be provided with product user guides, have access to the Jedox Knowledge Base and the Jedox training materials provided through Jedox Academy courses. Instructor-led courses can either be on-premises or in a remote virtual classroom if being delivered by Jedox. Self-study (self-paced) courses are available through Jedox's online eLearning system (Jedox Academy). The courses offer insights into models or specialized knowledge and range from one to several days of duration and come with their own training materials. Finally, the Jedox Knowledge Base provides extensive information all around the Jedox solution for users to upskill via some general reading/topic searching: https://knowledgebase.jedox.com/
Service documentation: Yes
Documentation formats: PDF
End-of-contract data extraction: Jedox can provide data extraction into myriad data formats as needed. Time stamps are supported, and if needed these capabilities can be limited via security.
End-of-contract process: There is no additional cost at the end of the contract.

Using the service

Web browser interface: Yes
Supported browsers: Internet Explorer 11

Microsoft Edge

Firefox

Chrome

Safari

Opera
Application to install: No
Designed for use on mobile devices: Yes
Differences between the mobile and desktop service: Jedox Mobile App interface is adjusted to be compatible with iPhones and iPads with iOS 15 or higher and on Android devices with Android 13 or higher
Service interface: Yes
User support accessibility: WCAG 2.1 AA or EN 301 549
Description of service interface: Jedox is frequently chosen for its simple and intuitive user interface and ease-of-use platform. This is true from both an end-user admin-user perspective. The web and excel reports use an intuitive interface that is very similar to Excel. This means users can immediately leverage their existing Excel skills and knowledge when modifying or creating reports and dashboards
Accessibility standards: WCAG 2.1 AA or EN 301 549
Accessibility testing: We have undergone VPAT compliance testing.
API: Yes
What users can and can't do using the API: Jedox has 2 Rest APIs that can be used by customers. One is the OLAP API where more information can be found here: https://knowledgebase.jedox.com/jedox/in-memory-db/api-http-jedox-olap.htm

The other Rest API is the OData Hub, which is however sold as an additional package. This is a very simple-to-use API that applies to the OData Standard. More information can be found here: https://knowledgebase.jedox.com/integration/odata-hub/odata-overview.htm
API documentation: Yes
API documentation formats: Other
API sandbox or test environment: No
Customisation available: Yes
Description of customisation: Jedox is a highly adaptable tool. It is possible to either build all models from scratch or use some of Jedox pre-build starter packs. Most of Jedox models are no-code with few elements of low-code. This allows for easy customisation and adaptability going forward. Jedox offers customizable templates for data collection, workflows, reports, and dashboards.

Scaling

Independence of resources: Jedox is designed with enterprise-wide deployment in mind and designed with a highly-scalable architecture. Jedox includes organizations with user bases > 1000. Performance can be maintained with enhanced cloud capabilities (CPU/RAM/Storage) hosted on Azure with scalable infrastructure. Users across the enterprise can create integrated models, plans, and reports at all hours based on a 99.5% availability SLA. Jedox ensures the delivery of a performant solution including the provision of an in-built performance monitor. From a technology perspective, Jedox’s in-memory database, among other components, allows for optimized performance.

Analytics

Service usage metrics: Yes
Metrics types: For System Status information of your Jedox Cloud instance, you can check the Cloud Console. For example, you can check whether a process is halted, download the latest backups, start/stop processes, set the daily maintenance time and see the usage metrics of your environment
Reporting types: Real-time dashboards

Resellers

Supplier type: Reseller providing extra features and support
Organisation whose services are being resold: Jedox

Staff security

Staff security clearance: Conforms to BS7858:2019
Government security clearance: Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: United Kingdom

European Economic Area (EEA)
User control over data storage and processing locations: Yes
Datacentre security standards: Managed by a third party
Penetration testing frequency: At least every 6 months
Penetration testing approach: Another external penetration testing organisation
Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process: Yes
Data sanitisation type: Explicit overwriting of storage before reallocation

Deleted data can’t be directly accessed
Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach: Data can be exported from your own cubes to external databases or files via Jedox Integrator, A write-back to SAP is enabled for ERP via batch input sessions (e.g. CSV, XML, JSON etc.). The format can be configured according to your requirements. A generic JDBC connector exists for writing directly back to SAP on Hana. Specific connectors for Microsoft SQL, Oracle, IBM DB2, MaxDB, MySQL, PostgreSQL etc. are available. Access to SAP non Hana systems is possible via optional SAP Connectivity. For systems that can consume data in the OData Protocol standard, Jedox provides its data in the Jedox ODatahub.
Data export formats: CSV

