KPMG LLP

Sofy Workforce Modeller

Portal capabilities for Dynamics 365 for Customer Engagement brings qualified expertise in web engagement and CMS frameworks. With an integrated bundle of web portal solutions Portals enable sophisticated content management, knowledge and case management, opportunity management, membership, profile, and self-service capabilities

Features

• Customer Self Service Portals
• Partner Portals
• Partner Project Portal
• Partner Field Service Portal
• Community Portal
• Employee Self Service Portal
• Custom Portals

Benefits

• Case management, knowledge base and discussion forum
• Customer, account and opportunity management
• Empower agents and exceed customer/citizen expectations.
• Partner field service engagement
• Discussion forum, blogs and case management
• Employee & HR Contacts, Knwoledge Base, Forums and Case Management
• Use the framework to create a custom portal

£360 to £2,550 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at PSopportunities@kpmg.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

203664009493332

Contact

KPMG G-Cloud Team
02073111000
PSopportunities@kpmg.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No
• System requirements:
  • Below are offered as examples only
  • 3.3 gigahertz (GHz) or faster 64-bit dual core processor
  • 4-GB RAM or more
  • Super VGA with a minimum resolution of 1024 x 768
  • Bandwidth greater than 1Megabit per second (125 KBps/Kilobyte per second)
  • Latency under 150 ms
  • Common Modern Browser (latest versions)
  • Office 365 Enterprise E3 or later (for full features integration)
  • TLS 1.2 Support

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We offer a variety of service level objectives or agreements depending on the complexity of the system to be implemented and the level of support required, but our typical response time would be as follows:; Priority 1 – 1 hour; Priority 2 – 2 hours; Priority 3 – 8 hours; Priority 4 – 3 working days
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: We offer a full, SLA backed, managed services function for incidents & problems. We typically offer a mix between functional and technical resolution resources at all levels.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Full documentations is provided by MS, sample code is available from MS and developed code by KPMG. KPMG can provide a full range of services including application configuration, integration, data migration, testing, training services, user documentation and support.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats: Word
• End-of-contract data extraction: The Service Management contract will include provisions for the removal of client data from the solution using the standard Microsoft data entity structures. Clients can then transform this information into whatever formats are required for other solutions to use.
• End-of-contract process: The Service Management contract will include provisions that describe end of contract activities

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Microsoft provide a mobile application for iOS (10+), Android (4.4+) and Windows (10+) which can be configured to provide access to records within D365CE. D365 can also be accessed within the web browser on the phone with a reduced service available (i.e. no support for pinch and zoom, reports).
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: As below
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: Microsoft is a major software and cloud-services provider to states and governments around the world, it is committed to complying with all relevant international standards and compliance controls. By adhering to these wide-ranging accessibility standards, Microsoft ensures that all customers—both inside and outside of government—can use Microsoft services and products.
• API: Yes
• What users can and can't do using the API: All functionality is available within an API, what individual users can perform is controlled by what their permissions are set to within D365CE.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: All functionality is available within an API, what individual users can perform is controlled by what their permissions are set to within D365CE.

Scaling

• Independence of resources: N/A

Analytics

• Service usage metrics: Yes
• Metrics types: The Service Management contract entered into by the client will provide details of service metrics applicable to the solution.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft D365 Customer Engagement licences

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: Provided by Microsoft as part of the Azure data hosting
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data import and export is managed through the out of the box data import wizard and advanced find export to excel functionality that are supplied as standard with the solution
• Data export formats: Other
• Other data export formats: Excel
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Compressed (zip)
  • XML

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: Certificate Authority wildcards on external facing traffic
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: Implementation of Active Directory Certificate Services on internal traffic

Availability and resilience

• Guaranteed availability: Availability and resilience service levels are derived directly from the underlying Microsoft Azure Cloud service.
• Approach to resilience: The approach to reporting outages is derived directly from the underlying Microsoft Azure Cloud service.
• Outage reporting: The Azure platform offers real time dashboards and email notifications to interested parties on their service outages.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: This is fully configurable identity and access management. Role based access controls restrict access to named users only
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Independently audited at 6 months by external accreditation body.
• ISO/IEC 27001 accreditation date: 2002
• What the ISO/IEC 27001 doesn’t cover: The scope statement for our ISO certificate reads: ‘The protection of information in relation to the provision of professional services to KPMG clients. This includes all client-facing business units that use KPMG’s centrally managed information systems and processes
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • Offensive Security Certified Professional/Expert (OSCP/OSCE)
  • CISSP - Certified Information Systems Security Professional
  • CCSK - Certificate of Cloud Security Knowledge
  • CCSP - Certified Cloud Security Professional
  • SCF - SABSA Chartered Security Architect – Foundation
  • AWS Certified Solutions Architect – Associate
  • GICSP - Global Industrial Cyber Security Professional
  • CISA - Certified Information Systems Auditor

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: KPMG holds the Cyber Essentials certificate.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: KPMG defined controls are applied. However these can be varied to suit specific client requirements by agreement. Such tailored non-standard services may attract additional cost.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: KPMG defined controls are applied. However these can be varied to suit specific client requirements by agreement. Such tailored non-standard services may attract additional cost. We can provide details upon request
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: KPMG defined controls are applied. However these can be varied to suit specific client requirements by agreement. Such tailored non-standard services may attract additional cost. We can provide details upon request
• Incident management type: Supplier-defined controls
• Incident management approach: KPMG defined controls are applied. However these can be varied to suit specific client requirements by agreement. Such tailored non-standard services may attract additional cost. We can provide details upon request

