Generation Digital

Asana Work Management Platform

Asana helps teams stay connected in their workflow, wherever they are. Acting as a collaborative work management platform it provides clarity in organisation from daily tasks to big projects and strategic initiatives, helping teams project manage and meet deadlines, by bridging the gap between strategic planning and execution.

Features

• Project Management
• Organise Work (agile working with kanban boards)
• Manage Tasks
• Visualise Projects
• Assign Tasks
• Set due dates and times
• Agile Working Boards
• Streamline workflow and approvals
• Manage workload across the team (Helping to avoiding burnout)
• Remote Access allowing connection and collaboration while working remotely

Benefits

• Easily manage team projects and tasks
• Stay in sync, hit deadlines, and reach your goals
• Map out each step and organize tasks
• Visualise work through multiple stages quickly and easily
• Use Timeline to create a project plan
• Simplify workflows, reduce errors, and save time
• Streamline work
• Easily spot holes and overlaps in your schedule
• Monitor the status of key initiatives in real time
• Manage team workload

£0 to £46.00 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@gend.co. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

951752994987597

Contact

Thomas Sutton
0203 6379 776
gcloud@gend.co

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Asana is a cloud only SaaS solution. An on-premise deployment is not possible.; ; Asana is not supported on: ; ; Internet Explorer 10; Internet Explorer 11; Opera; Developer or Beta versions of supported browsers
• System requirements:
  • The latest versions of Chrome, Safari, Firefox, and Edge browser.
  • The active and current email address.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We provide expedited support and aim to respond quickly to questions. Available during business hours Monday to Friday, we will respond to enquiries within one business day or twenty four hours from the date of the receiving the inquiry.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: N/A
• Onsite support: Yes, at extra cost
• Support levels: We provide the following support levels:; ; Onboarding plans: Work hand-in-hand with an expert on a custom onboarding plan, timeline, and kickoff.; ; Customer success managers (CSMs): A dedicated partner familiar with your goals, helping you hit them with coaching, calls, and training.; ; Professional services: Additional consulting sessions for on-site training, digital transformations, custom integrations, and more.; ; Custom resources: From onboarding to feature tips, we can provide the right content at the right time to help answer your team’s questions and needs.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide Online Training, Onsite Training, User Guides, etc.; ; To help your team start using Asana, we’ve analyzed what the most successful teams in Asana have in common, channeled the expertise of our Customer Success Managers, and incorporated proven change management strategies all to craft the “Asana Way of Change” framework outlined in this article.; ; Asana Help: Get how-to help and step-by-step instructions for specific features in Help.; ; Asana Forum: Ask questions, get answers, and join our large community of Asana experts.; ; Asana Academy: Learn how to use Asana through trainings, webinars, and interactive courses hosted by Asana’s Customer Success team.; ; Asana Guide: Learn how to onboard your team and use Asana to its full potential with quick and easy tips.; ; Asana Use Cases: Learn how other teams like yours use Asana and how to build out projects specific to your team.; ; Asana Developer’s Guide: Learn how to customize the Asana experience, leverage your data with the Asana API, and join our developer community.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: You can export your own data, per project to the text-based file formats JSON or CSV, the latter of which can be viewed in a spreadsheet application like Microsoft Excel or Google Sheets. This can be done via the admin console or by contacting support.
• End-of-contract process: At the end of the contract, licences can be renewed or terminated.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: With most features available on both the mobile and desktop service, the user experience is similar. Access to all of Asana's tailor made features for mobile are readily available when accessing the platform on a mobile device through the application.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Asana API is a RESTful interface which provides programmatic access to much of the data within the system. Users can import and export information from inside Asana, providing predictable URls for accessing resources, and uses built in HTTP features for receiving and returning commands. This enable easy communication in a broad variety of environments. User's can sync other tools such as Miro or Slack, draw custom reports from their Asana data, customise Asana's native features, and programmatically manage accounts at scale. ; ; The API accepts JSON or form-encoded content in requests and returns JSON content in all of its responses, including errors. Only the UTF-8 character encoding is supported for both requests and responses.; ; Asana's platform is designed to flexible, inclusive, and powerful. This makes it a well rounded tool that can adopted by any team and customised to assist their workflow and maintain clarity in their working processes.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Different workflows, views, and fields can be built around underlying units of work. This allows for a very high level of customisation for the user, bringing a level of personalisation that allows them to use Asana to boost in their workflow in the perfect way for them. ; ; Customisation features include: ; ; Branding; Custom Fields; Display; Workflow; Templates; Integrations; Security

Scaling

• Independence of resources: Asana is a highly scalable platform that is used by over 30 million people and millions of teams according to their 10-K in 2021. This demonstrates Asana as highly reliable and resistant to the strains of high demand.

