Skip to main content

Help us improve the Digital Marketplace - send your feedback

  1. Digital Marketplace
  2. Lot 2: Cloud software
  3. Proactis Marketplace
Embridge Consulting (UK) Ltd

Proactis Marketplace

Proactis Marketplace enables your organisation to implement defined, guided buying practices for employees. Proactis Marketplace includes the tools required to manage both suppliers’ and in-house catalogues, provide access to authorised supplier websites, and utilise external marketplaces, all while ensuring the buying process is still controlled within your existing P2P solution.


  • Cloud-based solution with web browser access
  • Use negotiated supplier catalogues to control content visibility.
  • Drive best-practise purchasing through preferred suppliers.
  • Compare products to always ensure the best-value.
  • Punch-out to supplier's eCommerce websites for browsing and purchasing.
  • Automatically track common items and make available for quick purchase.
  • Manage and approve supplier catalogues before publishing them to users.
  • Promote supplier self-service for catalogue uploads and amendments.
  • Send orders direct from the Marketplace and accept e-Invoices back.
  • Streamline RFQ processes for buying non-standard products/services.


  • Greater buyer adoption of your organisation’s purchasing process.
  • Increased savings from greater on-contract spend.
  • Decreased maverick buying of unnecessary or unauthorised goods and services.
  • Increased value and savings from better buyer purchase decisions.
  • Higher levels of control and spend visibility within categories.
  • Reduced administrative cost within Procurement.
  • Maximise investment in existing purchasing platforms through seamless integration.
  • More value-added time freed up for buyers.


£17,995.00 a unit a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

1 3 2 0 5 7 4 6 4 0 5 5 2 9 3


Embridge Consulting (UK) Ltd Emma O'Brien
Telephone: 01474555505

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Proactis Sourcing, Proactis Supplier Management, Proactis Purchase to Pay (P2P), Proactis Accounts Payable Automation, Proactis Contract Management.
Cloud deployment model
Private cloud
Service constraints
System requirements
All services are browser based using latest version of browsers

User support

Email or online ticketing support
Email or online ticketing
Support response times
For system related incident reporting/resolution, users raise a technical support ticket via the Proactis Support System at or email at any time. The Support System is available 24/7/365, though tickets are only actioned during Helpdesk support hours (9:00am-5:30pm Monday to Friday (EU/UK/EST time) excluding Bank Holidays). Tickets raised are managed in accordance with ticket priority levels/severity, linked to SLA's for response and resolution times as contained within the Proactis standard contract. The system is automatically monitored around the clock and issues escalated to relevant teams/individuals for investigation and remediation
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Access to support and maintenance services is provided as part of the annual subscription fees. For all system related incident reporting and resolution, using secure, unique login details, users simply need to raise a technical support ticket in the first instance using the online Proactis Support System at An Issue Resolution process with associated SLAs would then be followed. All service desk personnel are technical engineers equipped to deal with technical issues. The Customer Support Helpdesk is available to provide support on system issues, i.e., errors seen in the system and/or if core functionality is not working as intended. They will also be the first point of contact if you wish to raise a change/enhancement to the solution. The Helpdesk operates from 9:00am until 5:30pm Monday to Friday (EU/UK/EST time) excluding Bank Holidays. An Account Manager becomes the first point of contact for all commercial, contract and day to day matters that are typically ‘non-support’ orientated once the solution is live.
Support available to third parties

Onboarding and offboarding

Getting started
Proactis provides onsite training and/or online training (via Teams). Proactis approaches training based on a ‘Train the Trainer’ methodology, the benefit of which is ensuring a thorough understanding of the solution resides within the Customer's organisation.

Proactis will provide training on the use of the system to the intended ‘Trainer’s’ of the end users, i.e., the System Administrator. Training is delivered on a standard training environment, and additionally, before entering UAT, the project team steps through the configuration with the Consultant on their environment. The aim is to ensure System Administrators have the skillset and tools to make the best use of the functionality, so they can then be self-sufficient in disseminating the training information to the end users.

Proactis also adopts a knowledge transfer approach, ensuring the project team users are hands on with the application throughout the project by being involved in the configuration, build and testing, thereby ensuring self-sufficiency post project.
Service documentation
Documentation formats
  • PDF
  • Other
Other documentation formats
End-of-contract data extraction
Proactis provides an off-boarding process to provision complete copies of the Customer's data, normally in SQL backup format but other formats can be agreed.
End-of-contract process
Within 14 days of termination Proactis will provide the Customer, in encrypted format, a full copy of their data in SQL format (other formats are available at additional costs). This is performed once, FOC, as part of standard off-boarding processes.

