NETBUILDER DIGITAL LTD

Adobe Sign for Enterprise

Adobe Sign is a SaaS based electronic signature solution which helps an organisation replace paper-and-ink signature processes with 100% digital workflows. With Adobe Sign, you can send, sign, track, and manage signature process and electronically sign digital documents on any device, from any location.

Features

• Automate workflows - Reducing mistakes ,improve compliance.
• Get forms filled fast-Candidates/employees to complete/return forms from anywhere.
• Mobile Power:Send,track,and manage the entire signing process wherever you are
• Microsoft 365 integration
• Automatic record keeping - Audit trails of every transaction

Benefits

• Get signatures in minutes, not days
• Work anywhere, on any device
• Ensure legal and security compliance
• Add to your systems and processes - security,availability,legal compliance

£39.99 a licence a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at maxwell.ashley@netbuilder.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

934735909447714

Contact

Maxwell Ashley
07481 758650
maxwell.ashley@netbuilder.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Adobe Sign can be easily added to your business applications through the use of comprehensive set of REST APIs.; ; Turnkey integrations are available for leading business systems, including Microsoft SharePoint, Dynamics and Office 365, Salesforce, Workday, Nintex, Apttus, iCertis, ServiceNow, and many more
• Cloud deployment model: Public cloud
• Service constraints: Adobe Sign is a browser based SaaS application which can be accessed through an internet browser having internet connection support.
• System requirements:
  • Adobe Sign is a browser based SaaS application
  • Accessed through an internet browser having internet connection support

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Adobe will provide prioritised support services for the Managed Services, to be accessed by Customer’s Technical Support Contacts 24 hours a day, 7 days a week (each such request a “Service Request” or an “Incident” or a “Change Request”) according to an agreed set of Response Times for each service request type and priority level.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: N/A
• Onsite support: Onsite support
• Support levels: Available on request
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Initiation. In order to best kick start and setup the service, we come on site to meet the team, give an initial overview of the Managed Service and describe the next steps. Discovery. Once the introductions are completed, we run an initial discovery phase in which we review and validate the scope of the service with the business and technical stakeholders, make an inventory of the resources to support, define a service catalogue, lock down the SLA. On-Boarding. Setup the support, networking and monitoring services, put quality controls in place, check integration points, integrate to the customer business process, trial run end-to-end key use cases and live incidents, start preparing initial knowledge base, grant access etc. Transition. Smoothly switch to the new support service and check hands for an official start. Maintenance and Support. Proactively support and maintain your solution as well as regularly report on its performance.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: Customer data can be copied to a secure repository and source data deleted. There is no additional charge for this service.
• End-of-contract process: A high level exit plan is contained within the Managed Service documentation. The exit plan contains instructions as to whether the service is to be ceased or migrated to another third party.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile interface fully supports touch
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: You can build a variety of integrations with Adobe Sign using just the APIs. Once built, integrations allow you to start the Adobe Sign experience entirely from within the external application.; ; You can also incorporate the functionality of Adobe Sign into any external applications by embedding the Adobe Sign UI within those applications. External applications can also receive status updates in real time for transactions initiated using Adobe Sign. These external applications can retrieve and store copies of the signed agreements. The Adobe Sign APIs can be used to:; ; - Create and manage agreements; - Retrieve signed documents; - Embed a signing UI in your app; - Send reminders; - Create widgets, library documents and MegaSigns; - Download audit trails; - Archive signed documents and much more.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The reporting feature in Adobe Sign lets the application users check Adobe Sign account usage. The user can build their own reports and gain complete visibility into the document signing process, while seeing how individual groups or users are doing. Moreover, Adobe Sign provides a dashboard to allow users to have up-to-the minute status on documents out for signature. Some of the reporting metrics include Agreement Completed, Median time to complete, number of documents in different stages of the workflow, end many more.

Scaling

• Independence of resources: Dedicated tenancies are enforced to ensure customer segregation. Therefore one customer service cannot be affected by another customers service.

Analytics

• Service usage metrics: Yes
• Metrics types: Service calls
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Adobe

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be exported in a format of choice
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: To provide for a very high level of service availability and system fault tolerance, Adobe Sign data is synchronised across all data centers. Each data center is located in a separate Availability Zone (AZ) which has physically distinct, independent infrastructure. In case of an outage, automated processes redirect traffic away from an application server, database, or data center to other active system components. The minimum uptime percentage is 99.9%. Please visit https://www.adobe.com/content/dam/acom/en/legal/terms/enterprise/pdfs/SLE-Sign-2016OCT5.pdf for more details.; Adobe status can be found here: https://status.adobe.com/
• Approach to resilience: Adobe Sign data centers are highly resilient, designed to deliver high availability and tolerate system or hardware failures with minimal impact. To help ensure business continuity, Adobe maintains regional disaster recovery plans for Adobe Sign when hosted on AWS infrastructure in the U.S. and EU along with documentation in the form of an annual run book that outlines all the steps required to complete a data center failover.
• Outage reporting: Please see status.adobe.com If there is a need to migrate the operational service from a primary site to a disaster-recovery site, customers will receive several specific notifications including:; • Notification of the intent to migrate the services to the disaster-recovery site; • Hourly progress updates during the service migration; • Notification of completion of the migration to the disaster-recovery site; The notifications will also include contact information and availability for client support and customer success representatives. These representatives will answer questions and concerns during the migration as well as after the migration to promote a seamless transition to newly active operations on a different regional site.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Adobe Sign uses a role-based model for identity management that handles authentication, authorisation, and access control throughout the Adobe Sign system.Capability-based security and authentication processes are defined/enabled for an organisation by an Adobe Sign administrator.This ensures only authorised users can view or modify the document as per their user responsibilities, and only authorised users have access to the document.The admin and user rights are controlled from the Account tab of the application.Users of Adobe Sign web portal can be a user or administrator of the system.There are three levels of authority in Adobe Sign:; 1. Users; 2.Group Administrators; 3.Account Administrators
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: .
• ISO/IEC 27001 accreditation date: .
• What the ISO/IEC 27001 doesn’t cover: Can be shared under NDA.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: .
• PCI DSS accreditation date: .
• What the PCI DSS doesn’t cover: Can be shared under NDA
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • SOC 2–Type 2 (Security & Availability)
  • ISO 27001:2013, FedRAMP Tailored
  • HIPAA-ready
  • GLBA-Ready
  • FERPA-Ready
  • FDA 21 CFR Part 11 compliant
  • PCI DSS V3.2.1 compliant merchant and service provider
  • EIADS Compliant

