Delta 4 Services Limited

Digistaff; Intelligent Processing for Local Government - Managed Service

Digistaff Intelligent Processing for Local Government is a Business Processing as a Service (BPaaS) Intelligent Automation (IA) solution. The software interacts with the user interface of applications like a human user would, allowing to automate business processes with no integration or change to existing systems, tools or applications.

Features

• Automation of Business Processes
• Fully Managed Service for Local Government & Public Sector
• On Demand Hosted Robotic Process Automation (RPA)
• Intelligent Automation, Co-Pilot & AI Chatbot
• Operational 24/7 (dependent on system availability)
• Fully Automated Historic Credits solution for Council Tax and NDR
• Fully Automated VEP solution (Housing Benefits)
• All software licenses included in the price
• Accessible Transport, Housing, ASC and Children's Processes, Local Government Processes
• Revenues & Benefits, Parking, HR, Planning, Employee Services

Benefits

• Fully Managed Service
• Industry Leading Productivity 24/7
• Increased Efficiency and Accuracy
• Application, System and Process Agnostic
• Reduced Operating Costs & Increase Income
• Improved Customer Experience
• Releases Staff to Undertake Higher Value Tasks
• Quick Deployment
• Instantly Scalable Resource
• Capture Structured and Unstructured Data

£1,800 to £42,000 a unit

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andy.heys@digistaff.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

134009298512268

Contact

Andy Heys
07824305347
andy.heys@digistaff.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: None
• System requirements: None - Infrastructure, Application & System Agnostic

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: All initial questions are responded to within 24 hours as a maximum.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Standard help-desk hours are Mon-Fri 9 - 5 excluding UK Public Holidays.; ; There are three defined sub-sets of fault:- “Category 1” - a fault which makes the Software unusable. Target response time two hours; target resolution 24 hours “Category 2” - a Fault which has a material effect upon the functionality, accuracy or performance of any function of the Software upon which Customer relies. Target response time of four hours; target resolution 48 hours. “Category 3” - a minor or cosmetic Fault. Target response time four hours; target resolution seven days.; ; Support is include in the cost.; ; We do not provide a technical account manager or cloud support engineer.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: A combination of onsite training and user documentation following industry best practice.
• Service documentation: No
• End-of-contract data extraction: No process data is stored within our infrastructure. As part of any contract agreement there will be a controlled return or deletion of customer data.
• End-of-contract process: Within the price of the contract will be a provision of automated processes that remain the intellectual property of DigiStaff. Off-boarding of clients is included in the price of the contract.; ; DigiStaff follow as a minimum, the UK’s current standard for Data wiping as set out by HMG CESG IS5 Baseline and Enhanced. This standard dictates that hard drives must be overwritten a minimum of three times.; PROCESS:; The process that is followed by DigiStaff's engineers is as follows:; a. Hard drives are removed from service at the end of a contract, when upgrades are performed or when a hard drive is replaced due to a fault.; b. Drives are places into a logged queue marking them for data wiping.; c. Drives are stored for 30 days before being processed further.; d. Once 30 days has passed, an engineer puts the drive through the erasing process; e. If the wiping process succeeds then the drive is either disposed of or marked for re-use where in accordance with Digistaff policies.; f. If the wiping process fails, the process is restarted from point d.

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: All business and operational processes can be customised. The user makes a change request to the DigiStaff team and the changes will be made from a central point

Scaling

• Independence of resources: Each client has an independent environment

Analytics

• Service usage metrics: Yes
• Metrics types: Workforce utilisation and process performance
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Via downloadable XML
• Data export formats: Other
• Other data export formats: XML
• Data import formats:
  • CSV
  • ODF
  • Other

Data-in-transit protection

• Data protection between buyer and supplier networks: IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Network availability - 100% Infrastructure availability - 99.99% Availability is based on the total number of operating hours of a given calendar month and excludes planned and emergency maintenance.
• Approach to resilience: Digistaff uses UKFast as hosting provider, their resilience standard is: ; ; UKFast owns and operates a 5.52MW tier 3 1,000 rack data centre estate. This contains multiple physically separate buildings, connected by dedicated fibre. High voltage power connections are provided from four separate primary sub-stations. All mission-critical services including Standby Generation, Cooling systems and UPS (uninterruptible power system) are provided at N+1 or greater across the whole facility. The complex has a power density of over 6KW per square foot, providing diverse A & B power to each data rack, and all eCloud service platforms are supported from quadruple power feeds. The data centre complex is supported by 9MW of standby generation with over 100,000 litres of fuel storage and eight hour fuel supply SLA. All critical services are supported by 4.6MW of UPS power and 4.9MW of data centre cooling. The public sector hosting suite has fully resilient networking, switches, carrier-redundant leased lines, power and backup generators, all separated from the rest of the UKFast network and data centre complex.
• Outage reporting: Initially email alerts, we are looking to expand this to provide a private dashboard in the near future.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: Role Based Access and Privileged Identity Management
• Access restrictions in management interfaces and support channels: Role Based Access and Privileged Identity Management.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Approachable
• ISO/IEC 27001 accreditation date: 12/05/2021
• What the ISO/IEC 27001 doesn’t cover: Covers all elements of the service provision
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: In line with ISO27001 accreditation and governance procedures

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Change management system operational which documents all changes, responsible parties, time of change and senior-level sign off. All changes pass through a Change Advisory Board (CAB).; ; Changes to processes are tracked through audit logs in the Blue Prism software.; ; Change requests are evaluated for potential security risks. Once approved, they are implemented through a controlled approach using the various control mechanisms in Blue Prism.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Vulnerability scan run once per Quarter and critical vulnerabilities patched within 30 days.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Internally designed and developed threat monitoring system is run on all infrastructure.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: ISO27001-complaint processes and systems for incident response are operational.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Public Services Network (PSN)

Social Value

• Social Value:

  Social Value

  Tackling economic inequality

  Tackling economic inequality

  Due to the nature of our business we deliver all of our contracts remotely and as such it is difficult to add economic value to the locality for where the contract is being delivered. However, we will work with the local councils to identify local businesses or Voluntary Groups who we can support through the provision of equipment or training or access to our Finance Team to provide them with support needed. ; ; We will also provide workshops to local schools and colleges and if the opportunity arises apprenticeships and training to residents of the locality to deliver the contract.

Pricing

• Price: £1,800 to £42,000 a unit
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Free Proof of Value (POV) is available in some circumstances. Please contact us for more details.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andy.heys@digistaff.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.