Skip to main content

Help us improve the Digital Marketplace - send your feedback

Copperleaf Technologies, Inc

Copperleaf Decision Analytics

Copperleaf® is at the forefront of investment planning and decision making for companies managing critical infrastructure. Our decision analytics solutions leverage operational, financial, and asset data to help our clients to make sustainable investment decisions that deliver the highest business value.

Features

  • Asset Investment Planning – lifecycle investment decisions
  • Asset Risk Modelling – Predict asset performance and life expectancy
  • Software as a Service (SaaS ) Cloud Based
  • Capital Allocation
  • Portfolio Management
  • Risk Management
  • Cost Estimation
  • Portfolio Optimisation & Scenario Analysis
  • Value Framework and investment benefits quantification

Benefits

  • Streamline investment planning and execution
  • Increase business agility
  • Quantify and proactively manage risk
  • Create an executable plan that delivers maximum value
  • Align decision making with organizational strategy

Pricing

£230,000 a unit

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at eclark@copperleaf.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

1 9 6 1 7 3 9 8 6 3 6 3 3 2 8

Contact

Copperleaf Technologies, Inc Edward Clark
Telephone: +44 (0)7740 923 475
Email: eclark@copperleaf.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Copperleaf's products are designed to support comprehensive asset investment planning and management.

However, as with any software, there may be certain constraints or considerations that buyers should be aware of:

For SaaS subscriptions and Term licenses with a support agreement, Copperleaf warrants that the Licensed Software will substantially conform to the functional specifications contained in the Documentation for the term of the Subscription.
System requirements
  • Microsoft Edge
  • Chrome

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response times for incident alerts are based on their priority levels. The response times in relation to each priority level are as follows:

Urgent: 2 hours
High: 4 hours
Medium: Next Business Day
Low: Two Business Days
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
As part of the licence agreement Copperleaf provides multi-tiered support process that includes:
Tier 1: The client's own support team provides initial end-user technical and business support. If the issue can't be resolved, the client's support team opens a case with Copperleaf via the CRM portal.
Tier 2: The Copperleaf Support team takes over the ticket, and it is routed to a Copperleaf Customer Service Representative for review and resolution within prescribed SLA timelines.
Tier 3: If the Copperleaf Support team can't resolve the ticket, they work with the Copperleaf technical and development teams to bring it to resolution

Each client has a dedicated Client Success Manager, who attends monthly support calls, and works with each client to ensure they are getting the best value from the Copperleaf software, including product upgrades.

Additional Hypercare arrangements can be provided and tailored to a clients specific needs if required including on site support if needed.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Copperleaf helps users start using their service by providing a variety of support and training resources. These include:

Online Training: Copperleaf provides online training sessions to help users understand how to use the product suite effectively.

User Documentation: Comprehensive user documentation is made available to clients, which includes release notes and documentation for each new version of the product suite.

Monthly Meetings: Post go-live, Copperleaf's support teams hold monthly meetings with clients to provide ongoing assistance and demonstrations of new features.

Dedicated Support Portal: Clients have access to a dedicated support portal where they can find support materials and resources.

Support and Maintenance Agreement: As part of the Support and Maintenance Agreement, Copperleaf provides short, focused demos and documentation to ensure that users are familiar with new features, especially when an upgrade is implemented.

Additionally, the Copperleaf Product Suite includes online, context-sensitive help with an index, glossary, and search functionality, which users can access directly within the application for immediate assistancE
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Upon termination of services, Copperleaf commits to providing clients with their data. The content of the solution, including all client data, may be delivered to the client through a database dump of the Copperleaf environment, along with Excel exports of data tables.
Copperleaf and our hosting partner AWS follow NIST Special Publication 800-88 standard for the sanitation of media, ensuring that clients can extract reports, request a database dump file, and use standard APIs as well as a reporting data store to retrieve data. The terms and conditions related to data extraction and disposal are included in the contract

Copperleaf's approach to data extraction and disposal ensures that clients can retain control and possession of their data even after the contract with Copperleaf has ended.
End-of-contract process
At the end of a contract with Copperleaf, steps are taken to conclude the business relationship and ensure all contractual obligations have been fulfilled:

