Digital Transactional Toolkit - Stiona Managed Service

Introduction

The Digital Transactional Toolkit (DTT formally MTP) is an application service platform that enables NI Direct to deliver online services to a number of departments by developing a set of custom components that can be reused by all. This document outlines the Stiona approach to Production Service Incidents within the Digital Transactional Toolkit (DTT) raised by all customers within the 'Stiona Service Model'.

Context

It is important to note that the Stiona managed service covers the support of existing DTT Production services and their features, it does not cover changes required to existing or new services and features. Please refer to section 4 of this document which details the process by which DTT service changes can be requested.

Important

Stiona Managed Service includes support for Production Incidents only. It does not include support for the production of Risk Management Documentation, IT Health Check execution and remediation, Service Requests or any requests for resource outside the remediation of issues within existing DTT production services.
Assistance for the production of RMADS or support and remediation from IT Health Checks (ITHC) requires a specialist skillset. Should Stiona's assistance be required in the production of Risk Management documentation or to support an ITHC, this must be called out at the start of a project. If a business area is not already in project with Stiona, Stiona should be engaged specifically for this purpose (See Stiona Engagement process * DTT Engagement). Stiona are not responsible for Threat Analysis, Vunerability Management or the management of Security Incidents arising from DTT Business Services.

Service Agreement

Stiona are contracted to provide the following level of response to service incidents

Pre-production Environment

Support in line with P4 priority below.

Production Environment

Production environment

This service level agreement will cover the support and maintenance facilities for the production environment. According to the following service levels:

Impact on Service Response Time Resolution Time (Support) Resolution Time (Defect)
Major Impact - P1 30 minutes 4 hours or as agreed according to problem diagnosis 8 hours
High Impact - P2 1 hour 6 Hours or as agreed according to problem diagnosis 32 hours
Moderate Impact - P3 2 hours 8 hours or as agreed according to problem diagnosis On Next Software Release
Minor Impact - P4 4 hours 12 hours or as agreed according to problem diagnosis On Next Software Release

Hours of Service

Unless otherwise indicated, prices are for business hours support only. The Supplier assumes that business hours are defined as:

Note
  • 08.00-18.00
  • Monday to Friday
  • Excluding Northern Ireland Public and Bank Holidays

The resolution times on defects will be best endeavours only as it may not be possible to build, release, and install a suitable patch in the time allocated. Where the Supplier is unable to meet the required response time this will be communicated and an alternative agreed.

Out of Hours Service

Out of Hours service support will be on a best endeavour's basis only. In the event a major incident requires Stiona support staff to work excessively out of hours, this will be raised as a Change request to the customer.

Priority Codes

In the event that a Priority 1 or Priority 2 application issue occurs, Stiona will work on the issue until resolution is agreed.

Priority 1: Critical

A Service Failure which results in a:

  • total loss of service to one or more location;
  • total loss of a critical service element to one or more location;
  • degradation in performance that makes a critical service element unusable in one or more location;
  • major impact on multiple customer's services;
  • large revenue loss to the customer;
  • major impact on the customer's brand;
  • deterioration in response times below agreed Service Levels in all locations;
  • material loss or corruption of Authority data.

Priority 2: Major A Service Failure which results in a:

  • critical component of the service, or a critical service element, being unavailable, but a work‐around exists;
  • major (but not critical) adverse impact on the activities of the Authority and no work around is available;
  • loss of a critical service element to 40%, or more users in a location;
  • major impact on customer service;
  • significant loss of revenue to the customer;
  • impact on the customer's brand;
  • deterioration in response times below agreed service levels affecting more than one location.

Priority 3: Medium A Service Failure which results in a:

  • major adverse impact on the activities of the Authority which can be reduced to a moderate adverse impact due to the availability of a work around;
  • component of the service or a service element giving periodic problems but still usable;
  • loss of functionality in a critical service element for which a known work‐around exists, or loss of major functionality in a non-critical service element.
  • some loss of customer service;
  • affects revenue to the customer;
  • deterioration in response times below agreed service levels affecting one location

Priority 4: Minor A Service Failure which results in a:

  • loss of minor functionality;
  • functionality problems of a cosmetic nature
  • No real impact on the customer or on customer service
  • Requests for advice or guidance.

DTT on the cloud

The DTT is an Azure cloud Platform as a Service (PaaS). DTT services are cloud services. There are a number of different cloud instances of the DTT in order to support the business security requirements. These are growing, but currently the established DTT cloud instances are

  • DOF DTT instance – subscription is managed by ITAssist. Owner of this cloud instance is the Digital Transformation Service.
  • DOJ DTT instance - subscription is managed by ITAssist. Owner of this cloud instance is the Digital Transformation Service.
  • PSNI DTT instance – subscription is managed and owned by PSNI.
  • DAERA DTT instance – subscription is managed and owned by DAERA.

