service_catalogue_fully-managed services

P a g e 0

1

Fully-Managed Services Catalogue Table of Contents

Fully-Managed Services Introduction ...................................................................... 2

Service Offerings ....................................................................................................... 4

Bronze Fully-Managed Service .......................................................................................... 4

Silver Fully-Managed Service ............................................................................................ 6

Gold Fully-Managed Service .............................................................................................. 8

Service Elements ....................................................................................................... 9

24/7 Incident Support ......................................................................................................... 9

24/7 Critical Incident Management ................................................................................... 10

24/7 Infrastructure Monitoring .......................................................................................... 11

24/7 Network Monitoring .................................................................................................. 12

24/7 Security Monitoring - Advanced Threat Detection .................................................... 13

Operational Essentials ..................................................................................................... 15

Service Management - Bronze ......................................................................................... 16

Service Management – Silver & Gold .............................................................................. 18

ServiceNow Service Desk ................................................................................................ 19

Security Patching & System Updates ............................................................................... 25

Proactive System Maintenance (Watchpoints) ................................................................. 26

Reporting ......................................................................................................................... 27

Business Continuity Planning and Disaster Recovery ...................................................... 28

Governance, Risk and Compliance .................................................................................. 29

Value Added Options .............................................................................................. 30

On-Site Customer Support Engineer ................................................................................ 30

Support and Consultancy Pack ........................................................................................ 31

Document Control ................................................................................................... 32

2

Fully-Managed Services Introduction

Blue Chip offer a comprehensive Fully-Managed Service package to enable customers to outsource the activities required to monitor, repair and maintain their IT infrastructure. Blue Chip have over 20 years’ experience and over 140 technical professionals, enabling us to provide an effective and cost-efficient service round-the-clock. All Fully-Managed Services are delivered for a fixed monthly price and are based upon a 3-year initial term.

Our Fully-Managed Services are packaged in three tiers to meet the needs of each individual customer:

Bronze: Providing an all-inclusive 24/7 package of unlimited incidents and service requests, monitoring (including security), remote service management and essential proactive patching and maintenance. A Service Desk platform is also provided for your internal use including a service portal for your end users. Everything that is needed for an effective and low cost service.

Silver: In addition to our Bronze service, security patching and system updates are provided whilst our extensive catalogue of service Watchpoints ensures increased uptime and reduced incidents through the completion of repeated, systematic activities that prevent known failures. The Silver service is also enhanced with detailed reporting and on-site service delivery management meetings to drive forward the progress of your IT.

Gold: In addition to the features in our Bronze and Silver packages, Gold customers benefit from extensive Disaster Recovery and Business Continuity activities whilst our governance, risk, and compliance management minimises risk by the development, deployment and monitoring of policies around security, data protection, web usage, email and BYOD.

As standard, all of our Fully-Managed Services include the support and maintenance of the IT Infrastructure and the support for your end users, 24/7. Bespoke packages are available to enable our customers to segregate this and to take the support of the end users in-house whilst Blue Chip support and maintain the IT Infrastructure. If this option has been chosen, this will be stated in your proposal document.

In all cases, specific projects to implement new or upgraded technology will be charged in addition to the Managed Service for a fixed price, based upon a detailed schedule of work.

3

The core services, subject to the tier of service adopted include:

24/7 Incidents and Service Requests

24/7 Critical Incident Management

24/7 Proactive Monitoring

24/7 Advanced Security Monitoring

Operational Essentials

Service Management

Proactive Watchpoints

Reporting

ServiceNow Service Desk

Business Continuity Planning and Disaster Recovery

Governance, Risk and Compliance Management

4

Service Offerings

Bronze Fully-Managed Service

Our Bronze Fully-Managed Service provides an unlimited, all-inclusive, fixed price service for the support, maintenance and management of your IT. The service is predominantly delivered on a telephone and remote basis with engineers dispatched to site as required, leveraging a team of 140-strong technical professionals with round-the-clock operation to service your users on a true 24/7 basis. Unlike traditional managed services or on-site IT teams which generally offer a 9-5 service with “on call” support at best, our Managed Service adapts to the needs of our customers. This approach to service delivery is designed for the modern world of flexible working and to cope with the fluctuation in demand that is now commonplace within any IT function.

The service introduces an extensive monitoring toolset, observing all of your key service-delivering assets such as servers, switches and routers. This toolset captures errors and information - such as capacity thresholds and predictive failure notifications - and automatically generates a ticket in our Service Desk system. Our 24/7 team then act on this ticket, reducing downtime by preventing failures before they happen. Our ability to act on these alerts out-of-hours can reduce downtime in business hours through action before the users arrive at work and realise a key business system has failed overnight.

The Bronze Service incorporates all the essential maintenance that is often missed by in-house teams and Service providers, and includes regular server patching, antivirus updates, and the review, verification and testing of backup jobs.

Should you still encounter a security breach despite the improvements achieved through essential maintenance, our Security Monitoring Service included within the Bronze package significantly reduces the impact by quickly identifying the threat and automatically creating a ticket for our 24/7 team to act upon (severity dependant).