Any additional works required, e.g. extract of documents from data, querying or additional extracts of specific data are additionally charged based on requirements.

Once data has been successfully transferred, Proactis will either destroy any data still in its possession, or anonymise if system integrity is affected by deletion.

Using the service

Web browser interface
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install
Designed for use on mobile devices
Service interface
User support accessibility
None or don’t know
Description of service interface
The Service Interface allows users (Administrators, Buyers and Suppliers) to access the application via a GUI. Administrators can configure, manage and monitor all aspects of the system relating to their organisation. Buyers can create, modify and view basket, orders, receipts, invoices and all data relating to their purchasing activities. Suppliers can receive and respond to order and invoices relating to their organisation.
Accessibility standards
None or don’t know
Description of accessibility
Proactis supports the requirement to make service functionality equally accessible for everyone. Proactis Research and Development (R&D) has invested significantly in developing solutions to materially comply with the WCAG 2.0 guidelines, and continues its approach in respective functional areas to further develop functionality to comply with components of WCAG 2.1. You can find the Proactis Accessibility Statements on our website at
Accessibility testing
Proactis has tested using these technologies ourselves without involving third parties.
What users can and can't do using the API
Proactis solutions make use of various APIs for different operational purposes, including information and data management as well as integration into third-party line of business systems.

Across the solution set, SOAP and RESTful APIs are used and fully documented. Proactis will make use of these APIs as part of any implementation, although customers will be able to consume them themselves for use in additional integrations etc.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
Whilst Proactis solutions are customisable, in general, the preferred mechanism to meeting an organisation’s solution requirements would be to address these through configuration in the first instance, and only look to customise beyond the out of the box functionality where this would be the only way to deliver an optimal solution.

The level of configuration available in the Proactis platform ensures that Customers can build both their current 'as-is' processes, as well as their future 'to-be' processes. This can be done by the Customer themselves, Proactis Consultants or any other suitable third-party.


Independence of resources
Proactis operates a completely elastic hosted environment with enterprise level monitoring behind which allows instant ballooning of resources and real-time and historic usage metrics for accurate requirement provisioning.


Service usage metrics
Metrics types
These are configurable depending on the customer requirements.
Reporting types
Regular reports


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Supplier Management, AP Automation, Marketplace, P2P, Contract Management, Sourcing

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
Other data at rest protection approach
Access to the hosted environment is only by approved Proactis personnel commensurate to their requirement in order to provision the service. All data is encrypted at rest within ISO27001 certified data centres. This is implemented via hardware assisted heads on the storage arrays and is applied to all datastores. All data is held on a secure back end network and securables (e.g. passwords etc) are 1 way salt encrypted. The data encryption Algorithm used is AES-256-XTS.
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
All our solutions come with advanced reporting tools allowing the customer to extract the data they require in the format they require it in.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • RTF
  • HTML
Data import formats
  • CSV
  • Other
Other data import formats
  • EDI
  • XML

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
Availability of the Hosted Services, excluding scheduled downtime, shall be 99.95% during Working Hours; and 99.9% at all other times. Service Credits are payable on any failure of service that does not meet expect SLA’s. Please see Maintenance and Support Services Terms attached.
Approach to resilience
Proactis operates its systems under no single point of failure. Additionally, warm DR systems operate in a separate data-centre, meaning live systems can be brought back with a 6hour RTO and 30minute RPO.
Outage reporting
Proactis will notify any Customers affected should an outage occur by contacting the Customer's nominated representatives.

Identity and authentication

User authentication needed
User authentication
Username or password
Access restrictions in management interfaces and support channels
Support channels can only be used by recognised and registered personnel. Management interfaces, and access to them, are fully controlled by the customer who can assign roles and responsibilities as required.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
Alcumus Isoquar
ISO/IEC 27001 accreditation date
Last Audited November 15, 2021
What the ISO/IEC 27001 doesn’t cover
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications
Any other security certifications
  • ISAE 3402 Type 1
  • Registered as a Data Controller with ICO. Registration number: Z1093431
  • Organisational & technical controls in place ensure GDPR compliance.