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Adobe maintains over 30 Security policies and standards. These can be shared via screen share application, if an NDA is in place.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: • Customer requests change to service or solution: affected systems, possible risks, security risks, and expected implementation to qualified brief.; • Service Delivery Manager escalates the request to the engagement team who determines if the change is valid.; • Team plans the change. Details recorded about: the expected outcomes, effort estimates, resource profile, timeline, testing, ways to roll back the change, risks including security risks, dependencies and assumptions.; • Change approval board (CAB) may need to review the plan.; • Team implements the change, documenting procedures and results.; • Service Delivery Manager reviews and closes the implemented change.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: For Adobe Sign, Adobe centralises incident response, decision-making and external monitoring to provide cross-functional consistency and fast resolution of issues.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Adobe uses automated tools to provide real-time/near real-time notification of potentially malicious behaviour or vulnerability exploitation. These tools collect log data generated from security tools, infrastructure, software, and any other applicable source. Adobe uses automated tools to search collected log data, generate security baselines where possible, and report deviations from security baselines, alert on potential malicious behaviour, and evaluate deviations from minimum security standards.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: In the case of a service disruption, the Adobe Sign operations team will invoke Adobe’s incident management process. When this process is invoked, 24x7x365 on-call engineers are brought together via online collaboration tools to triage, solve, and resolve the issue. The incident management process also has provisions to capture data on the chain of events leading to the incident resolution, as well as timing and impact information used to assess the impact to our service level agreements (SLAs). Any outstanding issues are transitioned to the problem-management team for ongoing governance.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity

  Fighting climate change

  NETbuilder set a public target set up with SBTi (Science Based Targets) and report on EcoVadis and CDP. We also have ISO 14001 confirming our commitment to improving the environment.

  Tackling economic inequality

  NETbuilder recruit, employ and train our permanent technical staff per client engagement, often in regional area’s with limited industry. We assess based on attitude and aptitude of the individual, not education alone, which opens up career opportunities to people moving into Digital At a high level we provide:; • Paid full time training so employees do not need to work outside of training hours to support themselves ; • Accessible training programmes that are designed to be inclusive, and adopting and utilising different styles, approach and media to support a wide audience and learning styles. ; • Objective recruitment processes taking away any potential for unconscious bias. This is managed, tracked and auditable in the SkillsNow platform. ; • Localised recruitment to support with local sustainability creating communities and preserving personal and local infrastructure. ; • All employees empowered to actively contribute in our journey towards achieving net zero. Sustainability principles are being integrated into our corporate culture and governance procedures. ; Uniquely we provide transfer options for our staff to move to customer permanent employment on project handover, or after agreed timelines have been met. This promotes in region investment and increases in skills over time, as well as addressing digital skills gaps in critical technologies, as well as supporting maintenance of legacy applications where necessary. ; ; NETbuilder also provide upskilling and reskilling programmes to support non technical staff cross department/ directorate/ agency transition into CDIO, supporting and aligned to Government Digital and Data Profession Capability Framework . This can be provided as a value add during training of our own staff pre-project deployment, combining customer employees into bootcamps, or as a parallel service and stand-alone initiative.

  Equal opportunity

  NETbuilder recruit, employ and train our permanent technical staff per client engagement, often in regional area’s with limited industry. We assess based on attitude and aptitude of the individual, not education alone, which opens up career opportunities to people moving into Digital At a high level we provide:; • Paid full time training so employees do not need to work outside of training hours to support themselves ; • Accessible training programmes that are designed to be inclusive, and adopting and utilising different styles, approach and media to support a wide audience and learning styles. ; • Objective recruitment processes taking away any potential for unconscious bias. This is managed, tracked and auditable in the SkillsNow platform. ; • Localised recruitment to support with local sustainability creating communities and preserving personal and local infrastructure. ; • All employees empowered to actively contribute in our journey towards achieving net zero. Sustainability principles are being integrated into our corporate culture and governance procedures. ; Uniquely we provide transfer options for our staff to move to customer permanent employment on project handover, or after agreed timelines have been met. This promotes in region investment and increases in skills over time, as well as addressing digital skills gaps in critical technologies, as well as supporting maintenance of legacy applications where necessary. ; ; NETbuilder also provide upskilling and reskilling programmes to support non technical staff cross department/ directorate/ agency transition into CDIO, supporting and aligned to Government Digital and Data Profession Capability Framework . This can be provided as a value add during training of our own staff pre-project deployment, combining customer employees into bootcamps, or as a parallel service and stand-alone initiative.

Pricing

• Price: £39.99 a licence a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: 7 day all-in-one solution to e-sign, convert and edit PDFs.
• Link to free trial: https://www.adobe.com/uk/sign/free-trial-global.html

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at maxwell.ashley@netbuilder.com. Tell them what format you need. It will help if you say what assistive technology you use.