From a service management perspective, Bronze customers benefit from a remote Service Delivery Manager (SDM). Your SDM will communicate with you regularly with regards to exceptional incidents such as system outages and problem tickets (items such as repeat issues). A monthly remote service management meeting is completed to brief you on the month’s activities and agree actions that are required in response to the activities (such as preventative tasks in response to an outage).

In the event that a customer has internal resources covering areas such as line of business application support, a ServiceNow Service Desk Platform is provided for up to 5 operators. This allows these operators to work collaboratively with Blue Chip, providing efficient operational processes and a single system for logging, managing and reporting on all IT incidents, service requests and change requests.

24/7 Service Desk providing unlimited incident support and service requests

24/7 Monitoring of your infrastructure

24/7 Security Monitoring and remediation, reducing the risk posed by cyber threats

Fixed price for 3 years with monthly billing

Regular patching and basic maintenance keeping your systems healthy

Remote Service Management

ServiceNow Service Desk Platform for 5 operators (with unlimited portal users)

5

The Bronze service includes the following service elements as described within this document:

24/7 Incident Support



24/7 Advanced Network Monitoring

24/7 Advanced Security Monitoring – Advanced Threat Protection



ServiceNow Service Desk Platform

6

Silver Fully-Managed Service

Our Silver Managed Service includes all of the features described within the Bronze Fully-Managed Service and adds a range of additional proactive activities to enhance the reliability and performance of your systems. This is achieved through two main features.

Firstly, our Security Patching and System Update feature builds upon the basic patching and maintenance activity that we complete within Operational Essentials which focuses on basic patching and updates such as Windows updates and antivirus. With this service, regular tasks are scheduled to install the latest patches and firmware updates to all of your infrastructure assets. In addition, these are captured into an asset management database with details such as operating system version and patch level, empowering us to implement additional emergency security updates in the event of a new threat being released.

Secondly, we carry out an extensive schedule of pre-defined proactive maintenance tasks (known as Watchpoints) across all of your infrastructure assets. These tasks are scheduled in our Service Desk system and automatically created on a repeated basis, ensuring consistency in execution. Many of these tasks are well understood within the industry as needing to be done however our systematic process means that they do not get pushed to one side whilst break fix incidents or projects take the priority.

These tasks are broken down into three core areas:

System Health: The system health Watchpoints involve the review of the event logs both at a hardware and software operating level, looking for potential issues and patterns. Devices and software platforms are also reviewed to ensure they are fit for purpose by assessing their warranty status and ensuring they are still in mainstream support by the related vendors.

Vendor Best Practice: The best practice Watchpoints involve reviewing all of the hardware and software platforms within your infrastructure and benchmarking them against our vendor best practice runbooks. Any gaps against the best practice standard are identified, logged and remediated, ensuring best practice is achieved within your environment.

System Performance & Capacity: The system performance & capacity Watchpoints involve reviewing the spare capacity within all of the hardware and software platforms in your infrastructure. It also involves assessing the performance of the various systems, including local and wide area networks. All opportunities for improvement that are identified are logged and executed, making the best of your investments in IT infrastructure

From a service management perspective, Silver customers enjoy a much more extensive service. This includes the adoption of a Change Management process; reducing the impact and risk associated with change through close management of the activities, including an assessment of the technical detail, completion of an impact analysis and definition of a roll back plan.



24/7 Security Monitoring and remediation reducing the risk posed by cyber threats


Extensive patching and system updates

Proactive Watchpoints increase system performance and uptime by carrying out preventative maintenance tasks

Enhanced Service Management including a Change Management process

Extensive reporting with monthly on-site review meeting


7

Silver customers also enjoy a monthly on-site service delivery meeting with a senior Service Delivery Manager (SDM). The on-site SDM will get to know you and your business, and go above and beyond standard reporting in services offered generally by SDMs. The senior SDM will be there for you as required to discuss areas such as IT strategy, business change, IT projects, and application challenges and developments.

The Silver service includes the following service elements as described within this document:










Service Delivery Manager

Reporting

8

Gold Fully-Managed Service

Our Gold Fully-Managed Service includes all of the features described within the Bronze and Silver Fully-Managed Services and adds two specific features for customers wishing for the ultimate Managed Service. These two services increase peace of mind for customers through enhancement of your Business Continuity and management of key usage policies through our Governance, Risk and Compliance service.

In relation to Business Continuity, our service involves gaining a deep understanding of your core business systems and the business impact in the event of these systems being unavailable. We will then agree appropriate Recovery Time and Recovery Point Objectives for each business system, and provide consultation and advice in the event that systems require modification in order to meet these business requirements. Once any system changes have been made, DR “runbooks” are created in order to document the recovery process in detail. This runbook is then regularly tested to ensure that you can rest easy knowing that should the worse happen, your systems can be recovered within a timescale that meets the needs of the business.

With regards to governance, risk and compliance, we work alongside you in order to support you in defining your IT usage policies for areas such as web browsing, email, BYOD, data protection and security. Once these policies are defined, we agree a schedule of tasks with you whereby we review your operational reality against these policies. Exceptions are documented in a risk register whereby we work with you to agree actions to remedy these non-conformances.

