Process Documentation Software FAQ

What are the requirements for using Navvia?

SAAS

Navvia is a Software as a Service (SaaS) solution hosted in the cloud. There is absolutely nothing you need to install on your end. Refer elsewhere in this FAQ for information on our datacenters, hosting locations and security.

Supported Browsers

Microsoft Internet Explorer® 11
Google Chrome^® 53 or newer for Windows^® or MacOS^®
Apple Safari^® 9 or newer for MacOS
We do not officially support Microsoft Edge^® or Firefox^® or any other browser not listed above
We do not officially support Navvia on mobile phones or tablets

Supported Operating Systems

Windows^® 7 and higher
MacOS^® version 10.9 and higher

Document Exports

Microsoft Office^® 2003 and higher
Microsoft Office for MacOS 2011 and higher
Adobe^® 8 and higher
We do not officially support other “office suites” or PDF viewers

Where is Navvia hosted?

Microsoft Azure

The Navvia application is hosted on Microsoft's world-class Azure platform. Microsoft Azure is a leader in the global data center marketplace and has developed its products to be among the best and most secure in the industry.

Locations

The production instance of Navvia is hosted in Microsoft's Canada Central region. The DR environment is hosted in the Canada East region.

Audits

The following is a link to Microsoft’s repository of audit reports: https://servicetrust.microsoft.com/ViewPage/MSComplianceGuideV3

How secure is Navvia?

Application Security

Our Navvia application has been architected from the ground up to be safe and secure:

Build on the latest versions of Microsoft IIS, Microsoft SQL and Microsoft .NET
Use of secure sockets, port 443 with a Security certificate issued by Network Solutions
AES-256 encryption for all data communications
AES-256 encryption for data at rest
Hardened images - all unused server ports are locked down
Support for complex passwords
Ability to restrict user access by IP address
Support for Single Sign On (SAML 2.0)

Physical Security

We house the development, testing, staging and production instances of Navvia on Microsofts world-class Azure platform. Details of Microsoft's physical security can be found here: Azure Physical Security

Penetration Testing

Navvia conducts a semi-annual penetration test of the production system. Navvia support staff reviews results of the test and any identified issues are prioritized and remediated as quickly as possible based on the impact and urgency of the issue.
Clients are permitted to conduct their own penetration test of the Navvia software. These tests must be scheduled with Navvia and are conducted at the client's expense. To schedule a test please contact support @ navvia.com.

Is my data backed-up and safe?

Backup Frequency

All backups are encrypted using AES 256-bit encryption.
The backups schedule maintains 7 daily backups, 5 weekly backups, 13 monthly backups, and two full year backups. The database transaction log is backed up hourly to enable point in time recovery.

Offsite Storage

Data is replicated automatically to the DR facility which is located approximately 280 miles from production.

Security

All backups are encrypted using AES 256 bit encryption.

What is your disaster recovery plan?

The Plan

Automated system monitoring alerts Navvia in the event of a system outage.
The Process Owner evaluates the situation and a decision is made whether to declare a disaster.
Once declared, the Process Manager administers the disaster recovery with the technical assistance of the Technical Architect.

Testing

Production data constantly replicates to the DR instance of Navvia.
A test of the DR environment is done monthly.
A test of the full DR plan is done annually.
The DR plan is reviewed annually.

Customer Notification

Clients are notified by email if a disaster is declared.
Our RTO (Recovery Time Objective) is up to 4 hours.
Our RPO (Recovery Point Objective) is up to 1 hours.

What training and support is available from Navvia?

Training

Recorded Product Training: Modules on Design, Administration, Surveys, User Stories, and Operational Resilience Assessments.
Best-Practice Webinars: Topics include ITSM awareness, process mapping, process design, user story mapping, ITSM maturity, digital transformation, and NIST CSF 2.0.
Live Virtual Training: Instructor-led sessions on product modules and “Ask an Expert” Q&A sessions.

Support

Technical Support: Accessible via the “Need Help” button in the app or email support@navvia.com
Knowledgebase & FAQs: Guidance on registration, course access, and platform use.

Can I export my data?

Yes, your data belongs to you and can be exported in the event you cancel your subscription. Data can be exported as various Microsoft Office® documents and PDF formats.

Questions & Answers