EnableIT Technologies Ltd

monday.com Work OS - Project/Task/Process Management Software

monday.com is a Work Operating System (OS) that allows visual collaboration to transform the way teams work together. A Work OS is a cloud-based software platform for organisations of all sizes. A simple, but intuitive, tool that enables people to manage work, meet deadlines and build a culture of transparency.


  • Resource planning and workload allocation, including time tracking
  • Management of project lifecycle from concept to delivery
  • No-code automation for intelligent processes and workflows
  • Native integrations and app marketplace connecting third-party solutions
  • Kanban and sprint boards with calendar and timeline views
  • Open API and no-code export of complete data set
  • Dynamic dashboards with bar charts, pie charts, line graphs, pivot
  • Collaboration and communication via platform, email and Microsoft Teams
  • Flexible stakeholder interactions with forms and shareable content


  • Blending production workflows with agile and SCRUM methodology
  • Enabling process automation for non-tech users
  • Flexible low-maintenance platform with intuitive user experience (UX) design
  • Effective and visually pleasing processing of data and communication
  • Strong collaboration features drives adaption and organisational efficiency
  • 360 degree view of projects and processes with integrated reporting
  • Personalised experience for individuals but clear overview for managers
  • Transparency, accountability, and process risk management
  • Easy monitoring and management of tasks and deadlines


£18 to £38 a user a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jbushnell@enable.services. Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

9 5 3 6 4 1 7 4 5 8 1 0 1 8 1


EnableIT Technologies Ltd Joseph Bushnell
Telephone: 01473618980
Email: jbushnell@enable.services

Service scope

Software add-on or extension
Cloud deployment model
Public cloud
Service constraints
Monday.com software can only be run in the cloud by monday.com in AWS data centers.
System requirements
An active license is required for each user

User support

Email or online ticketing support
Email or online ticketing
Support response times
Our friendly UK Based support team are available on the phone Monday - Friday, 7.30am to 6pm. We also have strict Service Level Agreements within these times. SLA Response Times P1 Response Time: 30 mins (response), 1 hour (target fix), 1 hour (max fix) P2 Response Time: 4 hours (response), 24 hours (target fix), 40 hours (max fix) P3 Response Time: 8 hours (response), 50 hour (target fix), 70 hours (max fix)
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
We have undergone intensive testing to alert users that a new chat has been opened and to also direct any chat visitors outside of office hours.
Onsite support
Yes, at extra cost
Support levels
We provide both Basic End User and Technical Support. All customers have a dedicated Technical Account Manager. We have our own team of Helpdesk & Infrastructure Engineers that are available to all customers. We also provide onsite or remote sessions to ensure that you are getting the very best out of your Marketing Automation system and that it is working well for you.
Support available to third parties

Onboarding and offboarding

Getting started
You will be assigned a dedicated project manager to ensure the systems is ready for go-live and contains all the required functionality. We provide both onsite and online training, as well as documentation and recordings of how to use the system. You will also be assigned a dedicated account manager who will be able to assist with any queries once the system is up and running.
Service documentation
Documentation formats
  • PDF
  • Other
Other documentation formats
  • Word Documents
  • Video
End-of-contract data extraction
A full system data snapshot is provided to customers at the termination of any service.
End-of-contract process
Various terms are available which can be discussed prior to contract agreement.

Using the service

Web browser interface
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
The mobile service and browser are a little bit different when it comes to behaviour and feature availability. The mobile service is compact and thumb-friendly to give you an amazing on-the-go experience, while the desktop is horizontal and much larger. You cannot complete the following actions from your mobile device; change your password, change your time and date preferences, set which types of notifications you'd like to receive, change two-factor authentication method, set up or change your email integrations and view your past and current sessions.
Service interface
User support accessibility
WCAG 2.1 A
What users can and can't do using the API
GraphQL structure, an alternative to REST based API's, which operates on the single URL/endpoint. The API rate limit is 10 million queries per minute.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
Custom fields, as well as automations and naming conventions, can be managed by the user. Any other changes such as colours and functionality can be requested and discussed with their dedicated account manager. We have an in-house team of developers to execute these.


Independence of resources
Continuous monitoring of performance metrics, analysis, and provisioning.