The Gold service includes the following service elements as described within this document:











Reporting





24/7 Security Monitoring and remediation reducing the impact of cyber threats


Extensive Patching and system updates

Proactive Watchpoints increase system performance and uptime by carrying out preventative maintenance tasks

Enhanced Service Management

Extensive reporting with monthly on-site review meeting




9

Service Elements


Our Service Desk is a multi-channel single point of contact for all your IT support needs. The Service Desk

co-ordinates and manages the resolution of all incidents 24 hours a day, 7 days a week. With our Fully-

Manged Service, your call is directed directly to a Service Engineer who will work with you to resolve your

issue. Over 86% of our incidents are resolved during this first contact by leveraging our remote support

toolset, significantly reducing the scenarios whereby you have to wait for a response back in order to

resolve your issue. At all times we are fully aware of incidents, when they happen and when they are

resolved, our performance against SLA, and of the value our service delivers to your business.

Our Service Desk will:

1. Handle all IT-related service issues, including

incidents, problems, service requests and general

queries

2. Monitor, forward and/or escalate all incidents

3. Keep end users informed on status and progress

until the incident is resolved

4. Manage warranty issues through to resolution

The Blue Chip Service Desk will take ownership of each

incident from initial recording to closure following the

escalation paths agreed at service initiation.

As part of our standard support offering we provide all of our customers access to the web-based Portal to our Service Management System (ServiceNow), enabling customers to log new support tickets and service requests, as well as to review and interact with our Support Team on existing tickets.

Benefits of the Portal for End Users

For a “View only” end user:

Users can see their ticket updates as soon as they happen, any time of day. For a “Default” end user:

Create tickets directly in our system.

Add documents to a ticket at any time throughout its life.

Review progress and call an early halt if it is no longer required or important.

Benefits of Portal Management Access

A view across all calls logged by your organisation.

Service Desk

3rd Parties

Your Users

Your Mgmt

Team

Your Account Manager


10


Critical Incidents are categorised as those for which the degree of impact on the business/organisation is extreme. Incidents for which the timescale of disruption – to even a relatively small percentage of users – becomes excessive should also be regarded as Critical Incidents. Blue Chip has a separate procedure for incidents which have shorter timescales and a greater urgency. Critical Incidents are identified and acted on within strict SLAs

In case of a Critical Incident occurring, a separate technical team under the direct leadership of the Critical

Incident Manager will take over and will make sure adequate resources and focus is in place to provide

the fastest resolution or workaround. The Critical Incident Manager will provide constant communication

updates (as per the customers’ individual communication plan) to the key stakeholders within Blue Chip

and the Customer. Communication will be provided by at least one (but not necessarily all) of the following

means:

SMS updates

Email

Phone

Conference Bridge

Once the Critical Incident has been resolved, the Critical Incident Manager will create a full Route Cause

Analysis (RCA) of the incident. This will be unbiased of blame or actions that caused the incident.

The RCA will comprise the following contents:

Statement of the timeline of the Incident

Corrective actions taken

Preventative actions taken

Incident analysis

Lessons learnt

Recommendations

Service Managers own Critical Incidents 24/7 and provide clear non-technical updates at key incident milestones

Issues are triaged 24/7 until resolved

Effective workarounds are implemented where appropriate to reduce business impact

3rd party engineering teams are tightly managed where they are key to resolution

On-site prescience provided where appropriate

Extensive report provided, including corrective and preventative actions

11

24/7 Infrastructure Monitoring

The 24/7 Infrastructure Monitoring Service is a monitoring and alerting service for selected IT

infrastructure, including servers, SANs and storage devices. A monitoring client is installed on a suitable

networked device (workstation or server with internet access) on the customer’s LAN and configured to

monitor and record specific information in real time. These values and conditions are compared to

thresholds set during configuration to alert when they are met or exceeded. Encrypted data is then relayed

over the internet to the remote application server located at Blue Chip’s Head Office, where it is stored for

reporting purposes and processed by the monitoring team.

The service provides:

Monitoring, alerting and updating services

Site up/down

Capacity (Hard Disk utilisation)

Server performance monitoring; CPU usage, RAM usage

Windows operating system event log monitoring

SNMP monitoring

Application monitoring (where applications permit)

24/7 real-time monitoring and alerting of all production infrastructure

Event and performance counters

E-commerce website monitoring

Remote server/user control and remote systems tools & management

Alerts that require action are automatically logged as Service Desk Incidents and resolved 24/7

Alerts that do not require action are collated and communicated

12

24/7 Network Monitoring

24/7 Network Monitoring is a proactive monitoring and alerting service for selected network devices,

including routers, firewalls and other networked devices. A SolarWinds collector is installed on a suitable

networked device (workstation or server with internet access). Once configured the collector will record

specific information in real time. This information will be encrypted and relayed to our application server,

located at Blue Chip’s Head Office. The data values will then be reviewed and compared to the thresholds

set during configuration. If the information does not match or exceeds these thresholds, the system will

create an alert and an automatic ticket will be raised in our ServiceNow Service Desk system. The

information gathered from the collector will be stored for reporting purposes.

