Seaforth Analytical Services Limited

Spend Analytics

Accounts payable and purchase order data is used to map supplier spend information. It links to an interactive dashboard allowing you to engage with the data and discover new insights. The information is used by management and purchasing professionals to gain visibility on spend and make informed strategic sourcing decisions.

Features

• Company wide consolidated spend visibility
• Payment term analysis
• Consolidate supplier spend
• Keyword search
• Invoice level search features
• Geographical mapping
• Pareto ABC – Banding & Trend Analysis
• Export to Excel​

Benefits

• Advanced Invoice Analysis​
• Normalise supplier information
• Payment Term alignment​
• Identify highest Value spend Suppliers & Categories
• Reduce tail spend
• Eliminate maverick spend
• Increase contract spend
• Improve category roadmap and align spend with Category Plan​

£3,000 a unit a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud.team@myseaforth.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

213851358531697

Contact

Edward McGeachie
0748 111 4474
gcloud.team@myseaforth.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: No service constraints
• System requirements: Standard javascript enabled web browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Email questions are provided with an initial response within 2 normal working days (9.00 am to 5.00 pm, Monday to Friday). Cases are prioritised according to business impact.; P1 - Service is unavailable and normal business cannot continue; P2 - Service performance compromised, some elements unavailable; P3 - Service fully available with workarounds; P4 - Service available but with cosmetic errors; ; Further response times are based on priority and complexity.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Specific support requirements are agreed and a technical account manager is identified at time of deployment.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We will support you through the provision of an initial discovery stage where diagnostic workshops will be carried out. A data transformation stage extracts PO & Invoice data to create the data warehouse. A calibration step processes the data to identify stop-words, calibrate word groups, assign GL codes and customer taxonomy. The data is also de-duplicated. Change control is applied to ensure data integrity. We will then configure your dashboard using standard views and creating any custom views that may be required by stakeholders such as Finance, Procurement teams and Category Leads.
• Service documentation: No
• End-of-contract data extraction: Data can be exported in MS Excel format.
• End-of-contract process: At end of contract all customer data will be returned to the client in the format provided. Dashboard access rights are withdrawn. All customer profile information is deleted. Customer data is deleted.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Pages are mobile aware. There are no operational differences.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: The initial 'discovery' stage identifies any custom data views required by the customer stakeholders. These are configuired and made available by Seaforth and made accessible via the online dashboard.

Scaling

• Independence of resources: Seaforth use Microsoft's Azure platform to ensure that computational and storage resources can be scaled quickly to meet user demand.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Data at rest is stored within Microsoft's secure Azure cloud. Microsoft is recognized as an industry leader in cloud security. A defense-in-depth strategy protects data through multiple layers of security (physical, logical and data). This includes:; * Port scanning and remediation; * Perimeter vulnerability scanning; * Operating system security patching; * Network-level distributed denial-of-service (DDoS) detection and prevention; * Multi-factor authentication for service access.; ; Leveraging Microsoft's cloud platform ensures secure, scale-able and resilient hosting.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data is exportable by the customer in MS Excel format.
• Data export formats: Other
• Other data export formats: MSExcel
• Data import formats:
  • CSV
  • Other
• Other data import formats: MS Excel

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Service levels are agreed to reflect the requirements of individual customers. The Azure platform provides accessibility in excess of 99.95%.
• Approach to resilience: Seaforth uses Microsoft's Azure Enterprise 365 E3 platform to ensure datacentre setup resilience. The platform provides availability in excess of 99.95%.; The setup utilises multiple layers of hardware redundancy, dynamic failover, multiple datacentres and service backup and restore.
• Outage reporting: Service outages are reported by email alert to a nominated customer representative or representatives.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Access restrictions are inherent within the system and are managed via the system's administrative interface
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Security governance is approached in line with the requirements of ISO27001.
• Information security policies and processes: Seaforth follows security policies and processes in line with ISO27001. Information security is overseen at board level.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Seaforth operate an Agile development lifecycle with defined sprint and release cycles. These are managed and controlled at board level. ; All software changes are assessed for security impact prior to release with roll-back to previous release level if necessary.; Testing and development is done in specific environments and the maintenance of version control ; change management covers all operational processes and procedures. Changes take place with minimum of disruption to the service. All raised change requests are submitted to Change Management for approval. Approved changes are scheduled and proceed to completion.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: As the service is provided through the Azure platform, system threats and operational vulnerability are managed by Microsoft. The service is monitored using tools provided by Microsoft Azure and other service components.; ; Service vulnerability patches are RAG risk assessed on the basis of likelihood and impact, and deployed as soon as is practicable.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Seaforth uses available monitoring tools to identify any potential compromise to the service, in line with industry best practice. After assessment, and if appropriate all users of the service will be notified by urgent email of a potential compromise. Any vulnerability will be addressed and patches applied. The service will only be suspended under extreme circumstances, where the assessment deems it appropriate.
• Incident management type: Supplier-defined controls
• Incident management approach: Seaforth have a defined incident management process in line with industry best practice. User identified incidents are reported by email and escalated to the appropriate service delivery point for resolution. The responsible Director will also be informed. Incidents are tracked from report to resolution with regular user updates by email and/or telephone as appropriate. The affected users will be notified by email on resolution,

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Tackling economic inequality

  Tackling economic inequality

  Seaforth Spend Analytics allows the identification of local, SME, VCSE and mutual suppliers that can provide value compelling products and services in the supply chain. It can also identify patterns of procurement that are disadvantageous to these supplier categories. It can help procurement staff identify risk through overdependence on a small number of suppliers and achieve resilience of supply.; Seaforth Spend Analytics also helps procurement professionals track their progress in achieving spend targets related to local, SME, VCSE and mutual suppliers and evidence risk reduction within the supply chain.

Pricing

• Price: £3,000 a unit a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud.team@myseaforth.com. Tell them what format you need. It will help if you say what assistive technology you use.