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
ISAE 3402 Type 1; Cyber Essentials and Cyber Essentials Plus; Registered as a Data Controller with the Information Commissioner’s Office (ICO). Registration number: Z1093431; Organisational and technical controls are in place to ensure GDPR compliance.
Information security policies and processes
Proactis is certificated to ISO 27001 and has a comprehensive suite of IS policies which are reviewed and updated each year internally by the Compliance and Quality Manager along with the IT Availability Services Director who has overall responsibility for leading Proactis’ Information Security function. External audits of the system and processes are undertaken by Alcumus Isoqar, a UKAS accredited auditor on an annual basis.

Security governance forms part of our certification. All new starters are required to read and confirm adherence to all policies and procedures, and at least annually all staff members must sign to state they have read and understood the IS policies and any updates during the period. Any failure is reported at Board level.

As part of the externally-audited standards, Proactis has a dedicated, independent, Compliance Team, headed by the Compliance Manager, who is also the Proactis Data Protection Officer. The team reports directly to the Proactis Board. The Compliance Team is also supported by key personnel within the ITAS function (IT Availability Services).

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
All source code is tracked through life using industry standard source control, which logs all changes made and impacts. Additionally, all changes made to our hosted environments follow a full electronic change control process. Both are audited as part of our ISO27001 accreditations.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Risk assessments are carried out at least annually by ITAS and Compliance. The infrastructure undergoes separate penetration tests conducted by an independent third party, with any outputs being assigned to a remediation plan. We use a variety of sources to recognise potential threats. Internal and external vulnerability scans of our environments for known threats are undertaken using industry-leading software, with reports compiled and reviewed on a monthly basis. Additionally, any code fix issues can be patched and deployed within 24 hours depending on the severity of the issue.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Through our ISO/ISAE requirements, we have specific processes and procedures in place to actively monitor and react to any potential compromises, as does our Service Provider. This process includes Board Level notification of any such suspected breaches. If such a compromise is discovered then an immediate impact assessment is performed and necessary actions taken based on this review. Normally we would inform any customers affected as soon as is practical, except for where criminal investigations must take place, in which case notifications would be done as soon as authorised by relevant authorities.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
The Proactis documented Incident Management process is audited through our ISO/ISAE accreditations. There is scope designed within the process to allow for RCAs, forensic analysis and so forth, based on the type and severity of incident.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks

Social Value

Fighting climate change

Fighting climate change

In accordance with the current formulation of the Proactis Environmental, Social and Governance processes, Proactis has outlined a commitment to comply with relevant legislation and to continually act to minimise the environmental impact of our business. Specific environmental objectives include to adopt responsible fuel and energy management practices to reduce energy consumption, and to take measures to reduce waste at source and recycle where possible. We aim to pursue best practise green procurement, assessing sustainability, Corporate Social Responsibility (CSR) and, wherever possible and in accordance with our procurement criteria, adopt an increasingly localised supply chain. Proactis has made a commitment to be Net Zero mid-to late 2020s and is in the process of documenting a formal ESG (Environmental, Social and Governance) strategy across the business, which will include formal targets and metrics across all 3 areas. This is championed by the Chief Financial Officer (CFO), who is the Board representative for Compliance and Governance. A Proactis Electric Vehicles Scheme is in place in the UK, with a number of employees already taking advantage of the initiative. Offering such a scheme highlights our dedication to our core values in support of Our Planet approach - to make decisions and policies that protect our planet.
Covid-19 recovery

Covid-19 recovery

As Covid-19 brought rise to the need to work from home, organisations recognised the need to adapt previously manual processes so people could work remotely. This need sparked a more urgent drive for digital transformation.

The whole ethos of Proactis solutions is to automate Source to Pay processes, moving away from admin-heavy, manually intensive processes, while reducing the risk of human error. By making information transparent and easily and securely accessible online, stakeholders can access and collaborate on projects without needing to be in the office.

This became more important during the pandemic and Proactis Customers in Public, Private and Not for Profit sector organisations were able to reap the benefits of the systems they had in place, as referenced by a Proactis Customer in the Education sector:

“Overall, the obvious, and most relevant benefit in the midst of the COVID-19 situation is that we can access everything, in the same place, from anywhere. The Proactis solutions have been hugely helpful. We moved off site very quickly, but we were able to do this with confidence that none of our processes would suffer as a result. Supplier and Contract Management, eProcurement and now all invoicing processes are digital.“

Other Proactis customers also adopted additional modules that would support their digital transformation journey, which in turn helped to strengthen their business operations and increase agility during challenging times. This included adopting Proactis Supplier Management which, along with Contract Management and Sourcing modules, has helped to provide greater visibility and understanding of the supply chain to assist buyers in strengthening relationships with suppliers, reducing risk and enhancing overall compliance.