The service provides:

Monitoring, alerting and updating services

Site up/down

CPU usage, RAM usage

Network event log monitoring

Top Ten traffic by bandwidth

24/7 real-time monitoring and alerting of the network environment

Traffic light status of each network asset

Alerts that require action are automatically logged as Service Desk Incidents and resolved 24/7

Real-time customer dashboards

Top Ten traffic by bandwidth

Memory/CPU health

13

24/7 Security Monitoring - Advanced Threat Detection

The 24/7 Security Monitoring Service is an Advanced Threat Detection, proactive monitoring and alerting

service that reduces the impact of security events by identifying, logging, scoring and acting upon security

events in real time, around-the-clock.

A security monitoring sensor is installed on the customer’s site and configured to receive security and

event management information from service-providing IT infrastructure assets, such as perimeter firewalls

and servers. The security sensor then connects to a remote application server located at Blue Chip’s Head

Office via VPN where encrypted data is correlated against over 2000 security directives and best practice

security policies.

The security sensor monitors network behaviour and creates security incidents. These incidents are

broken into the following categories:

System Compromise

Exploitation and Installation

Delivery and Attack

Reconnaissance and Probing

Environmental Awareness

Each incident is logged with an incident priority depending on its severity. These priorities are graded as

Low (P5), Medium (P4) and High (P1). The incident priority is pre-defined and based upon the category

and the risk level defined for the incident by the AlienVault toolset.

Once a security incident has been logged and prioritised, the appropriate actions are taken as below:

High Priority (P1): These incidents represent a significant risk to the business and therefore require urgent

action. Our systematic process ensures that these are automatically logged as Service Desk Incidents

within Service Now and actioned against a pre-defined security escalation matrix with remedial work

completed on your behalf.

Medium Priority (P4): These incidents do represent a risk to the business but are of the nature whereby

they do not need immediate action on a 24/7 basis. As with High Priority incidents, they are automatically

logged within our Service Now ticketing system. They are however put into a queue for our security

specialists to review on your behalf during the next working day. Our security experts will examine the

detail of the incident and liaise with you, explaining the detail and making recommendations to remediate

the risk.

Minimise your risk of data theft, data loss and system downtime as a result of security threats and malware

Service powered by market-leading AlienVault toolset

High risk security incidents are automatically logged and progressed 24/7

Immediate shut down for specific known risks

Systematic logging of all security incidents in Service Now Service Desk platform

Best practice global security policies are implemented at Go-Live

14

Low Priority (P5): These incidents represent a very minimal risk to the business, but to ensure security

best practice is achieved they do need to be acted upon as appropriate. All low priority incidents are logged

within our Service Now ticketing system and categorised as Low Priority. Our security specialists will

review on your behalf, examine the incident and liaise with you, explaining the detail and making

recommendations to remediate the risk.

Please note that Blue Chip assumes that the customer enters the service at a reasonable security baseline

(for example, that their service delivering assets are regularly patched).

Hardware Requirements: The AlienVault security sensor is installed on the customer’s infrastructure in order to facilitate the operation of the service. Most customers will install the service as a virtual appliance; the minimum specification for this as follows:

VMware ESXi 5.5 or 6.x Host environment

4 x CPU Cores (Hyper Threading Desirable)

8GB RAM

2x Network Interfaces

250GB Disk Drive

Should you not have a virtual environment or sufficient spare capacity to accommodate the virtual appliance, Blue Chip can supply a low cost, pre-built server at a minimal cost. Please contact your account manager for a quotation. Given the rapidly-changing nature of security threats and the breadth of potential attack vectors, Blue Chip are unable to offer any absolute guarantees with respect to threat detection and system compromise. Security monitoring should always be used alongside a well-defined security policy and other complimentary security technologies. It should also be noted that Blue Chip are reliant on AlienVault to categorise the risks it identifies correctly to ensure the correct prioritisation of each security incident. Blue Chip cannot be held liable in the event of a miscategorisation and therefore an inappropriate priority being assigned to any given incident.

15


Operational Essentials are critical reoccurring tasks that are absolutely essential to the customer’s IT

operation. Blue Chip have devised a schedule of essential activities (known as Watchpoints) that are

automatically created and distributed to Blue Chip Service Desk engineers for action.

The type operational tasks we complete (but not exclusive) are:

Backup

o Verification of the scheduled backup job completion

o Resolution of any issues with failed backups

o Review and management of issues with data logs

Antivirus

o Verification that the latest virus definition files and engine update have been downloaded

o Maintenance and management of the antivirus server status

o Maintenance and management of the workstation antivirus status

Server Patching

o Review of open proactive alerts for essential system health issues

o Resolution of any longstanding essential system health issues

o Review of current patching levels against Microsoft patching library

o Arranging change control and system scheduled maintenance (if applicable) to update

current patch levels

Citrix essential scheduled reboots and maintenance

o Regularly schedule automatic reboots of any Citrix XenApp environments

o Regularly schedule a purge of the user logged on profiles

Reduce the risk of data loss through backup management

Reduce the risk of a security breach through antivirus management and regular patching

Reduce incidents caused by known issues with regular Microsoft Server patching

Improve the performance and reliability of your Citrix XenApp environment through scheduled reboots and maintenance

16

Service Management - Bronze

The Service Management Service is included within all of our Fully-Managed Service offerings and

provides ongoing management of the day-to-day technical activities. All customers are allocated a remote

Service Delivery Manager (SDM) who will become your main point of contact for the Service Desk.