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  KPMG aims to demonstrate effective stewardship of the environment in the following ways: (i) Environmental Benefits - Employment, re-training, return to work - To support our clients we established KPMG IMPACT, a platform to share knowledge to support and empower KPMG professionals to assist clients meet UN Sustainable Development Goals. We’ll use this platform to bring you examples of what other organisations worldwide are doing so that you can adopt these as appropriate. We’ve already leveraged this to assist several NHS Trusts identify ways they can meet climate change targets, including through their supply chain. (ii) Influence Environmental Protection and Improvement - We’ve committed to be a net-zero business by 2030 and have adopted specific plans to achieve this. Including: Reducing our travel using technology tools for video meetings and effective remote working and encouraging colleagues to work remotely 3 days per week; making KPMG offices free of one-use plastics; and minimising the use of paper working by providing dual-screen workspaces and defaulting all printers to black and white printing.
• Covid-19 recovery:

  Covid-19 recovery

  At KPMG, Covid-19 is being managed in the following work ways: (i) Employment, re-training, return to work – Upskilling colleague in the new ways of working and making our offices Covid-secure to allow for safe return. (ii) Supporting people and community recovery - Providing experienced resources to the government to deliver new programmes at short notice, enabling the country to respond to and recover from the pandemic swiftly. (iii) Supporting organisations and business to recover – Providing webinars to SMEs, hosted by senior business leaders, to highlight potential new routes to market, furlough opportunities, Covid recovery and Brexit. (iv) Health and reduced demand on public services - Implementing a ‘Covid special leave’ timesheet code, for time taken to provide home schooling, care for relatives, etc. Easing pressure on those juggling demands and reducing demand on health and care services. (v) Workplace conditions - Investing in office adjustments and technology to ensure colleagues can work safely and seamlessly from the office and home.
• Tackling economic inequality:

  Tackling economic inequality

  KPMG promotes new business, jobs and skills via the below initiatives: (i) Entrepreneurship, growth and business creation Our Black Entrepreneur Awards provides funding, publicity, business workshops and mentoring to talented back-heritage entrepreneurs and creates a community of likeminded business owners. Since 2013, KPMG have shone the spotlight on game changers, disruptors and tech titans of tomorrow - allowing exclusive networking opportunities with likeminded peers and key influencers. (ii) Employment - It’s Her Future programme attracts, empowers and develops women in technology. The programme has driven a 15% increase in female recruits graduating into technology jobs since 2015. In 2019, we reached a 50/50 sex split for the first time. (iii) Education and training The KPMG Foundation is an independent grant-giving organisation supporting social value projects. It focuses on education and social projects for under-privileged young people, often in care, on the edge of care or living in deprived families. We improve routes to employment by delivering skills training to over 1,000 young people each year, providing Enterprise Advisers for local schools, and engaging with the business community to create more opportunities for social mobility. We increase opportunities for people from lower socio-economic backgrounds by promoting lifelong learning and increasing numeracy and literacy across the UK. KPMG support the National Literacy Trust’s ‘Vision for Literacy Business Pledge’. Colleagues are given 42 volunteering hours every year to support local initiatives. 80% of our volunteering is focused on social mobility projects.
• Equal opportunity:

  Equal opportunity

  KPMG’s commitment to social value unlocks potential for our clients, our people, our suppliers, our local communities, and society. We use our scale and influence to make a significant positive contribution to addressing inequality and improving social value. We aim to reduce the disability employment gap and tackle workforce inequality, via the following work streams: (i) Increase representation and skill development of disabled people - KPMG is a leader within the Disability Confident scheme and supports the removal of barriers to that prevent those with a disability from entering work and developing their career. In addition to helping us to remove barriers, we see our role as leading by example to push the boundaries around this area. (ii) Support in-work progression Our Fairer Futures campaign brings together our activities to improve inclusion, diversity and social inclusion across KPMG. We were one of the first businesses to set diversity and social equality targets which we aim to achieve by the end of 2022. These targets and plans are embedded in our People Strategy to ensure they are achieved. We believe there should be no limit to where talent, achievement and hard work can take our colleagues. Our Open Performance Development approach is based on the latest thinking in performance development, neuroscience and, most importantly, what we have learned through our Global People Survey.
• Wellbeing:

  Wellbeing

  We recognise the importance of health and wellbeing in enabling our people to be at their best and focus on the most impactful areas. Our strategy has been shaped by listening to our people and developed with specialists in these fields. We regularly monitor the effectiveness of the services on offer and initiatives we lead - measuring colleague wellbeing, service uptake and wider trends - to help develop and improve what we do and respond to the ever-evolving pressures on peoples mental, physical, social and financial health. Examples Include: (i) Workforce Health and Wellbeing - Team Wellbeing Ambassadors build, embed and maintain a sustainable wellbeing approach. These ambassadors receive additional support and training to develop local programmes to support physical and mental health. This includes supporting teams working on client projects, so we’d be happy to demonstrate how this works in practice. We know that part of our social value as a major UK employer is supporting the health and wellbeing of our own employees. Many our staff have caring responsibilities for relatives and been called on more than ever over the pandemic. Ensuring our teams are looked after ensures that we reduce the demand on the wider health and social care system. (ii) Influencing support for health and wellbeing - Broad health and wellbeing benefits and programmes are provided to all colleagues, including health assessments, bereavement support, employee assistance programme, preventative advice, financial wellbeing, and physiotherapy services. Our BeWell programme is a 24/7 confidential support service which offers information, counselling, and practical advice.

Pricing

• Price: £360 to £2,550 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at PSopportunities@kpmg.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.