Termination of Access: The client's access to the software and any related services is terminated in accordance with the terms set out in the contract
Data Handling: Any client data held by Copperleaf would be handled as per the terms agreed. This could involve returning the data to the client, securely destroying it, or other measures as specified
Final Billing: Any final billing issues would be resolved, and the last payment would be processed as per the contractual agreement.
Contract Review: A review of the contract may be conducted to ensure that both parties have met their respective obligations and to address any outstanding issues
Documentation: All relevant documentation and records related to the contract would be archived according to legal and regulatory requirements.
It is important to note that the exact process may vary depending on the specific terms and conditions of the individual contract and any legal or regulatory requirements that apply to the client or the industry in which they operate.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Chrome
Application to install
No
Designed for use on mobile devices
No
Service interface
Yes
User support accessibility
None or don’t know
Description of service interface
Yes, the solution supports both REST and SOAP web service interfaces.
File transfers are secured with SFTP using AES-256 encryption to ensure data security
Accessibility standards
None or don’t know
Description of accessibility
Copperleaf is designed to provide a inclusive user experience. Functionality is available through the user interface for both experienced and infrequent users.
Accessibility testing
Copperleaf has been tested using operating system assistive technology. We are committed to providing an inclusive user experience and would discuss any client specific requirements.
API
Yes
What users can and can't do using the API
Copperleaf supports a full API based on SOAP and REST standards. This provides the capability to automate the functions that a user can perform programmatically.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Copperleaf allows for customization of features, which are developed, tested, and released in alignment with the client's needs. Custom features are requested through the Client Success Manager and our consultant will work with the client to document the most appropriate solution.

Scaling

Independence of resources
Copperleaf's performance testing has shown that the system is not overly sensitive to the number of concurrent users; rather, the actions of those users, specifically optimization, determine the peak usage. Since the number of users performing optimization is typically limited due to the client's process and usage patterns, this is factored into the platform sizing. Copperleaf continuously monitors the performance of the client’s platform and engages in discussions to increase platform size if peaks due to extensive use are observed

Analytics

Service usage metrics
Yes
Metrics types
Copperleaf provides service usage metrics. Copperleaf can supply uptime and application responsiveness reports. Additionally, production server metrics like server CPU, memory, and other monitoring system data
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Encryption of all physical media
  • Other
Other data at rest protection approach
Encryption
Key Management
Segregation of Data
Secure Deletion
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Users can manually exchange data with external systems using the Extract, Transform, and Load (ETL) process. This process allows for the import and export of data using Microsoft Excel files, which can be used with various systems such as SAP, Oracle, Maximo, Primavera, ESRI, Power Plan, and others.
For programmatic integration, Copperleaf provides fully documented APIs that support automatic, bi-directional exchange of data with external systems. The APIs are built on top of Microsoft IIS using WCF services and expose both REST and SOAP web service interfaces .
Data export formats
Other
Other data export formats
  • Excel
  • PDF
  • SVG
  • PNG
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • JSON

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection between networks
HTTPS & TLS: All backend communication makes use of HTTPS and TLS, which encrypts data as it travels between the web server and database server, ensuring secure transmission of information when hosted in AWS
Encryption Recommendations: For communication between RDS and Copperleaf, Oracle Native Network Encryption (NNE) with AES256 encryption is recommended, and TLS is also supported

VPN Requirement: Some clients may choose not to use Oracle NNE or TLS, and in such cases, they require a VPN to secure the data in transit. When a VPN is used, it is Amazon's VPN service, providing an additional layer of security
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
Anti-Malware Protection
Intrusion Detection Systems (IDS) and Application-Level Filtering:
Network Access Control
Segmented Network Security:
SSL Termination:
Separate Database Servers
Audit Logging
Host-Based Intrusion Detection
Authorization

Availability and resilience

Guaranteed availability
Copperleaf’s standard Service Level Agreement (SLA) commitment for availability is 99.75% within service hours.