The objectives of your SDM are to:

Reduce your overhead of managing your IT - we manage it so you don't have to

Make day-to-day IT decisions to ensure smooth running of your IT systems

Ensure that your IT systems keep pace with technological and business change

Communicate with your stakeholders the value that IT is making to the business

Get the best IT service from your technology, people and processes

Your SDM will complete a monthly remote meeting with you to report in the activity and exceptions from

the previous month, to include:

Problem tickets: reporting and agreeing actions on any open tickets

Proactive Watchpoints: reporting completed tasks and planned maintenance for the following

month

P1 Incidents: reporting and review of all incidents and agreeing preventative actions

Risk register: reviewing current register and agreeing remediation actions

Resource management: agreeing specific scheduling for the following month

The day-to-day activities completed by your SDM will include the following:

Trouble Ticket Management

o Incident management at key escalation milestones

o Aged ticket management (incidents over 7 days)

o Review of incidents that have been reassigned 3 times or more o Problem management

3rd Party Incident Management

o Liaising with 3rd parties in the event of a P1 incident to minimise business impact

o Establishing whether effective workarounds can be implemented to reduce business impact

o Driving 3rd party engineering teams to implement aggressive recovery plans

o Liaising with 3rd parties when planned maintenance impacts IT Service

Trouble ticket management

3rd party incident management

Resource management

Proactive Watchpoint management

Systems management

Remote service meetings

Non-technical communication

Detailed analysis of work completed and helps continually develop IT

17

Systems Management

o Ongoing management of ServiceNow and management tools, to include:

Company details, sites, contacts and users

VIP users

Escalation profile creation and maintenance

Automated reporting changes

Alerting notifications & end user experience surveys

Watchpoints Management

o Defining proactive maintenance tasks

o Creating daily, weekly and monthly proactive tickets and despatching to an engineer

o Managing and maintaining reoccurring proactive maintenance tasks

o Validating that proactive maintenance is being completed successfully

o Providing a proactive maintenance monthly report

18

Service Management – Silver & Gold

Our Silver and Gold Fully-Managed Services are enhanced by the introduction of a more extensive Service Delivery offering. A Senior Service Delivery Manager (SDM) is allocated to all applicable customers who takes a significant role in engaging with the customer through monthly on-site meetings and regular communication. Silver and Gold customers enjoy all of the features described within the Bronze Service Management element, regular on-site meetings and two specific added services: Change Management A formal change management process is introduced to provide a structured set of processes, controlling any changes made to your systems. The SDM will establish a change approval board whereby all changes will be logged and signed off by the approval board before any work starts. The SDM will manage the end-to-end change process, to include:

Management of the change approval board

Management of the technical approval of all changes

Performing an Impact Analysis of all changes before work starts

Providing business notifications if the change interrupts service

Creating roll out and roll back plans Asset Management An asset database is established at service Go-Live and is intelligently managed though our ServiceNow Service Desk platform. Assets are tracked to include their identification information and their software patch levels, enabling us to establish patch baselines and manage the consistency within your estate in relation to areas such as patch management.

The SDM will manage the Asset database to include:

3rd party contracts and any changes to the services

Asset hardware and software warranty contracts

Software and Licence Key management

Media library management

Monthly on-site visits

Create and manage a formal Change Management process

Asset Management including a dynamic change management database

Balances the commercial restrictions that may be in place and ensures investment is made wisely

19

ServiceNow Service Desk

Blue Chip uses ServiceNow as its Service Management System. ServiceNow (www.service-now.com) is an industry-leading SaaS-based, highly-configurable Service Management System, known as a “single system of record” that provides the opportunity to move your support team towards a service-oriented model. In ServiceNow the flow of work is defined, structured and even automated removing email and spreadsheets, allowing us to streamline the delivery and management of your services.

Blue Chip have been managing IT services for over 20 years and have fine-tuned the information we need to record against tickets to give us a comprehensive history of events as well as SLA management, reporting and team management. We have configured a standard template in our ServiceNow system which we can offer to you as your own service management system, called ServiceNow Service Desk. Using Blue Chip’s Service Desk application, you too can improve your service delivery processes through automation of issue handling and notification management. The Service Desk can assist your team by providing the following:

A centralised area for logging, updating and managing incidents, service requests, problems and

changes

A common set of processes across your team

Structured distribution of workload

Reduction on the reliance on email to manage your work

Repository for sharing information and knowledge

Reduced risk of information being lost

Drill-down reporting for analysis of ticket details and resources

A systematic process to collaborate with Blue Chip on tickets for a swift resolution

Access to security alert where you have opted to receive them

Blue Chip’s Service Desk is built in ServiceNow around the core ITIL processes of incident, problem and change control, and comprises of the modules:

The ServiceNow Service Desk platform

An end user portal

Incident management, including service requests and small projects

Problem management

Change management (including approvals)

The Service Desk gives you the ability to manage your tickets under SLAs and includes automated email notifications to your team and end users. Additionally, the Service Portal allows your end users to log and view tickets for you to manage.

Your Service Desk is a separate, secure data table within our system. It allows you to log, update and close tickets for each of the services.

