govDelivery Internal Communications Platform

govDelivery is a digital communications platform providing email marketing, campaigns, internal communications, newsletters, alerts, SMS, RSS and social media integration. govDelivery offers personalisation, automation, targeted bilingual messaging, high deliverability, best-in-class security, analytics, reports, customised templates and access to a network of 17 million+ UK subscribers to help reach segmented audiences.


  • Send personalised and targeted newsletters, bulletins and alerts to subscribers
  • Build and grow large audiences to engage with service users
  • Create automated email marketing campaigns (drip, welcome/onboarding and re-engagement campaigns)
  • Access the Granicus Subscriber Network of 16+ million UK subscribers
  • Automate alerts by monitoring websites for new or changed content
  • Trusted relationships with Email Service Providers enables 99%+ delivery rates
  • Real-time reporting and message engagement analytics
  • Integrate CRM systems to utilise customer data in messaging
  • Use A/B testing to understand your audience and improve engagement
  • Fully compliant with the General Data Protection Regulation (GDPR)


  • Drive behaviour change using email marketing campaigns
  • Use channels that provide the best Return on Investment (ROI)
  • Free up resources by automating processes and sending dynamic updates
  • Use custom designed on-brand and mobile responsive email templates
  • Increase engagement using personalisation
  • Use targeting to get your messages to the right people
  • Promote self-service channels to reduce call demand
  • Create onboarding/welcome campaigns for new service users and staff
  • Analytics reports help fine tune communications and improve your messaging
  • Automatically share bulletins via social media channels (Twitter and Facebook)


£4,200.00 a licence a year

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

1 2 9 0 0 9 0 4 4 5 7 5 3 7 7


Telephone: 0800 048 7518

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Granicus govService, Granicus govDelivery, Granicus TMS, Granicus Engagement HQ, Granicus Experience Group (GXG), Granicus Government Experience Cloud (GXC)
Cloud deployment model
Public cloud
Service constraints
System requirements
  • Web browser access
  • Connection to the Internet

User support

Email or online ticketing support
Email or online ticketing
Support response times
Please see our licence agreement for further information.
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
Web chat solution is tested to meet accessibility standards.
Onsite support
Yes, at extra cost
Support levels
Support is standard and included within the license. This includes full access to our online support desk which can be accessed via our online portal, email, phone and live chat.

Our service includes access to a Customer Success manager, whose role is to help customers to get the best use of our service offering ideas and sharing best practice and the experience of the user community.

Access to our govCommunity portal is also included, providing a collaborative environment to discuss, learn and share with other platform customers.

We offer regular free webinars for customers to help brush up their skills and review the potential use of additional services.

Please see our Service Description document for further details.
Support available to third parties

Onboarding and offboarding

Getting started
We offer an implementation manager who will coordinate all the Granicus aspects of the online training and account set up. They will build out the account, working directly with the customer's team to ensure that online training sessions are set up at convenient times. All sessions are exclusive to the customer and can be recorded for future reference. Online documentation is available, as are webinars both live and recorded.
Service documentation
Documentation formats
End-of-contract data extraction
Should a customer decide to cancel their agreement, the customer's data will be returned securely via a CSV file. Customers can also download their data at any time via the portal.
End-of-contract process
Decommissioning is included in the licence cost. Granicus will confirm the date on which customer access will be terminated.

Granicus will then decommission the service in line with its security and decommissioning policies. Applicable data will be returned securely via a CSV file.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
The end user interface has been designed/optimised for both desktop and mobile devices. The back office administrator interface, while not designed or tested specifically for mobile devices, allows access to features.
Service interface
User support accessibility
WCAG 2.1 AA or EN 301 549
Description of service interface
The platform includes a browser based web interface which allows users to access the service directly from a web browser.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
The platform aims to meet WCAG AA standards utilising standard in-built browser accessibility features.
What users can and can't do using the API
The platform has a comprehensive set of open API's which permits extensive use of the service, from sending messages to adding and managing subscribers. Full information on the API can be found at

Further API information is available on request.
API documentation
API documentation formats
  • Open API (also known as Swagger)
  • HTML
API sandbox or test environment
Customisation available
Description of customisation
Clients have full control over the personalisation of the service including branding, look and feel, features, subscription topics, message templates, interfaces, transactional messages and much more.

The look and feel can be branded to become an extension to your existing web presence, providing end users with a highly consistent user experience.


Independence of resources
GovDelivery is a SaaS application and is based on a multi-tenant type of architecture. Each account is securely separated from each other and all the resources are managed as a large pool. This architecture scales horizontality based on overall workload, enabling the platform to support more then 300 million subscribers and to be scaled for many more as required.


Service usage metrics
Metrics types
The govDelivery platform provides an array of reporting options. These include:

• Account performance report
• Network Report
• Bulletin Reports
• Subscriber Reports
• Subscriber Activity Report
• Subscriber Activity Report
• Topic Reports
and many more.

The platform also offers an optional Reports Pro API which allows third party reporting products to be connected.

