| | | | | | | | | | | | |
| Cloud/SaaS providers: Please complete this section | | | | | | | | | | | | |
| Question | Response (Yes, No, N/A) | Comments | | | | | | | | | | |
| Service Management - Service Levels | | | | | | | | | | | | |
| Describe the available service level agreements (SLAs) that pertain to your offering(s) with specific details regarding availability and performance. | | | | | | | | | | | | |
| What SLAs are available – availability, performance, incident response/resolution, etc.? | | | | | | | | | | | | |
| What service level agreement (SLA) for availability is guaranteed (i.e., number of nines - 99.9%, 99.99%, etc.)? | | | | | | | | | | | | |
| Can users select specific performance thresholds? If so, what options are available to select performance thresholds for Cloud services? | | | | | | | | | | | | |
| Describe any failures in meeting your SLAs within the past year. | | | | | | | | | | | | |
| Are there any financial penalties if performance and availability goals are missed? | | | | | | | | | | | | |
| Does your offering include provisions for a technical account manager( TAM)? Is the TAM dedicated to Goode Cyber Security or shared? Please provide detail regarding available options. | | | | | | | | | | | | |
| Are you open to regular quarterly meetings to review SLAs, issues, and requests? | | | | | | | | | | | | |
| Who would be part of the SLA meetings? | | | | | | | | | | | | |
| How are the issues escalated if the SLAs are not acheived? | | | | | | | | | | | | |
| Please provide name, title and contact information for management escalation within your organization. | | | | | | | | | | | | |
| Service Desk | | | | | | | | | | | | |
| Do you have live technical support? If so, briefly explain its hours and operational approach and list what types (live chat, toll-free, email etc.?). | | | | | | | | | | | | |
| Are high priority problems worked around the clock? | | | | | | | | | | | | |
| What are the support response times available? | | | | | | | | | | | | |
| Is there a dedicated support manager? | | | | | | | | | | | | |
| Describe your Problem Management process, specifically detailing detection, reporting/notification and escalation practices. | | | | | | | | | | | | |
| Where is your support desk located? (locality, country) | | | | | | | | | | | | |
| How many people belong to your support desk? | | 5 | | | | | | | | | | |
| Are the background checks performed for all support personnel? | | | | | | | | | | | | |
| Service Operations | | | | | | | | | | | | |
| Change Management | | | | | | | | | | | | |
| Do you provide proactive communications regarding maintenance activities? If so, how far in advance do you let your customers know of upcoming changes? | | | | | | | | | | | | |
| Describe the approach for change management of your platform and software as service offerings. Specifically address key details such as version lifecycle management and patch management approaches. | | | | | | | | | | | | |
| Do you gain agreement from your customers prior to implementing functional changes? Are customers invited to help with testing changes prior to being released to production? | | | | | | | | | | | | |
| Service Application Monitoring and Reporting | | | | | | | | | | | | |
| Does your service solution allow real-time visibility to available capacity? | | | | | | | | | | | | |
| Is an external (outside the public firewall) or internal (inside the public or private firewall) application monitoring solution available? If yes please provide details. | | | | | | | | | | | | |
| What system resource utilization (e.g., CPU, disk, network, RAM, etc.) information is collected and how is it made available (i.e., dashboard)? | | | | | | | | | | | | |
| What alerting is in place if system resources exceed thresholds? | | | | | | | | | | | | |
| How are notifications handled (e.g., email, SMS, etc.)? | | | | | | | | | | | | |
| Do you allow your customers to monitor your systems independently, especially using synthetic transaction monitoring? Do you agree to provide an authentication mechanism for the same? | | | | | | | | | | | | |
| Are there pre-built integration APIs to allow instrumentation for the health and performance statistics of an application? For example service usage statistics, up-time, down-time and resource consumption. | | | | | | | | | | | | |
| What performance, availability and capacity reports are available? How these reports are made available to the end-user? | | | | | | | | | | | | |
| What type of reporting capabilities are provided to monitor service level agreement objectives? | | | | | | | | | | | | |
| Do you provide your customers the capability to collect application logs for their own analysis? | | | | | | | | | | | | |
| Does the platform support the capability to collect crash dumps? | | | | | | | | | | | | |
| Service Reliability & Incident Management | | | | | | | | | | | | |
| How long have you been providing cloud services? | | | | | | | | | | | | |
| How long have you been providing the specific services we will use? | | | | | | | | | | | | |
| How do you define an "outage"? | | | | | | | | | | | | |
| Describe your standard procedures for outage notification and coordination. | | | | | | | | | | | | |
| Describe your handling of potential availability issues such as significant Cloud computing outage, high network load or insufficient bandwidth access. | | | | | | | | | | | | |
| What has been the longest outage experienced by your customers? | | | | | | | | | | | | |
| Is there an "incident reporting" system for recording and tracking outages? | | | | | | | | | | | | |
| What actions have you taken to avoid repeating your longest outage? | | | | | | | | | | | | |
| What is your mitigation strategy in case of potential network outages, bandwidth shortages, or spikes in service demand? | | | | | | | | | | | | |
| Describe any data loss your customers have experienced. | | | | | | | | | | | | |
| What procedures have been put in place to avoid future data loss? | | | | | | | | | | | | |
| How is a customer compensated for outages? | | | | | | | | | | | | |
| How and when are technology platform upgrades scheduled? | | | | | | | | | | | | |
| How timely is maintenance for regular updates and hot fixes? | | | | | | | | | | | | |
| Are there scheduled outages for system maintenance? How is this information communicated? | | | | | | | | | | | | |
| General Management | | | | | | | | | | | | |
| Are version upgrades mandatory? That is, are customers forced into upgrades or allowed to continue with current? | | | | | | | | | | | | |
| Does the solution provide reports for charge backs (see glossary) to department or organization? Detail the level of customization available. | | | | | | | | | | | | |
| Does the Cloud service offer electronic invoicing to integrate with industry standard accounting interfaces? List the accounting software that is supported | | | | | | | | | | | | |
| Is it possible for the product to be customized for the client (Goode Cyber Security) if desired? | | | | | | | | | | | | |
| Service Continuity Management | | | | | | | | | | | | |
| What type of business continuity & disaster recovery options are available for your solution or service? Is this part of your standard service offering? | | | | | | | | | | | | |
| Do you perform disaster recovery drills/test? If so, what is the frequency? | | | | | | | | | | | | |
| Are there any other reliability features unique to your offering? If so, list the features. | | | | | | | | | | | | |