Industry-leading Service Management System

No infrastructure costs (SaaS-based)

Inclusive, templated solution available (Bronze)

Co-manage tickets with Blue Chip

Branded for your business

Options which leverage Blue Chip’s volume licencing pricing

http://www.bluechip.uk.com/business-applications/dynamics-crm

20

Blue Chip’s Service Desk is configured at two levels; Bronze and Silver. Both the Bronze and Silver Service Desks are a licensable addition to your service, leveraging our volume-based licence arrangement with ServiceNow. All licences provided are co-termed with Blue Chip’s ServiceNow licence agreement. Blue Chip’s ServiceNow contract runs until August 2019. All configuration and support to the Service Desk is provided by Blue Chip who may liaise with ServiceNow.

The Service Desk is provided to you using the Third Party Service ITSM engine from ServiceNow under their Managed Services Provider Master Ordering Agreement, which includes the General Terms and Conditions available here: http://www.servicenow.com/schedules.do. In particular, you must comply with Sections 3.2 ServiceNow Platform, 3.8 Restrictions, 3.10 Customer Conduct.

This service is a “Subscription Service” using Blue Chip’s configuration of ServiceNow. ServiceNow is the owner of all intellectual property in the Subscription Service.

http://www.bluechip.uk.com/business-applications/sharepoint

21

Feature Comparison Table

The following table details the features included with both Bronze and Silver offerings:

22

Bronze Service Desk

The Bronze Service offers a templated setup to get you up and running as quickly as possible with your own Service Desk system.

The Bronze Service Desk Platform provides:

ITIL-based processes for incidents, service requests, problems and changes (collectively known as a ticket)

Prioritisation and categorisation of tickets

Management of tickets under Service Levels

Routine notifications and escalation processes for tickets created, updated and closed

Ability for time management with individual ticket time entries to record effort spent on each task within an incident, change or problem, plus timesheet reports

A ticket escalation process which allows Blue Chip to act as your First Line team and be involved in your ticket resolution process as overflow or expert engineers

Self-administration of users (creating, updating and disabling), ticket categories and sub-categories

Standard live reports in lists, pie charts or bar charts. Configurable report filters. Pie and bar charts can be drilled into

The opportunity to define Assignment Groups, i.e. work management teams

Your logo on the standard user page

Dashboard Welcome screen showing users work and team’s work

Service Desk user handbook

Go-Live remote training

The Portal provides:

A non-branded end user Portal for logging, reviewing and updating the end-user’s own incidents.

Incidents may be directed to your team or to Blue Chip

Manager level of access in the Portal for viewing and reporting incidents across the company.

Portal user handbook.

In the Bronze Service Desk, the system is configured to use Blue Chip’s standard Dashboard, SLAs, notifications, reports and Portal setup.

Features in the Incident module:

Fixed SLA measured on first response with Email Notification at 50%, 75% & 100% of elapsed time

Fixed priorities P1 - P5

Category and sub-category classifications with ongoing administrative ability to create new categories and sub-categories

Co-manage incidents - incident assignment to/from Blue Chip (requires Service Desk Entity for Blue Chip to assist with incidents)

23

Features in the Problem module:

Create and update problems and problem tasks

Link incidents & changes to problems

Record known issues

Pre-defined category and sub-category classifications with ongoing administrative ability to create new categories and sub-categories

Issue workarounds and permanent fixes to linked incidents

Features in the Change module are:

Create and update changes

Link incidents and problems to changes

Create a change plan for approval

Schedule changes

Pre-defined category and sub-category classifications with ongoing administrative ability to create new categories and sub-categories

Change approval via system or email

We use a ServiceNow Service Desk Quick Start project, which is a templated consultancy project in order to get your Service Desk Bronze service up and running at a minimal cost and within a short timeframe.

The Quick Start process involves 3 stages:

1. Deployment of ServiceNow: Creation of your Bronze Service Desk including:

Set up of Assignment Groups for separating work management teams

Import of end users if they are not already in Blue Chip’s ServiceNow system

Set up of your Service Desk licenced users

Define your escalation process recipients

2. ServiceNow Service Desk User Training: Consultant led on-line training to get you up to speed using the system

3. User Documentation:

Service Desk user handbook

End User handbook if it is required

4. ServiceNow Go-Live Acceptance: Functionality testing and Go-Live handover

The Service Desk is configured on Blue Chip’s ServiceNow instance which is currently built on the Geneva platform. ServiceNow is upgraded twice a year and Blue Chip normally adopt these on an annual basis. System upgrades implemented to Blue Chip’s system may lead to improved features within the Service Desk which will either become available to your users under their licence or by upgrading your licence package.

Service Desk system upgrades are mandatory. The annual upgrade to your Bronze Service Desk instance will be completed on your behalf at a fixed charge of 7 hours from your Support and Consultancy Pack. As part of the upgrade you will be required to perform acceptance tests on your Service Desk in our test environment to ensure that your system’s configuration is not detrimentally affected by the upgrade.

24

Silver Service Desk

The Silver level offers all of the Bronze Service with additional configurable options which are:

Customised SLA(s)

Additional or customised notifications

Additional or customised live, drill-down reports

Bespoke categories

Additional or customised dashboards

Customised branding on the Portal and the Service Desk Dashboard Welcome screen

Whilst the Silver Service includes these features, their configuration and deployment will be charged separately and carried out under the Application Support and Consultancy Service Element.