Please see our service definition for further details.
Reporting types
  • API access
  • Real-time dashboards
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
Other locations
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Users with appropriate administration permissions (set by the customer) can export their data at any time via the portal. Information can be transferred via the APIs.
Data export formats
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
Please contact us for further details.

Availability and resilience

Guaranteed availability
Availability is 99%.
Approach to resilience
GovDelivery has redundancy built into each of its Tier 3 two data centers. Redundant switches, load balancers and firewalls allow maintenance on an individual network device with no customer impact. The server infrastructure is completely virtual and the build process has been automated so that extra capacity can be added in minutes when needed. In the case of a complete datacentre failure, processing would failover to the secondary data centre that is 1,000 miles away. Data is replicated in near-real time between the two centres to ensure a short Recovery Point Objective (RPO).
Outage reporting
Service status is communicated via our customer portal, email alerts and SMS alerts.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Other user authentication
Authentication is required for clients. Authentication for the public/citizens is optional.
Access restrictions in management interfaces and support channels
Access restricted by user permissions, role based access controls and 2FA.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
Reviewed 26/03/2022
What the ISO/IEC 27001 doesn’t cover
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications
Any other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
Granicus has many security policies and processes that support both ISO 27001:2013, the NCC Cloud Security Prinicples and FedRAMP (based on NIST 800-53r4), covering everything from physical security to system communications to vendor security. Processes are created for each NIST 800-53 control family and are documented on an internal wiki site.

All employees are required to sign an Acceptable Use Policy that spells out the requirements. Failure to follow the security policies/processes can result in disciplinary action from Human Resources, up to and including termination.

Please contact us for specific details.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Tickets are created for all changes. These tickets include information on potential customer impact, QA steps, and a backout process. The changes are all reviewed at change management meetings and must be approved before being implemented. Changes are also reviewed for potential security impact.

Individual physical components are tracked through a combination of an asset inventory and through the ticketing system that identifies the components that are changing.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
The entire infrastructure (application, database, servers/devices) is scanned on a monthly basis. A ticket is created for each identified vulnerability for tracking throughout the lifecycle, and an internal remediation timeline is set depending on the severity. Teams meet weekly to review the vulnerabilities and identify timelines and ensure that issues aren't missed.

In addition to scanning, Granicus subscribes to the UK National Cyber Security Centre, US-CERT and individual vendor security mailing lists so we are notified when important vulnerabilities are identified. Tickets are created for each of these as well and follow the same process as scans.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Granicus utilises both network and host-based intrusion detection systems that send logs to a centralised location for proper correlation.

If a compromise is suspected, the incident response team is mobilised to investigate and confirm/deny the actual breach. If a breach is confirmed, the customer support team reaches out to all impacted customers immediately and provides updates every 20 minutes until the issue is contained (the same process is used for any incident). A root cause analysis (RCA) is then provided after the remediation, generally within 48 hours.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Incident management is performed in accordance with Granicus’s ISO27001 accredited incident management process which identifies the flow from incident detection to remediation, including many high-level processes.

Customers can report incidents to support. This kicks off the process, which includes automatically generating a ticket and beginning the triage process.

Internally, a detected incident is reported to customer support so that the team can communicate to any impacted customers. Updates are sent every 20 minutes for severity 1 issues.

For impactful incidents, after it is remediated, a root cause analysis (RCA) is provided to impacted customers, generally within 48 hours.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks

Social Value

Fighting climate change

Fighting climate change

Traditional marketing and newsletter approaches to government communications have depended heavily on the use of paper-based publications delivered to resident households by post or other means. This approach carries a significant carbon footprint, even when the newsletter is recycled. In addition, the ability to share the newsletters or extend the reach of its contents is extremely limited.

The addition of email publication services significantly reduces the carbon footprint of newsletter production, but the delivery reliability or consistently can vary depending on the service used to perform the delivery. Again, there is often little opportunity to extend the reach of the news delivered.

govDelivery’s cloud communications platform has an incredibly high digital delivery success rate, thanks to our government-only business focus. Internet providers inherently place a high degree of trust in our platform, so we consistently deliver your newsletter to their intended recipients. In addition, our unique govDelivery Network has a strong global govDelivery digital subscriber base, meaning you can potentially extend your electronic reach with little or no effort.

Many of customers use the power of govDelivery to educate their communities about climate change and the impact of current levels of food waste, recycling, and other related behaviours. They have also invited residents to take part in community environmental challenges; inspired and celebrated local improvements and achievements; publicised and encouraged participation in community environmental and climate change public consultation exercises. One community regularly warn local motorists about expected annual migration paths of indigenous wildlife via govDelivery.

Our platform’s intuitive user interface and content building tools make adding topics and content related to climate change simple and timely.
Covid-19 recovery

Covid-19 recovery

Many of our govDelivery customers, spanning Central and Local Governments, healthcare and emergency services, have acknowledged the sheer communications power they could harness during the pandemic, leveraging our cloud platform’s intuitive user interface to quickly set up and begin relaying critical messages to residents. Almost 4 billion COVID-related messages were sent to help communities access the critical information and services needed to navigate the rapidly evolving COVID situation, locally and nationally. 