Existing Service Incident Escalation

Currently, there are 2 models in place for incident escalation for DTT Services.

Model 1 - Where ITAssist is the Business Area service desk.

Calls will be routed directly from ITAssist to Stiona. ITAssist have a view onto the Stiona service desk that they can use to track the status of DTT incidents.

3 Level Triage

Model 2 – Business Area has own service desk

Where the Business has its own service desk eg. PSNI/DAERA Services. Calls are routed through the Business Area Service Desk to rule out any internal issues before being escalated to IT Assist. IT Assist checks for any live service issues before escalating to Stiona for resolution

4 Level Triage

Stiona Helpdesk – IT Assist Portal

Stiona have opened a secure portal for IT Assist to enable them to raise and track progress on incidents assigned to Stiona at

http://dtthelpdesk.stiona.com/support/home.

User credentials for this can be provided by contacting the Stiona Delivery Manager (details below). Only ITAssist will be given access to this portal as the incidents are not segregated by Department/Business Area.

Escalation within Stiona

Within Stiona, issues should be raised to the service desk in the first instance. Calls will be recorded for audit and playback.

  • Stiona Support team will investigate the issue, for P1 and P2 issues that require an application fix; Stiona will work with IT Assist incident teams and DTS Product Management team to schedule the change at the earliest agreed opportunity.
  • For all other issues, these will be added to as 'Bug' work items the product backlog to be prioritised and scheduled against all other changes in the backlog.

Stiona Support Team and escalation level

Level Role Name Contact #
1 Stiona Service Desk Agent Stiona Service Desk dttsupport@stiona.com
--- --- --- ---
2 Stiona Support Lead As Allocated Via Service Desk
3 Stiona Accounts Director Jason Malone +44 7796174337
4 Stiona Security Director Stuart Mclean +44 7966255887
5 Stiona Delivery Manager Sinead Malone +44 28 9592 4767

Complaints Procedure

Feedback or Issues with the delivery team should be raised to the Stiona Delivery Manager in the first instance. The Customer can also escalate to the Stiona Account or Security Directors in confidence at any time if they feel that an issue or feedback is not being handled correctly or efficiently by the Project team. Stiona welcomes constructive feedback as opportunities to learn and grow and actively encourage the team to strive for maximum customer satisfaction.

Incident Templates

Click button below to download the template that should be used to raise Digital Toolkit incidents to IT Assist

ITA Incident Proforma

Digital Toolkit Change Management

All request for change should complete the document included in Appendix A.

Change to Core Services

Core services have been built to be used by many business areas across departments; therefore, change can arise from many sources and has the potential to impact many business areas so must be carefully prioritised and managed. Changes which have been assessed as enhancing the service for the benefit of many will be prioritised over changes requested for a specific business area only.

Core services are:

  • Desk Booking
  • Room Booking
  • Car Park Booking
  • Appointment Booking
  • Events
  • Invoice IT
  • Pay IT
  • Rate IT
  • RequestIT
  • Tell Us
  • Work Request

These services are owned by DTT Product Owners. If the DTS Products Team determine the reusable aspects of a core service have not been realised over an extended period of time, they reserve the right to request that the business area fund any further requests for change and support of the service.

Change to non-Core (Project) Services

Project Services are DTT Bespoke services that have been funded and built for a specific business area or process. DTT Project services build and use DTT reusable components, so changes requested to project services may have impact on other services.

Business areas must fund support and changes requested for a new or existing DTT Project service. The annual cost of production incident support will have been issued to them when the cost of the service was confirmed. This is a resource cost, so business areas must ensure they factor this cost into any annual budgeting.

Important

It is important to note, there are synergies in analysis, development, test and delivery in batching changes into work packages before they are issued to DTT Products team for impact analysis and cost. Business areas are encouraged to plan and batch together requests for changes into work packages before sending to the products team for impact analysis and cost.**

Impact analysis requires resource, so will incur a cost regardless of whether the business decide to proceed.

Change Process

Process for Change

Third Party components

The DTT integrates with third party components for:

  • Payments (BT WorldPay)
  • Address Lookup (SpatialNI)
  • NIDA (Identity Assurance)

These components have their own support structures, and the DTS products team will manage and liaise with the third-party suppliers for issues raised in these areas.

Appendix A – Change Request

Click button below to download a Change Request Form to request new Digital Toolkit Services or changes to existing services

Request For Change