The setup of the service is led by our ServiceNow consultants and requires you to define user details along with some configuration information to allow us to setup teams and notifications. This includes an online demo, an online training session and handbook in PDF form.

In addition to the implementation project we can also offer:

On-site consultancy

On-site training

Project Management if your implementation is complex

The Service Desk is configured on Blue Chip’s ServiceNow instance which is currently built on the Geneva platform. ServiceNow is upgraded twice a year and Blue Chip normally adopt these on an annual basis. System upgrades implemented to Blue Chip’s system may lead to improved features within the Service Desk which will either become available to your users under their licence or by upgrading your licence package.

Service Desk system upgrades are mandatory. The annual upgrade to your Silver Service Desk instance will be completed on your behalf and deducted from your Support and Consultancy Pack. The total time required to complete your annual upgrade will be variable and will depend on the level of complexity and customisation within your particular installation of the platform. Your Account Manager will provide details on an annual basis with regards to the scope and cost of this work. As part of the upgrade you will be required to perform acceptance tests on your Service Desk in our test environment to ensure that your system’s configuration is not detrimentally affected by the upgrade.

25

Security Patching & System Updates

Blue Chip’s Security Patching & System Updates Service has been designed to reduce downtime by regularly updating infrastructure systems in line with vendor best practice.

Proactive Security Patching

Blue Chip will schedule tasks to check for critical security patch updates whilst regularly updating your

systems to the latest incremental recommended firmware and software. This service incorporates the

following:

• New features

• Fixes to firmware or software bugs

• Improvements to performance

• Security updates

As part of the Blue Chip Security Patching Service Blue Chip will also complete the following:

• Patch systems against new security issues and threats

• Analyse risk and impact

• Create advisory statement for upgrade requirements

• Update Risk Register

• Create new security baseline

• Create action tickets/change requests for any remedial work

• Patch devices

Minimise security risks through Proactive Security Patching

Improve system uptime and reduce incidents

26

Proactive System Maintenance (Watchpoints)

Blue Chip’s Watchpoints have been designed to reduce downtime by regularly maintaining infrastructure systems in line with vendor best practice. It is imperative that your infrastructure is optimizing all the system resources so that you get the best out of your systems 100% of the time. Proactive Watchpoints have been created to make sure that your systems are always optimal, achieved via regular System Maintenance tasks.

Proactive System Maintenance:

To help reduce system downtime and outages Blue Chip will complete health checks and best practice

reviews on all your contracted systems and infrastructure, incorporating the following:

System Health

o Review of hardware error logs

o Review of operating systems system logs

o Review of system time, licensing issues, warranty status and Infrastructure End of Life

reporting

Vendor Best Practice Maintenance

o Preform maintenance tasks against the vendor best practice runbooks

o Resolution of issues identified during the maintenance tasks

System Performance/Capacity

o Review of current performance and capacity for potential issues

o Review of current configuration against the vendors’ recommendations

Improve system uptime and reduce incidents

27

Reporting

A detailed report is provided to every customer each month, providing both management and detailed technical information on the month’s activity.

The report provides a graphical analysis of:

• SLA Performance • Average Response Time • Total Incidents logged (incl.12 months’ view) • Incidents by priority • Top 10 issues • Top 20 users • Support Pack usage by month

In addition to the regular monthly report, all major incidents (P1’s) have a dedicated report to provide:

• Management and technical review of the incident • Executive Summary to feed back to the business • Detailed activity information from start to finish • Root Cause information • Corrective action • Preventative action • Best practice recommendations

Monthly reporting on all work completed

Monthly statement on Support and Consultancy Pack

Management view with key SLAs every month, including response times

Per ticket detail included

Individual P1 Reports for major incidents

28


Blue Chip’s BCDR service provides you with the insight of IT Business Continuity planning to create and manage a Disaster Recovery plan. Blue Chip will work with you to define your DR plan using their Business impact analysis process (BIA).

The BIA process will help you identify mission-critical services and the level of importance, as well as helping to define the correct RPO and RTO of each service.

Blue Chip will work with you to create DR runbooks which will help simplify the failover of systems and services in an event of a disaster. This is an essential component for addressing a disaster scenario where extracting the relevant detail and information at the time may not be possible; time is easily lost, and the high pressure of a catastrophic incident can undo all but the best of planning. Once created, Blue Chip will manage these and be on-hand to calmly restore your service.

Plans, procedures and runbooks are only part of the solution. How do you know they will work when you need them, and how do you gain confidence that you can restore your service within the timescales you want? Combined with DR Service testing, DR Management from Blue Chip will take the unknown out of your DR planning, providing end-to-end delivery of the DR testing.

Blue Chip will manage the testing process to include arranging appropriate resources and notification to the key contacts within your business. After the testing is complete, Blue Chip will review, document and recommend any changes to the plan that will improve its effectiveness. We will look at the RPO and RTO times achieved and make recommendations as appropriate to ensure that your DR plan meets the business objectives that are defined within the Business Impact Analysis process.

