Social Value Portal

Evaluation, measurement and reporting for Public Services (Social Value) Act and Social Value Model

A platform for evaluating, measuring and managing Social Value and monitoring its delivery, as per the Public Services (Social Value) Act 2012 and The Social Value Model PPN06/20.

Features

• PPN 0620, UN SDGs, Social Value Act compliance/delivery
• Social value statements, policy, strategy, planning and local needs analysis
• Social Value calculation, measurement, reporting and validation using TOM System
• Social value activity tracking, measurement and validation
• Reporting capabilities for social value projects, annual reports ESG reporting
• Social Value academy, training and eLearning
• Social Value tender evaluation, procurement and support, including contract support
• Social value activity monitoring, measurement, validation and support for Suppliers
• Procurement using TOMs System (National TOMs) and Social Value Model
• Social Value delivery and validation for Planning and Real Estate

Benefits

• Aligned and compliant to PPN 0620 and Social Value Act
• Ensures robustness of Social Value reporting through validation
• Effective evaluation of social value responses for tenders
• Monitors the delivery of social value commitments from supply chain
• Easy-to-use dashboards and reporting to manage delivery
• Direct and secure supplier access to report and provide evidence
• Uses consistent, transparent approach to measuring social value
• Provides monetised social value outcomes and evidence in one place
• Illustrates geographical spread of social value with GIS mapping
• Allows data validation and 3rd party audit

£6,000 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@socialvalueportal.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

119271221426647

Contact

Guy Battle
0203 747 6555
sales@socialvalueportal.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Planned maintenance will occur periodically outside of standard business hours, with warning provided to customers in advance.
• System requirements:
  • Internet connection
  • Chrome, Firefox, Safari 5 or above, IE 9 or above
  • Please enable javascript, cookies, and TLS 1.2

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We respond to queries within 1 working day. Support is currently available during normal business hours, Monday to Friday. 24 hour access to the Help Center is available for all active users where we host guides, 'how to' videos and answer Frequently Asked Questions. Our Social Value Advisors have made more 100 articles available to support beginners to our most advanced users. All users can easily get in touch with our Support team by raising a Support ticket on the phone or by email.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Members have access to the following; Account Manager to ensure strategic alignment between the organisations and ensure clients social value goals are achieved; Social Value Success team to drive delivery, adoption and ensure you realise value and meet your objectives; Workspace Support team to ensure successful onboarding, manage supplier and member training webinars, responding to technical, product or social value queries in a timely manner; Supplier Success Team to provide supplier support, training webinars, responding to technical, product or social value queries in a timely manner access to e-learning platform. ; ; All of the above are available via telephone and/or email. Onsite or additional support is available upon request. ; ; All of the above are available via telephone and/or email. Onsite or additional support is available upon request.; ; In addition, we support your supply chain with setup, access, training, understanding of your expectations and applicability of the methodolody. It is free for all suppliers to bid.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide onsite training and user documentation.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Users may download copies of their data in CSV format when a contract ends.
• End-of-contract process: At the end of a contract, user credentials will be deprovisioned.; User data may be requested at the end of the contract, and will be provided in CSV format if requested.; Any personal data associated with the user account will be deleted after a period of one year.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Pages are designed to be responsive to screen size, with layouts adapting for use on smaller screens and accessible using a touchscreen interface.
• Service interface: No
• User support accessibility: WCAG 2.1 A
• API: Yes
• What users can and can't do using the API: Users can query account and project data, create projects and update project data through the API. Users may request credentials to access the service through their Social Value Advisor. Sandbox environments to test the integration are available on request.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: A social value questionnaire must be used to outline the key themes, outcomes and measures that are to be measured as part of a project, and users may customise this to reflect their specific social value policy, or policies that they are responding to.; Customer branding may be included on certain pages accessible to their suppliers.; Account hierarchies may be set up and customised to provide an organisational structure to arrange projects, and restrict access to specific users.

Scaling

• Independence of resources: Our platform is hosted on a public cloud platform provider (Salesforce) that provides assurances regarding performance degradation and user number limits. The user limits in terms of page views and access are far and away in excess of what we would expect to provide for, and are monitored and reviewed regularly.