COVID-focused electronic newsletters provided government staff who normally used traditional, printed newsletters or face-to-face outreach with a means to maintain their connections with residents remotely, encouraging and inspiring their constituents, rallying volunteers, celebrating community triumphs and educating them on how to stay safe. And since newsletters can be viewed on a wide range of devices, the reach of each publication has been significant.

As agencies begin to move to the Government’s ‘Living with COVID’ plan, there will still be a need for communications around COVID-related topics. In many locations, staff have started to shift existing content and topics to address specific areas of ongoing need in their area, such as promoting local retraining/recruitment initiatives or providing information and support to those residents impacted by the disease. Since staff have complete autonomy over the look, feel and content of govDelivery newsletters, creation and format/content changes are simple, agile and efficient.

govDelivery’s Questions and Campaign features help government staff to identify subscribers from a particular demographic (e.g. residents whose mental or physical health has been impacted by COVID), then develop a specific series of related newsletter content to target individuals who might be interested.

As approaches to digital government corporate communications established during the pandemic are now well-embedded in most organisations, staff can continue to connect with the community safely and flexibly in observance of any social distancing protocols.
Tackling economic inequality

Tackling economic inequality

There are many ways in which councils can support and promote local business and encourage economic growth using govDelivery. Its easy-to-use design tools make it straightforward to produce different newsletter layouts and add appropriate, focused content. Newsletter scheduling and the campaigns feature allow you to release information at the appropriate rate to ensure you grab resident attention.

For example, a council could establish a topic focused on new local businesses. A series of newsletters could be developed to introduce a business and its offerings to residents, promote community events involving local business and otherwise encourage use of local resources.

govDelivery could also potentially allow an agency to run targeted, multi-channel recruitment campaigns; as an example, one or more UK police services have successfully promoted their need to hire additional resources through this approach. Many of our health service customers who use govDelivery as an internal communications tool have topics relating to HR, recruitment and apprenticeship opportunities.

By dovetailing govDelivery with the EngagementHQ consultation and resident engagement platform, government agencies can facilitate efficient, multi-way communication among local business, suppliers, citizens and themselves. They can springboard initiatives with local businesses to identify high growth sectors; determine local gaps in demand; analyse supply chain requirements and develop strategies to encourage growth. govDelivery newsletters could invite participation, report on progress and announce results.
Equal opportunity

Equal opportunity

Traditionally, many socially-disadvantaged or at-risk residents may have found it difficult to connect, interact and keep current with local council news, services and support; conversely, council staff may be challenged to identify and reach these individuals so that their views and needs are heard and addressed.

Paper-based newsletters delivered to households limit the audience to mainstream audiences. Those without a fixed address, or who find it difficult to assimilate non-digital written content without aids are inherently excluded from the information contained in a publication; furthermore, the content may not be relevant to these individuals.

By using the govDelivery cloud communications platform to design, produce and distribute digital community information, government agencies can ensure that a wider range of their constituents receive their messages. govDelivery’s built-in accessible tool elements support content preparation that users can easily adjust to suit their particular viewing or listening needs: govDelivery content is compatible with all modern Web browsers and popular accessibility booster tools. Because newsletters can be delivered to a wide range of mobile devices, the audience can easily receive them with only a valid email address to subscribe.

govDelivery topics can be set up to focus on particular subjects (e.g. available local services to support homeless residents, educational programmes or accessible business premises). Residents can then subscribe to newsletters relevant to their needs or interests.

With regard to employment opportunities, govDelivery’s intuitive, easy-to-use user interface means that staff can produce content with little or no specialist experience. Since the design interface to the platform is web-based, there is no requirement to work in a specific location, meaning staff could work remotely if required. govDelivery has also been used by agencies such as police authorities to promote recruitment campaigns for new officers.


Increasingly, councils and other government agencies are establishing corporate goals to promote healthy living and well-being and involve its residents and general community. The range of focus runs from making locations more accessible and conducive to walking, biking and other exercise to healthy eating ideas, mental and physical health support resources and both team and individual challenges.

govDelivery’s ability to easily create topics and quickly develop focused content has been used extensively by our customers to inform and encourage their communities’ health and wellbeing. The Questions feature collects additional information defined by staff from subscribers which can be used to target particular audience demographics. Newsletters can be scheduled to develop a rhythm with information distribution and our campaigns functionality helps clients to develop a series of related newsletter content and then drip-feed them to subscribers.

A great example of this is a UK County Council’s Hungry Little Minds campaign, where they created a topic specific to those that registering births with the council. By collecting specific information through the use of questions, they were able to tailor the information to the parent over the course of a dedicated campaign, knowing the age of the child and keeping the parent informed of key information throughout the first few weeks and months of the child's life.

Another UK council’s email bulletins are now integral to the council’s outreach strategy, promoting health initiatives, mental health support, and exercise opportunities. The outreach strategy has attracted over 5000 subscribers to the council’s Sport and Physical Activity bulletin.

Yet another borough council regularly publish healthy recipes and encourage residents to take part in exercise and wellbeing challenges.


£4,200.00 a licence a year
Discount for educational organisations
Free trial available
Description of free trial
Limited trial subject to scoping

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.