Service usage metrics
Metrics types
Data includes metrics such as emails sent, emails opened, emails clicked, content & campaigns created, campaign interaction, points changed, contacts created, contacts qualified.
This is not an exhaustive list.
Reporting types
  • Real-time dashboards
  • Regular reports


Supplier type
Reseller providing extra support
Organisation whose services are being resold

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
The exporting of data can be limited by users, roles, and teams. For example, a user can only export records assigned to them, or only admin users can export any data.
Data export formats
  • CSV
  • Other
Other data export formats
  • Excel
  • HTML
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
Create security zones using subnets, gateways and access control lists.

Availability and resilience

Guaranteed availability
Availability and contractual obligations thereof can form part of any contractual agreement.
Approach to resilience
Full-stack redundancy and multiple routes to the internet backbone.
Outage reporting
Public Dashboard

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
We use security groups and public key authentication.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
The standards institution of Israel
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
The certificates validity is subject to the organisation maintaining their system in accordance with SII-QCD requirements for system certification.
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications
Any other security certifications
  • SOC2 Type II security certification
  • ISO/IEC 27018 , Security techniques
  • ISO/IEC 27017:2015
  • ISO/IEC 27032:2012
  • ISO/IEC 27701:2019
  • GDPR Certified
  • EU-US Privacy Shield

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
ISO/IEC 27018
Cyber Essentials Certified
Information security policies and processes
This is laid out in in out 27001/13 policies under POL_SEC_0023, all incidents are record by the compliance director who reports directly to the Board of directors

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
The company uses monday.com as it change request platform, any changes to any internal or external systems. The change request is made by either the customer or employee via a downloadable form which is then summited to the compliance officer who then forwards to the appropriate person. If the change is agreed then the applicant will receive an email authorising to carry out the change within a set period. All services are both internal and external are subject to the change management policy.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Both internal and external systems are continually scanned from both inside and external from secure scan points. Manual scans are carried out using the Metasploit framework carried out by the infrastructure. s Snort and Open VAS network intrusion detection vulnerability & prevention servers are also deployed which provide updates real-time. All Equipment are scanned and patched automatically from a central server, updates are applied on as soon as a possible but within 4 hours. The company subscribes to industry standard NGIPS list and rule sets which update automatic both the Snort, Open VAS, and Metasploit servers.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Both the internal and external facing ports are scanned one a week and the internal network is scanned daily. Once a month the external port are per tested and the report export and any vulnerabilities rectified. As soon as a potential compromise is found it is dealt with within 4 hours.
Incident management type
Supplier-defined controls
Incident management approach
The company has a pre-defined policy for all incidents as laid out in our 27001/13 policy document.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks

Social Value

Covid-19 recovery

Covid-19 recovery

As the novel coronavirus (COVID-19) continues to spread around the world, our uncompromising priorities at enable.services remain the success of customers, the safety of our employees, and supporting efforts that combat this outbreak the best ways we can.

Our commitment to quality service

As a company, we are committed to providing a safe environment for our employees and ensuring business continuity, to best serve our customers and partners.

We are confident that the effects of the coronavirus (COVID-19) will not impact our enable.services solutions and platforms and our commitment to our global community of users is unwavering. We thank you for your continued support and trust in us.

We have ensured that our team members have whatever they need to work remotely as needed, and to continue doing their jobs securely. We have increased channels of internal communication, and as always, prioritise communication with you, our customers, so you can remain focused on your business priorities.

What we’re doing to help

Today, hundreds of non-profit organizations, hospitals, and universities are using our solutions to accelerate their efforts to do good things in the world.

In light of the ongoing outbreak, we want to help as many teams as we can to accomplish even more. We believe in the power of our solutions to help any team work better together, and especially in a remote environment, and we want to do our part to support the efforts combatting COVID-19.

Guidance on remote work, with more to come

Helping virtual teams overcome the communication and collaboration obstacles they face on a daily basis is an essential part of our solutions. Over the years, many remote teams have chosen to use our solutions to improve their daily workflows and relationships, but working as a remote team takes time to refine.


£18 to £38 a user a month
Discount for educational organisations
Free trial available
Description of free trial
Free two-week trial
Link to free trial

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jbushnell@enable.services. Tell them what format you need. It will help if you say what assistive technology you use.