There are 2 options when testing the DR plans - Service Failover Testing and Full Site Failover. Below are the types of test that can be carried out for each option:

Disaster Recovery Service Testing

• Test WAN/site link failovers • Test Critical Service failovers • Test Critical Infrastructure Device failovers • Test Critical Service Backup and Restore functionality

Disaster Recovery Site Failover Testing

• Complete site failover of all (or select) site services • Complete DR universal acceptance testing • Test external line of business services such as E-commerce or Mail Order systems

Business Impact Analysis (BIA)

Manage and Maintain DR runbooks

DR Management

DR Service Testing

Full Site to Site Failover Testing

29

Governance, Risk and Compliance

IT governance (ITG) is defined as the processes that ensures the effective and efficient use of your IT in enabling an organization to achieve its goals. The objective is to drive best practice across company IT objectives, policies and process.

Blue Chip’s GRC module is designed with your business needs in mind and will help guide you through IT policies and Risk Management. The compliance part of this module is focused on reporting against your policies, breaches of those policies, security issues, and audit information.

Governance

Blue Chip will help you define and maintain your IT policies which your staff will adhere too. A framework will be specifically designed for you so that you can bring governance to your business and make sure that your business needs come first. The type of policies that would be in scope are:

• Security • Email • Web usage • BYOD • Data protection

Risk

Risk is a big part or your IT operation, and without Risk Management and controls you risk breaches and failures to your IT operation and infrastructure.

Risk Management is there to help identify, analyse, action, monitor and control your IT governance, and working together we can produce a Risk Register which can be governed by a risk meeting where we can action and mitigate known risks, as well as identifying new risks.

Compliance

If Governance manages the overall GRC and Risk Management problems and issues, Compliance is the glue that holds it all together. Compliance works across all streams of GRC applying the monitoring and reporting of Risk Management, as well as reporting on breaches to your Governance policies. A major part of Compliance is to help manage data gathering from your 3rd parties for your audits to support you in conforming to business accreditations such as PCI, ISO27001 and ISO9001.

Governance and IT policies

Risk management

Compliance

30

Value Added Options

On-Site Customer Support Engineer

The On-Site Customer Support Engineer supplements the service provided by the remote Service Desk

through a regular on-site visit, whereby end users can engage in person and receive any help they may

need. This service is not typically used for standard day-to-day support issues and tends to involve floor

walking, where users can have general queries answered and be provided with ad hoc training as required.

This service is often used by customers to complete on-site service requests that are not included within

the base service. This includes items such a new PC and laptop builds, meeting room setup, desk moves

etc.

Our technical team are highly regarded by our clients for their technical expertise, reliability and ability to

communicate. Their expertise comes from years in the field working with businesses both small and large,

encountering different systems, different issues and different corporate cultures. This experience means

that you get an open-minded technical professional, able to explain in plain English what they are doing

and what is happening.

Provides end users with the comfort factor offered by a regular engineer visit

Floor walking activities, capturing issues and requirements proactively whilst providing ad hoc training

Available from just one day per month through to full time

Complete on-site service requests such as desk moves and new PC & laptop rollouts

31

Support and Consultancy Pack

The Support and Consultancy Pack is a discounted, pre-paid block of hours that can be purchased alongside a Fully-Managed Service to provide additional services and flexibility for the customer, enabling Blue Chip to complete specific work the customer may request from time to time.

The pack is often used by customers who wish to receive specific Service Elements that are above and beyond the level of service to which they are contracted. For example, a Bronze customer may request a Business Continuity Planning Service as a one-off activity. Customers who wish to have an On-Site Customer Support Engineer visit on request rather than to a pre-defined schedule will typically deduct these visits from their pack.

There are also some specific elements which are outside of the scope of all Fully-Managed Services, which the pack provides for. These are as follows:

• Remote Service requests that exceed 7 hours of effort • On-site Service requests (typical examples being new workstation/laptop deployments and office

moves) • Change requests – system changes to service-providing assets which affect multiple users • Extended incidents caused by 3rd parties • Extended support for End of Life hardware and software

Project-based activity is outside of the scope of all Fully-Managed Services, which the pack provides for. These are as follows:

• Project work: Defined as any piece of work that requires a scope of work and or a project plan • Consultancy: Any piece of work that requires a consultant or architect • Application Version updates • High Risk Work: Any piece of work that is defined as high risk and therefore needs to be treated

as a project • Project Management: Any piece of work that needs to be managed by a project manager

Out-of-hours on-site work is deducted at double time. Therefore, 2 hours will be deducted from your Support and Consultancy pack for each hour of on-site work carried out.

Pre-paid block of days used in conjunction with a Fully-Managed Service

No expiry during the contract term

Called off in 15 minute increments remotely

Called off in half day increments on-site

Can be used to complete specific Service Elements over and above the level of service contracted (i.e. Bronze, Silver or Gold)

Provides for ad hoc on-site Customer Support Engineer visits and on-site service requests

Provides for project work

32

Document Control

This document is maintained under change control with pre-planned review dates:

Change Control

Document Title Fully-Managed Services Catalogue

Original Issue Date 02 September 2016

Date of Issue 06 December 2016

Author Eric Lindsay / Paul Cashmore / Anthony Green

Filename Service_Catalogue_Fully-Managed_Services

Document History

Date of Revision Brief description of change Version

September 2016 First Issue 1.0

service_catalogue_fully-managed services

Documents