Digital Service Forms - Online & Offline forms
The apto digital services forms platform offers digital by default transactions through the production, submission and management of electronic forms (eforms) including all types of attachments. This is anytime, anywhere, any place, any device, digital service management and capture for external and internal users including offline use.
Features
- Browser Based Adaptive eforms with offline capability
- Intelligent forms for validated capture and pre-population
- Form Analytics and Workflow Automation
- User configurable forms not reliant on devlopers or designers
- GDS Template Ready & WCAG compliant Forms
- Multi Cloud deployable
- Adobe AEM Forms, Adobe Sign & Adobe Document Cloud functionality
- electronic signature and digital signature
- Form validation platform
- form migration, e.g. from jetform
Benefits
- Easy to configure consistent eforms for digital services
- create and publish responsive forms for any device
- deliver engaging communications on any channel
- Low cost of entry and total cost of ownership
- Infinitely Scalable
- Map to existing processes and services
- include electronic signature or digital signature
- send and sign anywhere, from any device
- reduce fraud with digital authentication
- Mobile field, inspection app
Pricing
£250 to £5,000 a unit a month
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
1 1 9 7 7 1 4 4 5 3 8 5 3 6 0
Contact
apto solutions limited
Simon Eastwood
Telephone: +44 (0) 7718319047
Email: simon.eastwood@aptosolutions.co.uk
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- CRM, Marketing, SalesForce, ServiceNow, ERP, Data Processing, legacy systems
- Cloud deployment model
-
- Public cloud
- Private cloud
- Hybrid cloud
- Service constraints
- No
- System requirements
- Browser
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Depends on SLA contracted
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 A
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- 0900 -1800 Monday to Friday excluding UK public holidays. 24/7 available on request.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- From the customer defining a project for onboarding which is driven by the complexity and number of systems to be integrated. At the lower end a simple flow and API, can be specified, built, tested and deployed within one to two days. Self service aspect of this service is up the point of utilizing supplied toolsets to specify these integrations, and thereafter the service will create, deploy and manage the process activities.
- Service documentation
- Yes
- Documentation formats
- HTML
- End-of-contract data extraction
- Typically the data is transitory from one system to another, or from point of data capture to the destination system. If the data persists in this service we supply free of chrage an SQL csv extract, name value pair, XML etc dependent on the persistence used.
- End-of-contract process
- Decommissioned, any perstistent data Standard Data Extraction in .CSV, XML, JSON format.
Using the service
- Web browser interface
- No
- Application to install
- No
- Designed for use on mobile devices
- No
- Service interface
- No
- User support accessibility
- WCAG 2.1 A
- API
- Yes
- What users can and can't do using the API
- RESTful, SOAP available older versions & Synthetics API's via Robotics
- API documentation
- Yes
- API documentation formats
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- A number of customisations are available dependent on the functionality being delivered by the platform. However, the majority of setup tasks for creating the synthetic API's is configuration, rather than customisation.
Scaling
- Independence of resources
- We monitor our platform service automatically and load balance accordingly.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Standard Usage and Processing Metrics, as agreed with customer.
- Reporting types
-
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Adobe, Typeform, Apto forms, Appian
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- .csv, .tsv, XML, JSON
- Data export formats
- CSV
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- JSON
- XML
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
- We have different SLA's for different levels of service selected. That service level dictates the availablity percentage, the tolerances and subsequently the service credit. Service credits are applied only to future service payments.
- Approach to resilience
- Available on request.
- Outage reporting
- Email Alerts and Via Customer Support Portal
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Username or password
- Access restrictions in management interfaces and support channels
- The service can integrate with existing authentication systems or uses groups and user permissions for access to particular functionality of the service.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users receive audit information on a regular basis
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users receive audit information on a regular basis
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- QAS International
- ISO/IEC 27001 accreditation date
- 14/04/2015
- What the ISO/IEC 27001 doesn’t cover
- N/A
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
- ISO 27001
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- This is documented as part of our ISO27001 policies and processes.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Changes to services and features follow our documented configuration and change management policy.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- As part of our ISO27001 policies and processes we follow a number policies to prevent, assess, log, manage and eradicate vulnerabilities.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- We have processes that continually review our monitoring devices, logs, processes, usage, application metrics, unauthorised connection attempts, attacks and so on.
- Incident management type
- Supplier-defined controls
- Incident management approach
- We have pre-defined ISO processes for incident management. Users report incidents through our helpdesk, using an incident management form. We provide incident management reports in a standard format as per our policy.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
We promote working from home to reduce commuting, all company vehicles are hybrid/electric, paperless office, minimal on premise computing, we occupy a managed building for energy efficiency
Pricing
- Price
- £250 to £5,000 a unit a month
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- An integration sample, demonstrated in our service container. There is an optional limited time period negotiated at the time for demonstration to other stakeholders.