Analytics

• Service usage metrics: Yes
• Metrics types: From within Insights you can understand how your organization is using Asana through high-level metrics; See recently added teammates; View the most influential members in your organization (active members with the most invites sent, teams created, and projects shared in Asana); With Business, you can view detailed engagement activity over time to spot trends in your organizations usage of Asana; Report of projects status, work load, etc.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Asana (Generation Digital is an official partner providing additional services)

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: You can export your own data, per project to the text-based file formats JSON or CSV, the latter of which can be viewed in a spreadsheet application like Microsoft Excel or Google Sheets. This can be done via the console or a support ticket.; ; The APIs are also available to perform regular/ bulk exports.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats: Text
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • Monday.com
  • Trello
  • Airtable
  • Smartsheet
  • Wrike
  • Google Sheets

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We provide expedited responses to any enquiries. ; ; Asana provides, for Asana Enterprise plan customers, Asana provides 24/7 English support and will respond to Customer support inquiries filed via https://asana.com/support within two (2) business hours of receipt of such inquiry (excluding US, Ireland, and Australia holidays).; ; This excludes service maintenance times, which are not in excess of 360 minutes in each fiscal quarter. With scheduled maintenance requiring 3 days notice to be given and any unplanned or emergency maintenance requiring at least 60 minutes advanced notice.
• Approach to resilience: Available upon request.
• Outage reporting: Email alerts and prior warning from Asana is issued.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: On a quarterly basis, management reviews user access to in-scope systems for continued appropriateness and removes any access that is no longer required. Upon termination of employees, access is removed.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Moss Adams Certifications LLC
• ISO/IEC 27001 accreditation date: 07/04/2024
• What the ISO/IEC 27001 doesn’t cover: N/a
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 08/13/2022
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: N/a
• PCI certification: Yes
• Who accredited the PCI DSS certification: PCI Security Standards Council
• PCI DSS accreditation date: 30/06/2018
• What the PCI DSS doesn’t cover: Face-to-face channels
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • SOC 2 audits for controls
  • SSAE 16 certification
  • ISO/IEC 27001:2013
  • GDPR
  • CCPA
  • GLBA
  • FERPA

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • Other
• Other security governance standards: SOC 2 (Type 1 and 2); Asana has successfully completed its SOC 2 (Type I) and (Type II) audits for controls relevant to security, availability, and confidentiality.
• Information security policies and processes: SOC 2 (Type I) and (Type II). This means that an independent third party has both validated our processes and practices with respect to these three trust services criteria and confirmed our ability to maintain compliance with the controls we’ve implemented.; ; Security in our Software Development Lifecycle; Asana uses the git revision control system. Changes to Asana’s code base go through a suite of automated tests and are reviewed and go through a round of manual review. When code changes pass the automated testing system, the changes are first pushed to a staging server wherein Asana employees are able to test changes before an eventual push to production servers and our customer base. We also add a specific security review for particularly sensitive changes and features. Asana engineers also have the ability to “cherry pick” critical updates and push them immediately to production servers.; ; In addition to a list where all access control changes are published, we have a suite of automated unit tests that check that access control rules are written correctly and enforced as expected. We also work with third-party security professionals to:; ; Test our code for common exploits; Use network scanning tools against our production servers

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Asana uses the git revision control system. Changes to Asana’s code base go through a suite of automated tests and are reviewed and go through a round of manual review. When code changes pass the automated testing system, the changes are first pushed to a staging server wherein Asana employees are able to test changes before an eventual push to production servers and our customer base. We also add a specific security review for particularly sensitive changes and features. Asana engineers also have the ability to “cherry pick” critical updates and push them immediately to production servers.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Asana maintains an ongoing risk management process to proactively identify vulnerabilities within systems and assess new and emerging threats to operations. Asana maintains a vulnerability scanning process both for external and internal systems in the production environment. Security team performs scans at least quarterly and remediates vulnerabilities based on rating. Vulnerability scans are also run after any significant change to the production environment as determined by the Head of Security.; We work with security professionals to test code for common exploits and use network scanning tools against our production servers. Penetration testing is performed annually. Vulnerabilities are remediated and re-tested.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Asana uses specialist monitoring services (Amazon Cloudwatch). Asana monitors the capacity utilization of physical and; computing infrastructure both internally and for customers to ensure service delivery matches service; level agreements. We have automated security scans on our network and applications. A monitoring; script runs weekly to validate code changes were properly reviewed.; ; Asana maintains an Incident Response Plan designed to establish a reasonable and consistent response; to security incidents and suspected security incidents involving the accidental or unlawful destruction,; loss, theft, alteration, unauthorized disclosure of, or access to, proprietary data or personal data; transmitted, stored, or otherwise processed by Asana.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Asana maintains an Incident Response Plan designed to establish a reasonable and consistent response to security incidents and suspected security incidents involving the accidental or unlawful destruction, loss, theft, alteration, unauthorised disclosure of, or access to, proprietary data or personal data transmitted, stored, or otherwise processed by Asana.; ; These incident response procedures detail how Asana Security triages, investigates, remediates, and reports on security incidents. Asana has contracted with third party digital forensics and incident response firms in the case of a data breach.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • Police National Network (PNN)
  • NHS Network (N3)
  • Joint Academic Network (JANET)
  • Health and Social Care Network (HSCN)
  • Other
• Other public sector networks: UK SBS

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We are committed to fighting climate change and aim to be carbon neutral. ***

  Tackling economic inequality

  Tackling economic inequality; ; We are committed to tackling economic inequality ***

  Equal opportunity

  Equal opportunity; ; We are committed to equal opportunity for all ***

  Wellbeing

  At Generation Digital we are fully committed to promoting Mental Health and wellbeing within our offices and during the delivery of our services.

Pricing

• Price: £0 to £46.00 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: A 30 day free trial is available.
• Link to free trial: https://form.asana.com/?k=zHjUrS3kl8tvoJKPE41GEQ&d=730738882138290

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@gend.co. Tell them what format you need. It will help if you say what assistive technology you use.