Analytics

• Service usage metrics: Yes
• Metrics types: Number of Active Users; Number and Status of Live Projects
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users may export their data in Microsoft Excel (html), CSV, or PDF formats, using export functions. They are able to export data at the account level (including sub-accounts), the project level (including all social value records associated with that project), and the social value record level (including all responses associated with that record).
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • XLS
  • PDF
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Neither we nor the platform on which the services are built offer a specific SLA on availability. However the platform on which the services are built has a redundant network and comprehensive data backup and recovery plan, that has provided a >99.9% uptime historically. We (and the platform) commit to use all commercially reasonable efforts to make the online platform available 24 hours a day, 7 days a week, except for: (i) planned downtime (of which we shall give advance notice), and (ii) any unavailability caused by circumstances beyond our reasonable control.
• Approach to resilience: The datacentres where our data is stored are managed by our cloud hosting provider. According to the provider:; All networking components, network accelerators, load balancers, Web servers and application servers are configured in a; redundant configuration. All Customer Data submitted to the Covered Services is stored on a primary database server with; multiple active clusters for higher availability. All Customer Data submitted to the Covered Services is stored on highly; redundant carrier-class disk storage and multiple data paths to ensure reliability and performance. All Customer Data; submitted to the Covered Services, up to the last committed transaction, is automatically replicated on a near real-time basis; to the secondary site and is backed up on a regular basis and stored on backup media for an additional 90 days in production; environments and 30 days in Sandbox environments after which it is securely overwritten or deleted. Any backups are; verified for integrity and stored in Salesforce data centers.
• Outage reporting: Service outages will be reported through:; Public website notifications (hosted separately to the service); Social media alerts; Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Access is restricted in management interfaces and support channels using two factor authentication and strong password policies, and making use of defined users profiles that restrict permissions and access.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: DNV Business Assurance
• ISO/IEC 27001 accreditation date: 27th July 2022
• What the ISO/IEC 27001 doesn’t cover: The scope of our ISO 27001 certification includes the operation, support, maintenance and development of The Social Value Portal and associated data, This encompasses both the internal infrastructure and the web applications that are part of the service provision. Areas outside of this, such as customer and supplier infrastructures or management systems, are outside the direct boundaries of the certification. Despite this, our ISMS mandates adherence to certain security standards by our third-party partners to maintain the integrity and security across the services provided.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: Cyber Essentials Plus

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Specific members of the organisation are tasked with responsibility for security, one at the board level and one at the operational level. Security is a key element of our ongoing business strategy, which is inherently tied to our IT strategy. Security and privacy training is provided to employees with access to the platform. This ensures that there are clear decision making processes in place to maintain security best practice, compliant with the latest legislation.
• Information security policies and processes: The company has a suite of policies relating to information security:; - Information Security Policy; - Remote Access Policy; - Acceptable Use Policy; The responsibility of the security and integrity of IT systems and data stored thereon lies with our Information Officer. Line managers are required to ensure that all users under their direction must adhere to and comply with information security policies. Training and support is provided to employees to ensure that they understand their requirements.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The various components of the service are all handled and tracked through the cloud platform that the service has been built on.; Potential changes are proposed to the technical team, which reviews the requirements and assesses the potential impact on the service and security. Major changes require approval from a director. Development and testing of changes occurs in sandbox environment prior to being deployed into the production environment.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: The vulnerability management process is driven through the cloud platform provider on which the service is built. This includes security tools to monitor system activity in real time to assess threats and intrusion attempts. Application and database activity is monitored,while event management tools call attention to potential threats. The system is updated periodically with regular security updates, and patches are deployed automatically to our service.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Protective monitoring is provided through the cloud platform provider on which the service is built. This includes security tools to monitor system activity in real time to assess threats and intrusion attempts. Application and database activity is monitored,while event management tools call attention to potential threats. The system is updated periodically with regular security updates, and patches are deployed automatically to our service.
• Incident management type: Supplier-defined controls
• Incident management approach: The platform on which the service is built undergoes an independent evaluation in the form of SOC 1 (SSAE 16 / ISAE 3402), SOC 2 and SOC 3 reports.; For incidents specific to our service, users report incidents to our support team through the standard support channels. Incident reports are logged by the support team or account manager, and if necessary feedback is provided internally, or externally through the platform.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We’ve been actively working with our Members to drive meaningful Social Value creation, pledging to work with them to deliver £100 billion of Social Value by the end of 2025 / 26. As part of this we’re encouraging organisations to commit to their own Social Value Pledges, with every pound of this representing a range of tangible benefits within their communities including fighting climate change.; ; To date, we’ve helped organisations create £37,864,059,137*. We will continue to work with organisations across the Public, Private and Voluntary Sectors in maximising their Social Value creation, and with it aiding in fighting climate change.; The measures we use to aid in fighting climate change include:; -Support for green spaces, biodiversity or ecosystems; - Initiatives to safeguard the environment; The fight against climate change informs all Social Value Portal policies. We implement a green travel policy when travelling on SVP business and staff consider the environmental impact of their journey before selecting the most carbon-efficient travel mode.; We offer schemes that allow employees to make savings on the cost of a bike or a low-emission vehicle. ; Organisations within our supply chain are encouraged to be B-Corp certified, this certification evaluates their overall environmental management practices as well as impact on the air, climate, water, land, and biodiversity.; We prioritise working with organisations committed to delivering Social Value. Our key supplier, Salesforce, is focused on sequestering 200 gigatons of carbon through conserving, restoring, and growing 1 trillion trees. Social Value Portal’s office spaces are rented through FORA and Work.life, both of which monitor and actively work to reduce the environmental impact of professional activities.; Our volunteering time as an organisation is often dedicated to environmental initiatives including team litter picking events, community gardening and habitat management.; *Measured using the Social Value TOM System methodology

