Copperleaf Decision Analytics
Copperleaf® is at the forefront of investment planning and decision making for companies managing critical infrastructure. Our decision analytics solutions leverage operational, financial, and asset data to help our clients to make sustainable investment decisions that deliver the highest business value.
Features
- Asset Investment Planning – lifecycle investment decisions
- Asset Risk Modelling – Predict asset performance and life expectancy
- Software as a Service (SaaS ) Cloud Based
- Capital Allocation
- Portfolio Management
- Risk Management
- Cost Estimation
- Portfolio Optimisation & Scenario Analysis
- Value Framework and investment benefits quantification
Benefits
- Streamline investment planning and execution
- Increase business agility
- Quantify and proactively manage risk
- Create an executable plan that delivers maximum value
- Align decision making with organizational strategy
Pricing
£230,000 a unit
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
1 9 6 1 7 3 9 8 6 3 6 3 3 2 8
Contact
Copperleaf Technologies, Inc
Edward Clark
Telephone: +44 (0)7740 923 475
Email: eclark@copperleaf.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
-
Copperleaf's products are designed to support comprehensive asset investment planning and management.
However, as with any software, there may be certain constraints or considerations that buyers should be aware of:
For SaaS subscriptions and Term licenses with a support agreement, Copperleaf warrants that the Licensed Software will substantially conform to the functional specifications contained in the Documentation for the term of the Subscription. - System requirements
-
- Microsoft Edge
- Chrome
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Response times for incident alerts are based on their priority levels. The response times in relation to each priority level are as follows:
Urgent: 2 hours
High: 4 hours
Medium: Next Business Day
Low: Two Business Days - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
As part of the licence agreement Copperleaf provides multi-tiered support process that includes:
Tier 1: The client's own support team provides initial end-user technical and business support. If the issue can't be resolved, the client's support team opens a case with Copperleaf via the CRM portal.
Tier 2: The Copperleaf Support team takes over the ticket, and it is routed to a Copperleaf Customer Service Representative for review and resolution within prescribed SLA timelines.
Tier 3: If the Copperleaf Support team can't resolve the ticket, they work with the Copperleaf technical and development teams to bring it to resolution
Each client has a dedicated Client Success Manager, who attends monthly support calls, and works with each client to ensure they are getting the best value from the Copperleaf software, including product upgrades.
Additional Hypercare arrangements can be provided and tailored to a clients specific needs if required including on site support if needed. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Copperleaf helps users start using their service by providing a variety of support and training resources. These include:
Online Training: Copperleaf provides online training sessions to help users understand how to use the product suite effectively.
User Documentation: Comprehensive user documentation is made available to clients, which includes release notes and documentation for each new version of the product suite.
Monthly Meetings: Post go-live, Copperleaf's support teams hold monthly meetings with clients to provide ongoing assistance and demonstrations of new features.
Dedicated Support Portal: Clients have access to a dedicated support portal where they can find support materials and resources.
Support and Maintenance Agreement: As part of the Support and Maintenance Agreement, Copperleaf provides short, focused demos and documentation to ensure that users are familiar with new features, especially when an upgrade is implemented.
Additionally, the Copperleaf Product Suite includes online, context-sensitive help with an index, glossary, and search functionality, which users can access directly within the application for immediate assistancE - Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
-
Upon termination of services, Copperleaf commits to providing clients with their data. The content of the solution, including all client data, may be delivered to the client through a database dump of the Copperleaf environment, along with Excel exports of data tables.
Copperleaf and our hosting partner AWS follow NIST Special Publication 800-88 standard for the sanitation of media, ensuring that clients can extract reports, request a database dump file, and use standard APIs as well as a reporting data store to retrieve data. The terms and conditions related to data extraction and disposal are included in the contract
Copperleaf's approach to data extraction and disposal ensures that clients can retain control and possession of their data even after the contract with Copperleaf has ended. - End-of-contract process
-
At the end of a contract with Copperleaf, steps are taken to conclude the business relationship and ensure all contractual obligations have been fulfilled:
Termination of Access: The client's access to the software and any related services is terminated in accordance with the terms set out in the contract
Data Handling: Any client data held by Copperleaf would be handled as per the terms agreed. This could involve returning the data to the client, securely destroying it, or other measures as specified
Final Billing: Any final billing issues would be resolved, and the last payment would be processed as per the contractual agreement.
Contract Review: A review of the contract may be conducted to ensure that both parties have met their respective obligations and to address any outstanding issues
Documentation: All relevant documentation and records related to the contract would be archived according to legal and regulatory requirements.
It is important to note that the exact process may vary depending on the specific terms and conditions of the individual contract and any legal or regulatory requirements that apply to the client or the industry in which they operate.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Chrome
- Application to install
- No
- Designed for use on mobile devices
- No
- Service interface
- Yes
- User support accessibility
- None or don’t know
- Description of service interface
-
Yes, the solution supports both REST and SOAP web service interfaces.
File transfers are secured with SFTP using AES-256 encryption to ensure data security - Accessibility standards
- None or don’t know
- Description of accessibility
- Copperleaf is designed to provide a inclusive user experience. Functionality is available through the user interface for both experienced and infrequent users.
- Accessibility testing
- Copperleaf has been tested using operating system assistive technology. We are committed to providing an inclusive user experience and would discuss any client specific requirements.
- API
- Yes
- What users can and can't do using the API
- Copperleaf supports a full API based on SOAP and REST standards. This provides the capability to automate the functions that a user can perform programmatically.
- API documentation
- Yes
- API documentation formats
- Open API (also known as Swagger)
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Copperleaf allows for customization of features, which are developed, tested, and released in alignment with the client's needs. Custom features are requested through the Client Success Manager and our consultant will work with the client to document the most appropriate solution.
Scaling
- Independence of resources
- Copperleaf's performance testing has shown that the system is not overly sensitive to the number of concurrent users; rather, the actions of those users, specifically optimization, determine the peak usage. Since the number of users performing optimization is typically limited due to the client's process and usage patterns, this is factored into the platform sizing. Copperleaf continuously monitors the performance of the client’s platform and engages in discussions to increase platform size if peaks due to extensive use are observed
Analytics
- Service usage metrics
- Yes
- Metrics types
- Copperleaf provides service usage metrics. Copperleaf can supply uptime and application responsiveness reports. Additionally, production server metrics like server CPU, memory, and other monitoring system data
- Reporting types
-
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Encryption of all physical media
- Other
- Other data at rest protection approach
-
Encryption
Key Management
Segregation of Data
Secure Deletion - Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
-
Users can manually exchange data with external systems using the Extract, Transform, and Load (ETL) process. This process allows for the import and export of data using Microsoft Excel files, which can be used with various systems such as SAP, Oracle, Maximo, Primavera, ESRI, Power Plan, and others.
For programmatic integration, Copperleaf provides fully documented APIs that support automatic, bi-directional exchange of data with external systems. The APIs are built on top of Microsoft IIS using WCF services and expose both REST and SOAP web service interfaces . - Data export formats
- Other
- Other data export formats
-
- Excel
- SVG
- PNG
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- XML
- JSON
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Other
- Other protection between networks
-
HTTPS & TLS: All backend communication makes use of HTTPS and TLS, which encrypts data as it travels between the web server and database server, ensuring secure transmission of information when hosted in AWS
Encryption Recommendations: For communication between RDS and Copperleaf, Oracle Native Network Encryption (NNE) with AES256 encryption is recommended, and TLS is also supported
VPN Requirement: Some clients may choose not to use Oracle NNE or TLS, and in such cases, they require a VPN to secure the data in transit. When a VPN is used, it is Amazon's VPN service, providing an additional layer of security - Data protection within supplier network
-
- TLS (version 1.2 or above)
- Other
- Other protection within supplier network
-
Anti-Malware Protection
Intrusion Detection Systems (IDS) and Application-Level Filtering:
Network Access Control
Segmented Network Security:
SSL Termination:
Separate Database Servers
Audit Logging
Host-Based Intrusion Detection
Authorization
Availability and resilience
- Guaranteed availability
-
Copperleaf’s standard Service Level Agreement (SLA) commitment for availability is 99.75% within service hours.
Copperleaf is open to discussing alternative SLAs - Approach to resilience
-
Hosting with AWS: Copperleaf's hosting partner, Amazon Web Services (AWS), provides a highly resilient infrastructure.
Geographical Diversity: Utilising geographically diverse regions within AWS, ensures that data can be redeployed to an alternate data centre in another location in case of a regional failure. This allows for complete regional failure to be recovered under the standard SLA for Recovery Time Objective (RTO)
Redundancy: Redundancy is built into the delivery of hosting services, allowing for the restoration of services even in the event of a complete regional failure.
Business Continuity and Disaster Recovery: Copperleaf has a robust Business Continuity Plan (BCP) and Disaster Recovery (DR) process that includes twice-daily backups and the ability to redeploy these backups to an alternate data center.
Failover Capabilities: Copperleaf's cloud-hosted services are designed to failover between availability zones within a single AWS region as the initial method for recovery.
Data Protection: All client data is stored on encrypted volumes, with encryption keys managed by AWS Key Management Service (KMS),
Regular Testing: The backup and recovery process is used for instance delivery workflows, which means it is tested regularly, ensuring that technical processes involved in backup and recovery are always ready for use
Monitoring and Incident Response - Outage reporting
- Public Dashboard: Copperleaf uses Pingdom for uptime tracking over HTTPS using the fully qualified domain name (FQDN). The ping is responded to by the application every minute, where the application is considered down after two failed pings. The Pingdom service includes a public dashboard that can be provided to clients for real-time status updates
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Username or password
- Other
- Other user authentication
-
Role-Based Authorization: Users are only authorized to access the systems and data necessary for their job functions, ensuring that access is appropriately limited
Client Authentication Options: Clients can choose from several authentication methods when accessing the Copperleaf web application:
SAML 2: This is the recommended method for its enhanced security. Clients will need to have an identity provider such as OKTA or ADFS to use this option. - Access restrictions in management interfaces and support channels
-
Copperleaf restricts access in management interfaces and support channels through several layers of security controls to ensure that only authorized personnel can access these sensitive areas:
Role-Based Access Control (RBAC)
Multi-Factor Authentication (MFA)
Firewalling
Secure Communication Protocols
Segregation of duties
Physical and Network Security
Support Channel Authentication
Auditing and Monitoring - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Username or password
- Other
- Description of management access authentication
-
"Copperleaf authenticates management access to its service by employing robust security measures that are designed to ensure only authorized personnel have access to management functions using
Unique User IDs and Authentication
Privileged User Accounts
Service Accounts and Superuser Credentials
Central Authentication Directory
Regular Audits and Reviews
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- SAI Global
- ISO/IEC 27001 accreditation date
- 20/12/2022
- What the ISO/IEC 27001 doesn’t cover
- Copperleaf does not perform outsourced development
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
-
- SOC2 Type 1
- SOC2 Type 2
- ISO27001
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- ISO/IEC 27001
- Other
- Other security governance standards
-
NIST-800
ISO9001
SOC Type 1 and SOC Type 2 - Information security policies and processes
-
The governance structure is led by a Senior Director of Information Security, who is responsible for identifying risks and opportunities for improvement in our security posture. This role involves policy development, application security training, feature review, penetration testing, and auditing of controls
Our Information Security team works closely with Product Development to integrate security into the software development lifecycle. They are involved in identifying requirements for security features, creating application security threat models, conducting penetration testing, and providing internal audit functions. This ensures that security considerations are embedded from the earliest stages of development and throughout the product lifecycle
Additionally, we adhere to the SOC 2 compliance standard, which includes an annual audit against the management of information security risks.
Moreover, we enforce a principle of segregation of duties across all critical security functions to prevent conflicts of interest and reduce the risk of error or fraud. In cases where true separation cannot be achieved, we perform rigorous auditing of the functions involved
To ensure all employees are aligned with our security governance, we communicate our security policy as part of employee onboarding, which all employees must acknowledge. We also conduct periodic audits and cybersecurity training.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Copperleaf complies with several configuration and change management processes to ensure the integrity, stability, and security of our services. The key processes we adhere to include:
Platform Configuration Changes
Application Configuration Changes
Security Content Automation Protocol (SCAP)
Vulnerability Management
Incident Response
Patch Management - Vulnerability management type
- Undisclosed
- Vulnerability management approach
-
Copperleaf use platforms like Rapid7 InsightVM and Synopsys Blackduck to detect and track operating environment vulnerabilities and software dependency vulnerabilities to remediation
Urgent vulnerabilities are patched or mitigated within 48 hours, and non-urgent vulnerabilities within one month - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
Copperleaf utilises a comprehensive monitoring system to identify potential compromises, which includes access patterns and other indicators of compromise. Logs are ingested into a central SIEM) system, Rapid7 InsightIDR, for correlation and alerting.