Within Proactis, processes have been put in place to support Covid-19 recovery including effective social distancing, remote working, safe return to office working, sustainable travel solutions and greater consideration given to local suppliers.
Tackling economic inequality

Tackling economic inequality

Supply chain compliance is assured as Proactis expects our suppliers to comply with the applicable legislation and regulations we are governed by, including human rights, modern slavery, environment and privacy. Proactis is committed to being an open and transparent organisation and seeks partners and suppliers who share this commitment.

The Proactis solutions, inclusive of Supplier Management and the Proactis Tenders Direct portal, naturally encourage greater engagement and collaboration with suppliers to deliver improved control, accountability, and measurability of the relationships with the buying organisation. Proactis solution ‘bePayd’ is very much aimed at supporting SME’s and helping them get their invoices paid sooner than they otherwise would have, critical in these uncertain times.

Proactis provides assurance to both Customers and Suppliers that it adheres to all necessary standards appropriate to the undertaking of its activities. Certifications held by Proactis include Cyber Essentials Plus, ISO 27001 Information Security Management and ISO 9001 Quality Management.

Proactis aims to support a sustainable eco-system within the communities in which it operates. Many employees live locally and Proactis supports a sustainable travel policy for all employees. Support for the local economy is encouraged with sourcing from local suppliers a key consideration in procurement activity where appropriate.

In the UK the company supports and actively encourages employee participation in supporting local and national charities including Wetherby & District Foodbank, The Archie Foundation and Save the Children, through activities such as Dragon Boat Challenge, Christmas Jumper Day, Bake Off challenges. In addition, staff are encouraged to give back to the local community, and all are allocated an additional day of leave that is committed as a dedicated volunteering day.
Equal opportunity

Equal opportunity

Proactis promotes a working environment in which diversity is recognised, valued and encouraged. We acknowledge the multi-cultural and diverse nature of the UK workforce and society in general, and are committed to principles of fairness and mutual respect where everyone accepts the concept of individual responsibility.

Proactis recognises that discrimination in the workplace in any form is unacceptable and, in most cases, unlawful. Company policy seeks to ensure that all job applicants, contractors and employees are treated fairly and without favour or prejudice. We are committed to applying this throughout all areas of employment. This includes recruitment and selection, training and development, benefits, rewards and promotion, dealing with grievances and disciplinary issues.

The Proactis Equal Opportunities and Diversity policy complies with current legislation. We review it regularly and update it if the law changes. However, we recognise that equality of opportunity is best achieved by day to day commitment throughout the organisation. We offer support and training where necessary to achieve and maintain this.

As a software company, Proactis does not have an extensive range of local or international suppliers where modern slavery or human trafficking would generally be a material risk. Regardless, Proactis is committed to acting ethically and with integrity in all our business relationships. Proactis has implemented improvements to internal systems and controls and how we engage with our supplier base to ensure that they will be compliant with the Act, to ensure slavery and human trafficking does not take place anywhere in our business or supply chains.


Proactis recognises that by providing a safe, stimulating working environment and encouraging staff to achieve their maximum potential, this will reflect in the culture of our organisation, the solutions we deliver and the relationships we have with customers. Listening to and obtaining regular feedback from staff is as important as listening to our customers.

Backed by a commitment from the Executive team to continually improve, Proactis undertakes annual employee engagement surveys. Following positive action taken, results show year on year improvements in engagement and positivity, with a >30 Net Promoter Score achieved earlier than the original target.

Ensuring and maintaining the Mental Health of our employees is high on our agenda. In support of this a number of staff have completed a Mental Health First Aider course, so that they are able to identify others in need and offer support in relation to where they can get help. The MHFA team also undertakes projects to actively encourage all our people to be aware of the importance of their mental health by presenting lunch & learn sessions, communicating team activities via the ‘OneVoice’ employee newsletter, and providing monthly updates from MHFA England and MHFA Scotland.

Internal communication channels have been established to encourage staff development and knowledge sharing. These include regular line manager catch-ups and Team meetings, lunch & learn sessions and companywide training sessions. In turn, these encourage sharing ideas that feed into the development of solutions for customers.

Flexible and home working is supported, standardised performance appraisals are undertaken and include a values-based review with a reward and recognition programme in place. In addition, staff are encouraged to give back to the local community, and all are allocated an additional day of leave that is committed as a dedicated volunteering day.


£17,995.00 a unit a year
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.