IT Service Catalogue

One authoritative register of your entire service estate.

Know what you have, who owns it, and what it costs. HelixGate replaces spreadsheets and Visio diagrams with a governed, queryable register — complete with dependency mapping, lifecycle tracking, and a full audit trail.

Book a demo Explore features ↓
1
Source of truth
100%
Ownership coverage
CSV
Bulk import
0
Audit records editable
The Problem

Why service catalogues fail — and what to do about it

Most service catalogues start as spreadsheets and end as abandoned shared drives. They go stale within weeks because updating them is manual, ungoverned, and disconnected from real decisions. Ownership is unclear, data quality degrades, and teams fall back on tribal knowledge.

Why catalogues become shelfware

  • No ownership model — anyone can edit, no one is accountable
  • No audit trail — impossible to tell when data was last validated
  • Not connected to decisions — ADRs and contracts live separately
  • No dependency data — impact of a service failure is unknown

HelixGate's governed approach

  • Named ownership — every service has a technical and business owner
  • Change audit trail — every edit logged with actor, timestamp, and old/new values
  • Cross-module links — services connected to ADRs, suppliers, and EA principles
  • Dependency mapping — visualise upstream and downstream relationships
Capabilities

Everything a modern service catalogue needs

📑

Structured service records

Each record captures identity, ownership, criticality, lifecycle status, cost data, and cross-module linkages. Fields are configurable to match your organisation's taxonomy. All values validated at entry.

🔗

Dependency mapping

Link each service to its upstream and downstream dependencies. The interactive dependency graph renders the full chain visually — making impact analysis possible in minutes, not hours.

📥

CSV and XLSX import

Migrate from spreadsheets with a bulk import workflow. The field mapping wizard aligns your columns to HelixGate's schema, and a validation report flags data quality issues before import is committed.

🧩

Cross-module traceability

Link services to the ADRs that govern them, the suppliers that support them, and the EA principles that apply. A verifiable chain from principle to decision to running service.

Dependency Mapping

Know your impact before you act

Dependencies are frequently undocumented until something breaks. HelixGate lets teams answer the questions that matter — before an incident forces them to guess.

  • What services would be affected if Supplier X were to exit?
  • What depends on this service I am about to decommission?
  • Which Mission Critical services depend on Non-Critical components?
Payment Gateway Integration
Auth Service
Identity Provider
Fraud Detection API
ML Scoring Service

Illustrative dependency graph — relationships rendered automatically from service data.

Service Criticality

Four criticality levels — governance proportionate to business impact

Not every service needs the same level of oversight. Criticality classification applies appropriate governance while maintaining a governed record for all.

Mission Critical

Revenue-generating or operationally essential. Highest SLA requirements and approved ADRs expected for all major decisions.

Important

Supports key business operations where a short outage is tolerable. Standard governance — linked to relevant ADRs and supplier contracts.

Standard default

Everyday tools and internal services. Recorded for completeness and dependency tracing, with lighter governance overhead. Still fully audited.

Non-Critical

Low-impact utilities with no business dependencies. Minimal governance overhead, but still tracked in the register with full audit trail.

Who It Serves

Across the CTO's office and beyond

Architecture Teams

Context for every technical decision

Understand which services are affected by a proposed change, which principles apply, and who the relevant owners are. Dependency mapping surfaces the true blast radius.

IT Leadership

Portfolio-level visibility

Service counts by tier and lifecycle status, cost distribution, supplier concentration risk, and governance posture of critical services. Board-ready exports on demand.

Procurement

Supplier linkage for risk management

See the full commercial footprint of each supplier — which services they underpin, the dependency depth, and exit risk if a contract is not renewed.

Compliance-ready

A service register that satisfies auditors.

SOC 2, ISO 27001, NHS DSP Toolkit, and government spend controls all require an accurate technology asset inventory. HelixGate provides that inventory in a form immediately usable as audit evidence — structured, timestamped, and owner-attributed. The immutable audit trail answers "who changed what and when" instantly.

SOC 2 ISO 27001 NHS DSP Toolkit GDPR Immutable audit log
Deep Dive

Technical detail for architecture and security teams

Dependency graph internals

Upstream and downstream relationships are stored as directed edges. The interactive graph renders the full dependency chain as a navigable visual, supporting multi-level traversal for impact analysis. Export in standard image formats for board presentations and architecture reviews.

Criticality classification

Four criticality levels — Mission Critical, Important, Standard, and Non-Critical — drive governance proportionality. Mission Critical services require approved ADRs for major decisions, the highest SLA requirements, and the greatest dependency visibility. Criticality is enforced across the platform — not just labels but active governance controls.

Import and export

The CSV/XLSX import wizard maps spreadsheet columns to HelixGate's schema. A validation report identifies data quality issues before import is committed. Import history is logged for audit. Full register exports as CSV or XLSX for audit submissions, procurement exercises, and board reporting. All exports timestamped and logged.

Compliance citations

SOC 2 CC6.1 — logical access controls and asset inventory. ISO 27001 A.8.1 — inventory of assets. NHS DSP Toolkit — data and asset management. Government Spend Controls — technology portfolio visibility. GDPR Article 30 — processing activity records linked to services processing personal data.

Related modules

Governance that connects across your platform.

🔬

Architecture Decision Records

Services are governed by architectural decisions. HelixGate's ADR module provides a seven-phase lifecycle with end-to-end traceability.
🏢

Supplier Management

Link services to suppliers. Understand supplier concentration risk and the full commercial footprint of each relationship.
📄

Contract Management

Track which services are covered by which agreements, and when renewals are due.
Get Started

Replace your spreadsheets with a governed service register.

Import your existing service data via CSV, see dependency relationships visualised, and get board-ready exports — all in a single governed platform.

Book a demo Explore ADR Governance →