Interested in learning more about our ASM service? Get in touch.

What is ASM?

Application Support and Maintenance (ASM) is one of the services we provide here at Cohaesus. It is our solution to the unplanned outage, emergency publishing request, denial of service attack, page gone viral, major improvements, minor improvements and a never ending list of application or website problems that clients face every day. For a wide ranges of issues from “It’s the middle of the night and sales have stopped!” to “How can we improve the performance of our homepage?” we have a dedicated team (a practice) who specialise in delivering support and maintenance after an application has been developed and launched either by us, or by one of our clients or partners.


The application or ‘thing we support’ could a web site, a native mobile app, an API, a Cloud platform or a .NET application, this list of applications we’ve supported and maintained over the years is long and varied. The more common ones are: Drupal websites, WordPress websites, Umbraco websites, Shopify stores and bespoke .NET applications.


The support process begins by responding to an unplanned incident within the service level agreement (SLA) response time. To enable this response we retain a team of engineers on standby ready to triage, investigate and fix the reported issue.

The support process starts by the client raising an urgent support request. For Premium Business Hours response (30 mins response SLA), this will be by sending an email to a dedicated email address. The email address is linked to software that generates an email, phone call, SMS and app pop-up for the on-standby engineers alerting them to the urgent support request.

Support Readiness

Responding within the SLA response time is only part of the support process. Before the team can respond to support incidents they must first become “support ready”. The engineers need to both be trained and ready to respond. Support readiness is accomplished by completing a number of onboarding activities at the start of the project. To maintain our support readiness throughout the duration of the project at the start of each month support readiness checks are performed.


We define “maintenance” as the planned investigation and correction of defects, the development of further functionality as directed by the client and the performance of routine activities required to keep the application up to date, running securely and smoothly.

The core, or bulk, of our maintenance work is the development of new features and changes to the application as directed by the client. The client will raise a feature request with a brief description of the work they would like completed. The team will discuss the feature request with the client before sharing an estimate for the work. Once the client has approved the estimate, the work is then scheduled to commence. The work proceeds through a series of development workflow steps such as: test case preparation, development, code review, test case execution and acceptance testing, until the feature has been deployed to the production environment.

Routine Maintenance

Routine maintenance includes things like application core and module/plug-in updates, reviewing application logs and performance, security, SEO and accessibility related improvements. Routine maintenance activities take place on a monthly schedule with the exception of critical security updates which are applied on an urgent basis.


Not all of the work undertaken within the ASM process is development work. The Admin workflow is used for any non-development work, and because Admin work does not involve any development, a simpler workflow is followed. Examples of Admin work undertaken by the ASM team includes CMS operation, publishing content, Google Analytics and Google Tag Manager console operation, OneTrust console operation and the preparation of reports for the client.

Retainer Packages

The structure of an ASM agreement is based around the selection of a base package and optional bolt-on packages. This way the agreement can be tailored meet the requirements of your application. The available packages are split into two categories, Support and Maintenance or Support only packages.

Support and Maintenance

There are three types of Support and Maintenance packages, each offering their own combination support SLA and maintenance hours retainer. These packages are suitable for most typical websites and applications.

Silver Gold Platinum
SLA Response Next business day Standard business hours (4 hours) Premium business hours (30 mins)
Retained hours 16 hours per month 24 hours per month 40 hours per month

Support only

Support only packages are also available, these are suitable for E-commerce and transactional websites and applications where sales stop if the website stops.

Next Business Day Business Hours Premium Out of Office Hours 24/7 Support
Response time By the next business day Within 30 mins during business hours Within 30 mins out of office hours Within 30 mins anytime day or night
P1 (Higest Priority) target time to fix 8 working hours 4 working hours 4 hours 4 hours
P2 (High Priority) target time to fix 12 working hours 8 working hours 8 hours 8 hours
P3 (Normal priority) target time to fix 24 Working hours 24 Working hours 24 hours 24 hours
P4 (low priority) target time to fix 40 working hours 40 working hours 40 hours 40 hours


Package bolt-ons add flexibility and customisation options to the main packages listed above. Bolt-on packages can be used to add retained hours to an agreement or to bring in specialist skill sets on a short term basis.

Maintenance 1 An extra 40 maintenance hours
Maintenance 2 An extra 80 maintenance hours
Maintenance 3 An extra 120 maintenance hours
Support 1 Upgrade the Silver package to the 30 mins Business Hours Premium response
Support 2 Upgrade the Gold package to 30 mins Business Hours Premium response
Support 3 Upgrade the Platinum package to 24 x 7 around the clock on standby support
Load Testing Realistic load testing performed by load testing experts. The bespoke test plan includes multiple user journeys and thousands of concurrent users. Suitable for e-commerce and high traffic websites.
Security Website Penetration Test: An independent CREST accredited security engineer will perform a penetration test and prepare a security report for one site.


The ASM team is a shared resource team, meaning that the team has a number of other ASM projects that they are also working on. The team will consist of an Application Support Engineer, a Developer, a Senior Developer, a tester and the Account Manager. With sufficient notice, additional resources can be brought onto the project to help tackle larger tickets.

Some types of work are managed outside the ASM process. This is normally experience-related work such as the creation of new designs, UX, the creation of content and the hypothesis for an A/B test. Your account manager will handle these requests directly.

Interested in learning more about our ASM service?

Send a message