InfoCat Ltd

IBM Planning Analytics

IBM Planning Analytics, formerly known as Cognos TM1, is a market-leading enterprise planning software platform that can transform your entire financial and operational planning cycle, from target setting and budgeting to reporting, scorecarding, analysis and forecasting.

Features

• Real time budgeting and forecasting
• Integrated workflow
• Integrated ETL tool for interfacing with external sytems
• Full web interface for end users and administration
• Optimised for internet access
• Real time reporting and analysis
• Excel add-in for end-user friendly reporting and input
• Dashboard and briefing books with "drag and drop" functionality
• Powerful calculation and modelling language

Benefits

• Fast, effective budgeting and planning
• Fully auditable inputs and calculations
• Fast, cost effective implementation
• Low ongoing cost of ownership
• Familiar environment for Excel users
• Full security of data input and viewing
• Sophisticated security model
• Ease of use

£65.00 to £210.00 a user a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@infocat.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

951537240760320

Contact

Stephen Waters
020 7735 7711
sales@infocat.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Maintenance and upgrades are carried out at pre-planned times, aimed to minimise outage
• System requirements:
  • Client PCs must be on Windows 10 or later
  • Web browser supported, Chrome, Edge and Firefox

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Critical Within 2 hours; Serious Within 4 hours; Degraded Within 8 hours; Minimal Within 24 hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: There are two support levels: ; Software Support; Provides access to new releases, upgrades and fixes, and the reporting and resolution of problems relating to the Planning analytics software. This support is included in the subscription cost of the cloud service. ; Application Support ; As an extended level of service, InfoCat also offers an Application support service, which provides cover for the planning and reporting; application itself, including the data integration processes with source data systems, in additions to the underlying Planning Analytics software. The cost is an annual fee based on the complexity of the application and therefore will be different for each client.; Both support services includes reporting of issues by telephone and email, together with remote access support to aid diagnosis and resolution.; access support to aid diagnosis and resolution.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: InfoCat guides users through the commissioning process and can provide training (onsite or on-line) as requested. ; We can also provide a full design and development service if required by the user.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The customer can make a copy of their data and applications at any time prior to termination or expiration of the Cloud; Service via the use of self-service options available within the Cloud Service.
• End-of-contract process: At the termination of the contract the customer can choose to either:; - Renew the contract for the same number of users at the current price prevailing at the renewal date or,; - Renew the contract for a different number or mix of users at the current price prevailing at the renewal date or,; - terminate the contract.; If the contract is terminated access to the service will cease on the termination date and IBM will delete all data, application content and backups within a maximum of 28 days of the termination date.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: IBM Planning Analytics is supported on mobile devices that run supported browsers. ; We recommend that customers design reports for mobile devices to ensure optimal use of any restricted screen sizes
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: Planning Analytics is fully REST API compliant all aspects of the database can be manipulated and accessed using the REST API. In addition, users can use the API to extract or write data from or to external cloud systems.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users can develop budgeting and planning applications customised for their specific needs. They can customise the data structures, calculations, external interfaces and data loaders, input forms, reports and dashboards.; Cusomisation depends on users rights:; - Administrators can carry out any customisation; - Ordinary users can customise input forms, reports and dashboards

Scaling

• Independence of resources: The customer purchases dedicated resources for the Planning Analytics database as part of their contract, it is not shared.

Analytics

• Service usage metrics: Yes
• Metrics types: Service metrics provided include:; - Number of authorised users; - warnings if the number of authorised users has been exceeded (overage); - RAM size of application; - CPU Consumption; - Amount of disk space used; - Lower level metrics on user activity and resource consumption of various objects in the database.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: IBM

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Users can export their data using csv files or by taking a full back up of the application and data files at any point during the term of the cloud service.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Excel workbooks
  • Rest API
  • ODBC
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • ODBC
  • REST API feeds
  • Excel

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: A Severity 1 support ticket with the IBM support help desk within 24 hours of first becoming aware of an event that has impacted the Cloud Service availability. You must reasonably assist IBM with any problem diagnosis/resolution.; A support ticket claim for failure to meet an SLA must be submitted within three business days after the end of the contracted month. Compensation for a valid SLA claim will be a credit against a future invoice for the Cloud Service based on the Downtime. Downtime is measured from the time Client reports the event until the time the Cloud Service is restored and does not include time related to a scheduled or announced maintenance outage; causes beyond IBM’s control; problems with Client or third party content or technology, designs or instructions; unsupported system configurations and platforms or other Client errors; or Client-caused security incident or Client security testing. IBM will apply the highest applicable compensation based on the cumulative availability of the Cloud Service during each contracted month, as shown in the table below. The total compensation with respect to any contracted month cannot exceed 10 percent of one twelfth (1/12th) of the annual charge for the Cloud Service.
• Approach to resilience: The datacentres meet the following standards ISO22301, ISO27001, ISO27018, SOC 1(SSAE 16), SOC 2, SOC 3 and ISO 9001. ; Further information maybe available on request.
• Outage reporting: A Public Dashboard and / or API.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: All users are assigned to security groups. Access to management interfaces and support channels are assigned to specific, security groups with controlled membership.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Bureau Veritas Certification Holding SAS
• ISO/IEC 27001 accreditation date: 29/11/2021
• What the ISO/IEC 27001 doesn’t cover: No exclusions stated
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Mary O'Brien, General Manager of IBM Security heads the global reporting structure for ensuring security policies and processes are followed. The various teams with in this department have the responsibility to ensure that their obligations to ISO 27001 are met.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: The approach to change management is guided by the standards we comply with such as ISO27001 and ISO9001. This includes but is not limited to assessment of potential security impacts and tracking of components throughout their life.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: IBM PSIRT is the centralized process through which IBM customers, security researchers, industry groups, government organizations, or vendors report potential IBM security vulnerabilities. IBM is committed to responding to new threats and risks. IBM's Secure Engineering practices were designed so that IBM can act in a timely fashion to a reported security vulnerability affecting an IBM product or solution. To help protect our customers, IBM does not publicly disclose or confirm security vulnerabilities until IBM has conducted an analysis of the product and issued fixes and/or mitigations
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: IBM support various ISO standards and has passed an ISO 27001 certification for its datacenters. IBM control points are independently audited by a third party via an annual SSAE-16 Type II (SOC 2 ) certification. Customers can request the SOC 2 report via the Customer Portal. Response times vary with incident criticality
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: IBM supports various ISO standards and has passed an ISO 27001 certification for its datacenters. IBM control points are independently audited by a third party via an annual SSAE-16 Type II (SOC 2 ) certification. Customers can report incidents and request the SOC 2 report via the Customer Portal

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Infocat follows best practise in terms of recycling and energy usage. We encourage staff to use public transport when at all possible and provide employees with a company bike scheme.

  Covid-19 recovery

  Following Covid, InfoCat has adopted a hybrid working approach to its staff. We have adapted our policies to provide flexibility to those staff who are most vulnerable

  Equal opportunity

  All job applicants are treated completely equally whatever their background. InfoCat has a equal opportunities policy which applies to all employees. We have a long track record of employing ethnic minorities

  Wellbeing

  InfoCat provides a package of benefits to ensure the physical and mental wellbeing of its staff. These include health cover, flexible working and holidays in excess of the statutory minimum. We also provide a company bike scheme and gym subscriptions

Pricing

• Price: £65.00 to £210.00 a user a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@infocat.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.