ODF

Other
Other data export formats: JSON
Data import formats: CSV

Other
Other data import formats: XLS

CSV

Data-in-transit protection

Data protection between buyer and supplier networks: Legacy SSL and TLS (under version 1.2)
Data protection within supplier network: Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability: The service level guaranteed by Jedox for availability is 99.5% for a given month. Where service levels are not met, service credits are provided to customers according to the amount of downtime. The availability calculation consists of all services and whole infrastructure, based on 24-hour-per-day times, amount of days per month, minus unscheduled downtime. Availability tends to be well above this SLA. Current availability averages at around 99.9x% in an ongoing 12 month average. Customers can monitor monthly performance here: https://knowledgebase.jedox.com/jedox/cloud/cloud-status.htm
Approach to resilience: Our partner Microsoft Azure's Backup provides the ability to back up and restore virtual machines. When the process to discover virtual machines in a region is initiated, a one-time registration is performed to install the backup extension, then a backup and retention policy is defined for each VM. From that point forward, replication and incremental backup is automatically performed. Once backed up, a VM can be restored from the latest recovery point or older, restore to an existing or new cloud service, and specify the virtual network and subnet for the restored VM. Dynamics 365 services backs up databases regularly and validates restoration of data periodically for disaster recovery purposes.
Outage reporting: Jedox offers Monitoring tools in the performance tab of the web Interface. Logs are collected at Application, System, and Infrastructure layers. These logs are the base for our event management tool that monitors the end-to-end service and triggers alarms at levels when certain conditions or thresholds are met. When an alarm is triggered, the Incident Management process is kicked off at our Security Operation Center. Jedox also offers customer-defined triggers and alerts. Automatic checks are made during data input/import process directly in Integrator; additional checks can be made through the Supervision Server (our very own intuitive Jedox component). Finally Jedox itself internally also has monitoring of critical applications and systems with alerting in place across all of Jedox Cloud environments. Our monitoring system ensures that all Jedox services are up & running properly. Whenever an anomaly occurs, our support engineers are notified in order to investigate it. Once we understand/restore the behavior/issue, we proactively contact our customer, explain the situation and provide them with further steps if needed.

Identity and authentication

User authentication needed: Yes
User authentication: 2-factor authentication

Username or password
Access restrictions in management interfaces and support channels: Access rights are defined by user role in Jedox: The admin user defines general user roles, adds groups to these roles, and adds users to these groups. Roles, groups, and users are then granted (or denied) access to both functionality and content (specific databases or reports). A user can be assigned to several groups, in which case they gain access rights to each group they belong to.
Access restriction testing frequency: At least every 6 months
Management access authentication: 2-factor authentication

Username or password

Audit information for users

Access to user activity audit information: You control when users can access audit information
How long user audit data is stored for: User-defined
Access to supplier activity audit information: You control when users can access audit information
How long supplier audit data is stored for: At least 12 months
How long system logs are stored for: At least 12 months

Standards and certifications

ISO/IEC 27001 certification: Yes
Who accredited the ISO/IEC 27001: KPMG
ISO/IEC 27001 accreditation date: 14/04/22
What the ISO/IEC 27001 doesn’t cover: N/a
ISO 28000:2007 certification: No
CSA STAR certification: Yes
CSA STAR accreditation date: 09/05/23
CSA STAR certification level: Level 2: CSA STAR Attestation
What the CSA STAR doesn’t cover: N/a
PCI certification: No
Cyber essentials: No
Cyber essentials plus: No
Other security certifications: Yes
Any other security certifications: SOC 2

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: ISO/IEC 27001
Information security policies and processes: 1. Jedox has deployed an ISMS to manage information security professionally based on ISO/IEC 27001:2013 measures and is sponsored by the Executive board. The Jedox ISMS has been certified and continues to be audited by an independent, external auditor on an annual basis.

2. Jedox employs full-time dedicated information security employee(s) who are responsible for information security.

3. Jedox has a comprehensive set of information security policies and processes which are disseminated to all employees after approval from senior management.

4. All employees must sign a commitment statement confirming they have read and understood Information Security polices and will adhere to the measures.

5. Information Security awareness sessions are provided annually to all employees.

6. Jedox ensures that Suppliers and Partners have appropriate Information Security measures in place and reserves the “right to audit” their Information Security measures at least annually.

7. Jedox has a change management process which takes into consideration security implications in respect of introducing changes to existing systems or when implementing new systems.

8. The Jedox Risk Management process includes Supplier risk Management and IT systems risk management.

Operational security

Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach: Jedox provides easy migration of specific components between environments. Change requests for the implemented applications are processes we define together with our customers, based on industry best practices. During implementation, customers will have a Statement of Work from Jedox which will dictate the Project Plan (including transition out/go-live services) alongside the implementation support model, including UAT and change management processes. Comprehensive system and user documentation will also be provided as part of the implementation.
Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach: As a SaaS provider, Jedox takes information and data security extremely seriously, and as such Jedox maintains ISO 27001, ISO 9001, SOC 3, SOC 2 Type II and Star Level 2 certification. When it comes to vulnerabilities and security patches, we have an approach that see's any and all patches developed 'As Soon As Possible', in the literal use of the term - meaning attention on patch development is given a priority as soon as a vulnerability is discovered.
Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach: Jedox Cloud Console is an administration and monitoring hub for the cloud based Jedox EPM software. It enables customers to operate the Jedox Cloud solution independently - managing security settings, scheduling backups and monitoring uptime, services and connections. The customer always has full access to Jedox Cloud Console. Jedox also offers Monitoring tools in the performance tab of the web Interface. Logs are collected at Application, System, and Infrastructure layers. These logs are the base for our event management tool that monitors the end-to-end service and triggers alarms at levels when certain conditions or thresholds are met.
Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach: Jedox has an incident response plan, which includes a crisis communication matrix. This prioritizes the internal departments and external stakeholders like customers or partners and describes the communication channels which should be used.

Secure development

Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks: No

Pricing

Price: £805 a user a month
Discount for educational organisations: Yes
Free trial available: No

Service documents

Request an accessible format

Cookies on Digital Marketplace

JEDOX Financial Planning and Analysis Solutions

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents