What is OnePlan & How Does it Work?


OnePlan is an Office 365 / Azure app that simplifies portfolio planning, provides top-down resource, financial visibility, and improves tracking of investment performance across programs & portfolios – all within a modern user interface.


Portfolio Plan

High level agile portfolio and strategic planning that makes execution predictable.  Make the right data-driven decisions to transform you Portfolio into business results

Simple & Central Way to Capture Proposed Work

High Level Portfolio Planning

Capture All Budget Requests and Manage the Benefits/Expenses Through the Life of the Portfolio

Status Reporting, Built-in Dashboards and Insightful Reports

Resource Plan

OnePlan Resource Capacity Planning is designed for managers and teams who are looking for more transparency, clarity, and visibility when planning projects. The Resource Planner provides insight into your project teams availability, as well as making scheduling resources on work a painless task. You no longer need to spend time in spreadsheets – let OnePlan do the work.

Fast, Simple, Visual Resource Capacity Planning for Teams, People, and Equipment

Dynamically Manage Resource Schedules with Drag & Drop

Robust Portfolio Analysis

Visual Reporting & Analytics

Financial Plan

OnePlan Financial Planner gives your team the power to integrate financial reporting directly into Office365. OnePlan combines top-down project financials to provide powerful insights and empower decision making. Streamline budgeting, improve estimating, and track the performance of your investments across programs and portfolios to gain full control over your project finances through seamless integration with your project management tool.

Top-Down & Bottoms-Up Project Financials

Visibility Into Project, Program & Portfolio Expenditures

End-to-End Capital Budgeting & Financial Planning

Executive Dashboards & Reports

Technology / Security

OnePlan is a Office 365 / Azure app.  The app is installed in your Microsoft work management cloud experience.  It uses the standard O365 app model.  This means that authentication is all handled through your AD / AAD and follows all of your policies inherently.  

The app is hosted in Azure and therefore has high availability and adheres to security best practices and certification requirements.  OnePlan allows for tracking more data than what is stored in Office 365 (for example, high level resource planning info) and therefore does store some data.  This data is also stored in Azure (Cosmos DB).  A “service account” is needed if connecting to a work management platform.  The account will need admin access to the work management platform its connected to.  The stored account credentials are encrypted using Azure Key Vault.  All data is encrypted on transit via SSL using Digicert certificates (TLS 1.2).  API keys / token based methods are used instead of user names and passwords where supported.  

Azure has a variety of certifications and is very secure.  You can access more info here:

For SOC reports use the following link.

We utilize Qualys for network penetration testing our applications to verify there are no unknown risks.  We also utilize the Security Code Scan extension for Visual Studio to scan our source code for code level vulnerabilities.  We follow OWASP standards.  As changes are made to our application and / or network settings, we re-scan to verify no issues have been created.  If a issue has been created we will resolve it before pushing it to production.  If a issue is found in production, we will resolve it immediately.  

Disaster recovery for OnePlan is handled by Microsoft as we use Azure services (not servers) to host OnePlan.  Data is geo-replicated in real time as data is added / updated.  On top of what Microsoft does we take nightly backups of all OnePlan data and store it in geo-replicated azure storage for 30 days.   We can use these backups to revert a entire OnePlan group back to a previous days backup.  This is only intended to be used in disaster scenarios, not for granular restores of a particular project.  For more information use the following link. 

After any data is deleted, or you cancel your subscription, all of the data will be removed in 30 days (after the daily backups are deleted).  Microsoft  has policies on handling the actual physical drives that store the data.  Those policies can be viewed using the following link. 

The OnePlan applications do not collect or retain any personal information regarding users of the solution.  Our customers may elect to store some information in OnePlan about resources, such as skill sets, department names, etc., used when searching for resources to staff projects.  This information remains under the control of the customer, is not accessible by OnePlan staff, and is easily removed by the customer administrative staff when required.  Also, any personal data you choose to store in OnePlan will be stored in Azure Cosmos DB.  Cosmos DB is GDPR (as well as many other certifications) compliant.

The below attached file contains more information.  It is a filled out CAIQ document (industry standard software security and risk assessment) with answers to common security questions.

Previous Article How do I manage the Status Reports display settings?
Next Article OnePlan Penetration Testing Rules of Engagement