Copperleaf is open to discussing alternative SLAs
Approach to resilience
Hosting with AWS: Copperleaf's hosting partner, Amazon Web Services (AWS), provides a highly resilient infrastructure.
Geographical Diversity: Utilising geographically diverse regions within AWS, ensures that data can be redeployed to an alternate data centre in another location in case of a regional failure. This allows for complete regional failure to be recovered under the standard SLA for Recovery Time Objective (RTO)
Redundancy: Redundancy is built into the delivery of hosting services, allowing for the restoration of services even in the event of a complete regional failure.
Business Continuity and Disaster Recovery: Copperleaf has a robust Business Continuity Plan (BCP) and Disaster Recovery (DR) process that includes twice-daily backups and the ability to redeploy these backups to an alternate data center.
Failover Capabilities: Copperleaf's cloud-hosted services are designed to failover between availability zones within a single AWS region as the initial method for recovery.
Data Protection: All client data is stored on encrypted volumes, with encryption keys managed by AWS Key Management Service (KMS),
Regular Testing: The backup and recovery process is used for instance delivery workflows, which means it is tested regularly, ensuring that technical processes involved in backup and recovery are always ready for use
Monitoring and Incident Response
Outage reporting
Public Dashboard: Copperleaf uses Pingdom for uptime tracking over HTTPS using the fully qualified domain name (FQDN). The ping is responded to by the application every minute, where the application is considered down after two failed pings. The Pingdom service includes a public dashboard that can be provided to clients for real-time status updates

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
  • Other
Other user authentication
Role-Based Authorization: Users are only authorized to access the systems and data necessary for their job functions, ensuring that access is appropriately limited

Client Authentication Options: Clients can choose from several authentication methods when accessing the Copperleaf web application:

SAML 2: This is the recommended method for its enhanced security. Clients will need to have an identity provider such as OKTA or ADFS to use this option.
Access restrictions in management interfaces and support channels
Copperleaf restricts access in management interfaces and support channels through several layers of security controls to ensure that only authorized personnel can access these sensitive areas:

Role-Based Access Control (RBAC)
Multi-Factor Authentication (MFA)
Firewalling
Secure Communication Protocols
Segregation of duties
Physical and Network Security
Support Channel Authentication
Auditing and Monitoring
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password
  • Other
Description of management access authentication
"Copperleaf authenticates management access to its service by employing robust security measures that are designed to ensure only authorized personnel have access to management functions using

Unique User IDs and Authentication
Privileged User Accounts
Service Accounts and Superuser Credentials
Central Authentication Directory
Regular Audits and Reviews

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
SAI Global
ISO/IEC 27001 accreditation date
20/12/2022
What the ISO/IEC 27001 doesn’t cover
Copperleaf does not perform outsourced development
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
  • SOC2 Type 1
  • SOC2 Type 2
  • ISO27001

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
NIST-800
ISO9001
SOC Type 1 and SOC Type 2
Information security policies and processes
The governance structure is led by a Senior Director of Information Security, who is responsible for identifying risks and opportunities for improvement in our security posture. This role involves policy development, application security training, feature review, penetration testing, and auditing of controls

Our Information Security team works closely with Product Development to integrate security into the software development lifecycle. They are involved in identifying requirements for security features, creating application security threat models, conducting penetration testing, and providing internal audit functions. This ensures that security considerations are embedded from the earliest stages of development and throughout the product lifecycle

Additionally, we adhere to the SOC 2 compliance standard, which includes an annual audit against the management of information security risks.
Moreover, we enforce a principle of segregation of duties across all critical security functions to prevent conflicts of interest and reduce the risk of error or fraud. In cases where true separation cannot be achieved, we perform rigorous auditing of the functions involved
To ensure all employees are aligned with our security governance, we communicate our security policy as part of employee onboarding, which all employees must acknowledge. We also conduct periodic audits and cybersecurity training.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Copperleaf complies with several configuration and change management processes to ensure the integrity, stability, and security of our services. The key processes we adhere to include:
Platform Configuration Changes
Application Configuration Changes
Security Content Automation Protocol (SCAP)
Vulnerability Management
Incident Response
Patch Management
Vulnerability management type
Undisclosed
Vulnerability management approach
Copperleaf use platforms like Rapid7 InsightVM and Synopsys Blackduck to detect and track operating environment vulnerabilities and software dependency vulnerabilities to remediation