  Tackling economic inequality

  In August 2022, we achieved certification as a B-Corp, achieving a high ‘Overall B Impact Score’ of 114.8. This demonstrates our commitment to combatting economic inequality (as well as other themes and policy outcomes) which is core to how we collaborate with our Members and other partners to drive Social Value creation.; As well as supporting our Members to identify ways to tackle inequality we conduct internal initiatives. For example, in January 2023 we provided a one-off Cost of Living bonus to our staff earning under £35,000 to help them combat the rapidly increasing daily costs.; We know that measuring and tracking performance is key to ensuring a culture of continuous improvement so there are several initiatives that that we encourage staff and customers to focus on: ; - Total amount (£) spent with VCSEs in our supply chain; - Provision of expert business advice to VCSEs and MSMEs (e.g. financial advice / legal advice / HR advice/ HSE); - Support for VCSEs through volunteering; - No. of employees (FTE) hired by the organisation during the reporting period, who are long term unemployed/NEET/ex-offender (unemployed for a year or longer) as a result of a recruitment programme; - Meaningful paid work placements paying the Real Living Wage+; - Upskilling of existing employees through accredited training; - No. of staff hours spent on local school and college visits e.g. delivering career talks, curriculum support, literacy support, safety talks (including preparation time) ; - No. of weeks of apprenticeships, for apprenticeships that have either been completed during the year or that will be supported to completion in the following years by the ; - No. of hours of support into work provided to under 24 y.o. (young people) unemployed people through career mentoring, including mock interviews, CV advice, and careers guidance

  Equal opportunity

  We hold an annual Diversity and Inclusion survey, and ensure decisions are made at Executive Leadership Team level to address any issues or concerns. In 2023, the Social Value Portal Inclusion Committee was established, with the mission to promote diversity, equity, and inclusion within and beyond the business. Tackling inequality is part of the Social Value mission.; As an organisation we recognise that many factors including class, race, nationality, gender, sexuality, and age can pose a disadvantage, and the committee works actively to level the playing field by:; - Creating a working environment where everyone feels like they belong and are heard.; - Foster a workplace culture which thrives on positivity, inclusiveness, and shared perspectives; - Make sure that SVP is true to our company’s values – not just buzzwords and tick boxes.; - Tracking the organisation's median ethnicity pay gap for staff.; During interview processes, we always ask candidates if they need any additional mental, physical or administrative support during the interview processes or whilst working. This way when a successful candidate is employed, we have time to discuss and implement any reasonable adjustments to set-up every employee, by prioritising accessibility to success.; When a current employee is suffering from a physical or mental condition, we offer them an Occupational Health Assessment in order to determine what reasonable adjustments can be made to accommodate them, providing them with the support that they require. ; There are several metrics that we track to ensure there’s a consistent focus on equal opportunities, including: ; ; - Proportion of leadership positions filled by women; -Proportion of employees who are women; -Organisation’s gender pay gap for staff; - No. of employees (FTE) hired by the organisation during the reporting period, who are disabled (unemployed for a year or longer) as a result of a recruitment programme

  Wellbeing

  Social Value begins in our workplace, which is why Social Value Portal has always been proactive in delivering our own corporate responsibility. ; ; We operate on a flexible working structure, with an early finish on ‘Wellbeing Wednesday’s’ to focus on self-care or company gym classes. During summer months employees have early Friday finishes to enjoy the weekend and weather. Employees can also enjoy an additional day off on their birthday, and up to five additional days off with tenure. ; ; All Social Value Portal employees have an annual allowance of 6 day to volunteer with a charity or an organisation that matters to them. ; Employees are represented through the Inclusion Committee with regular cultural, educational, and volunteering and events held. Learning and development is also encouraged through a £400 Learnerbly allowance which can be spent on wellbeing, training, language courses and education.; Through our employee assistance programme, all employees have access to comprehensive and multidimensional wellbeing programmes, including health screenings, and counselling.; The measures we track to aid in driving wellbeing include:; - No. of employees (direct and corporate contractors) that have been provided access for at least 12 months to comprehensive and multidimensional wellbeing programmes ; - Mental Health campaigns for staff on the contract to create community of acceptance, remove stigma around mental health ; - Equality, diversity and inclusion training provided both for staff and corporate contractors

Pricing

• Price: £6,000 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Free trial account available to try out the Social Value TOM System™ (National TOMs) and Social Value Model funtionality.
• Link to free trial: https://socialvalueportal.force.com/freeaccountregistration?registrationType=free

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@socialvalueportal.com. Tell them what format you need. It will help if you say what assistive technology you use.