Upon detecting a potential compromise, our response procedures are initiated, which consist of isolation, investigation, remediation, and communication. The response is managed by an information security incident team. - Incident management type
- Supplier-defined controls
- Incident management approach
-
Copperleaf's incident management process is structured to ensure efficient and effective handling of any security incidents. Here is a high level description of our process steps:
Detection and Reporting
Initial Assessment
Response Team Activation
Isolation
Investigation
Redmediation
Communication
Recovery
Post Incident Analysis
Documentation and Compliance
SLAs and escalation
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Equal opportunity
- Wellbeing
Fighting climate change
At Copperleaf, we focus on long term sustainability in our journey to create positive change for our planet, with a strategic plan to evolve out business processes to better manage our supply chain and offset any remaining carbon footprint by investing in green projects certified by Gold Standard.
To manage our emissions, we’ve undertaken initiatives to reduce our business travel through remote sales and implementation activities, and enabling remote work to reduce our need for physical office spaces. Where our emissions are unavoidable, we'll continue to apply our carbon offset program. To date we’ve invested in several international green projects that offset 6,305 tons of carbon for our emissions, including Scope 3.
Looking forward, we plan to implement a vendor sustainability program that defines guidelines and criteria that we use to partner with and asses our vendors. Integrating sustainability principles into our vendor management program will help us collaborate with vendors, build a responsible business ecosystem, and ultimately reduce our emissions.
We recognise that purchasing offsets is a last resort, and only one of many ways to manage carbon footprints and plan to further enhance our current program by aligning to the Oxford Offsetting Principles for net-zero aligned offsetting.Equal opportunity
Our commitment to Diversity, Equality and Inclusion (DE&I) is a key part of our culture and spans the entire company, from our CEO to our DE&I team, to our neurodiversity employee resource group, to all our employees worldwide. We believe our differences help us learn new things, question our biases, and look at challenges through our own unique life lenses.
Nurturing an inclusive environment where employees at all levels feel respected, heard and empowered is critical to our success. We know that greater diversity on our teams yields higher performance.
We believe we each have the power and the responsibility to create change, that’s why we encourage people to speak up about their beliefs, respectfully challenge ideas and take initiative to do the right thing. All of Copperleaf contribute to DE&I progress, from our Board and leadership team to our employee resource groups to our people across the globe.
Copperleaf is creating a workforce that reflects society’s social demographics – where everyone has a sense of belonging and can maximise their potential to help Copperleaf and their clients build a better world, one step at a time.Wellbeing
At Copperleaf, employee well-being is a key focus, and the company has established a Health & Wellness Program to support the physical and mental health of its employees. This program is designed to be fun and engaging, aiming to improve morale, fitness, and overall wellness. Here are some of the features of Copperleaf's Health & Wellness Program:
Ergonomic Initiatives: Employees have the option to choose sit/stand workstations and/or ergonomic stools to promote better posture and reduce the risk of musculoskeletal issues. Research has shown that employees using sit/stand desks report fewer pain-related issues
HealthFlex Benefit: Copperleaf offers a HealthFlex benefit to all employees, which is a spending account that can be used to purchase goods or services that contribute to the employees' health and wellness. This can include exercise or sporting equipment, athletic footwear, healthy cooking appliances, and training sessions
Sponsored Activities: The company sponsors employee participation in sports teams, wellness challenges, and events like charity runs and walks. These activities not only promote physical activity but also foster team building and community engagement
Facilities Access: Employees have convenient access to facilities that support their health and wellness goals. This access is part of the company's commitment to providing resources that employees need to maintain a healthy lifestyle
Continuous Improvement: Copperleaf tracks the results of its health, safety, and wellness programs to continuously improve them. The company believes that leadership in health and safety starts from within and is committed to fostering increased employee awareness of health and safety policies and goals
By providing these resources and opportunities, Copperleaf demonstrates a commitment to the well-being of its employees, understanding that a healthy workforce is integral to the company's success and the quality of service it provides to clients.
Pricing
- Price
- £230,000 a unit
- Discount for educational organisations
- No
- Free trial available
- No