Urgent vulnerabilities are patched or mitigated within 48 hours, and non-urgent vulnerabilities within one month
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Copperleaf utilises a comprehensive monitoring system to identify potential compromises, which includes access patterns and other indicators of compromise. Logs are ingested into a central SIEM) system, Rapid7 InsightIDR, for correlation and alerting.
Upon detecting a potential compromise, our response procedures are initiated, which consist of isolation, investigation, remediation, and communication. The response is managed by an information security incident team.
Incident management type
Supplier-defined controls
Incident management approach
Copperleaf's incident management process is structured to ensure efficient and effective handling of any security incidents. Here is a high level description of our process steps:
Detection and Reporting
Initial Assessment
Response Team Activation
Isolation
Investigation
Redmediation
Communication
Recovery
Post Incident Analysis
Documentation and Compliance
SLAs and escalation

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

Fighting climate change

At Copperleaf, we focus on long term sustainability in our journey to create positive change for our planet, with a strategic plan to evolve out business processes to better manage our supply chain and offset any remaining carbon footprint by investing in green projects certified by Gold Standard.
To manage our emissions, we’ve undertaken initiatives to reduce our business travel through remote sales and implementation activities, and enabling remote work to reduce our need for physical office spaces. Where our emissions are unavoidable, we'll continue to apply our carbon offset program. To date we’ve invested in several international green projects that offset 6,305 tons of carbon for our emissions, including Scope 3.
Looking forward, we plan to implement a vendor sustainability program that defines guidelines and criteria that we use to partner with and asses our vendors. Integrating sustainability principles into our vendor management program will help us collaborate with vendors, build a responsible business ecosystem, and ultimately reduce our emissions.

We recognise that purchasing offsets is a last resort, and only one of many ways to manage carbon footprints and plan to further enhance our current program by aligning to the Oxford Offsetting Principles for net-zero aligned offsetting.

Equal opportunity

Our commitment to Diversity, Equality and Inclusion (DE&I) is a key part of our culture and spans the entire company, from our CEO to our DE&I team, to our neurodiversity employee resource group, to all our employees worldwide. We believe our differences help us learn new things, question our biases, and look at challenges through our own unique life lenses.

Nurturing an inclusive environment where employees at all levels feel respected, heard and empowered is critical to our success. We know that greater diversity on our teams yields higher performance.

We believe we each have the power and the responsibility to create change, that’s why we encourage people to speak up about their beliefs, respectfully challenge ideas and take initiative to do the right thing. All of Copperleaf contribute to DE&I progress, from our Board and leadership team to our employee resource groups to our people across the globe.

Copperleaf is creating a workforce that reflects society’s social demographics – where everyone has a sense of belonging and can maximise their potential to help Copperleaf and their clients build a better world, one step at a time.

Wellbeing

At Copperleaf, employee well-being is a key focus, and the company has established a Health & Wellness Program to support the physical and mental health of its employees. This program is designed to be fun and engaging, aiming to improve morale, fitness, and overall wellness. Here are some of the features of Copperleaf's Health & Wellness Program:

Ergonomic Initiatives: Employees have the option to choose sit/stand workstations and/or ergonomic stools to promote better posture and reduce the risk of musculoskeletal issues. Research has shown that employees using sit/stand desks report fewer pain-related issues

HealthFlex Benefit: Copperleaf offers a HealthFlex benefit to all employees, which is a spending account that can be used to purchase goods or services that contribute to the employees' health and wellness. This can include exercise or sporting equipment, athletic footwear, healthy cooking appliances, and training sessions

Sponsored Activities: The company sponsors employee participation in sports teams, wellness challenges, and events like charity runs and walks. These activities not only promote physical activity but also foster team building and community engagement

Facilities Access: Employees have convenient access to facilities that support their health and wellness goals. This access is part of the company's commitment to providing resources that employees need to maintain a healthy lifestyle

Continuous Improvement: Copperleaf tracks the results of its health, safety, and wellness programs to continuously improve them. The company believes that leadership in health and safety starts from within and is committed to fostering increased employee awareness of health and safety policies and goals

By providing these resources and opportunities, Copperleaf demonstrates a commitment to the well-being of its employees, understanding that a healthy workforce is integral to the company's success and the quality of service it provides to clients.

Pricing

Price
£230,000 a unit
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at eclark@copperleaf.com. Tell them what format you need. It will help if you say what assistive technology you use.