BMNT LTD

InsightAI

InsightAI is a conversational AI tool that enables qualitative and quantitative problem sourcing at scale. It helps you identify "unknown unknowns" in your organisation and ensures you are working on problems that really matter as well as asking the right questions. Ideal for innovation, transformation, and change leaders.

Features

• Intuitive, engaging User Interface
• Machine learning and AI categorise and make sense of conversations
• Deployable for mobile and desktop
• Natural Language Processing chatbot understands free text responses
• Realtime reporting and dashboard functionality
• Activity report generation on the fly
• Secure storage of organisational data, GDPR compliant, highly secure
• Problem and solution database
• Sentiment and emotion analysis
• Easy drill down from problem topics to detailed user feedback

Benefits

• Discover the unknown unknowns in your organisation
• Identify the most impactful problems to work on
• Increase effectiveness of innovation to adoption and scale
• Connect people with similar problems for co-creation and testing
• Build scalable and repeatable innovation patterns
• Quickly connect problems with known solutions
• Store data around successes and failures
• Access problem and solution data from anywhere
• Manage Problem Portfolios
• Find the best/viable solutions to problems

£150,000 to £250,000 a unit

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at knicholas@bmnt.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

218421256285508

Contact

Kevin Nicholas
07946114281
knicholas@bmnt.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: N/A
• System requirements:
  • Windows 10 or Mac OS X 10.13 or higher
  • IOS 12, Android 10, or higher
  • Safari, Chrome, Firefox or Edge browser (latest version)
  • Public internet connectivity (Firewalls may restrict access)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Standard response times are with 1 business day.
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Standard: email reply within 2 business days, fielded by on-duty technical account manager. Cost: included with license.; ; Premium: email reply within 2 hours, dedicated technical account manager. Cost: £2,500/mo
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Users contact us at a designated email address to request an InsightAI account for their organization. Included as part of this request is a list of initial users. ; ; We provide documentation and online training, as well as onboarding webinars.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: The organization's point of contact may request a .csv download of that organization's user data.
• End-of-contract process: The customer organization is provided an export of their data upon request, and their user accounts are closed. There are no additional costs.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: We provide a mobile interface when InsightAI applications are used with mobile browsers. Certain features and applications are also accessible via SMS. Full functionality is available to mobile devices.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: Authorised users can access all stored information via an API. Users can request access credentials and are provided secret and public use keys. The API service allows for all standard CRUD functionality with respect to data associated with people, organisations, problems, and solutions. Users are not permitted to edit existing user permissions via the API.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: No

Scaling

• Independence of resources: The InsightAI platform is hosted in Amazon's public cloud, behind an intelligent services that pro-actively allocates additional resources when certain system parameters achieve defined thresholds.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide usage metrics for most activities within the InsightAI system, surrounding people, organizations, problems and solutions. We track changes to attributes of each of these entities as part of our active metrics approach. We include usage metrics such as: Campaign reach, number of interactions, duration, user role, user attributes, topic modelling, sentiment analysis, topic priority and response drill down
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Only an organisation's main point of contact can request data export. This will be provided via downloadable .csv file of the raw data
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: In order to enable the client to do business effectively, Vendor guarantees that certain items will be available for a certain percentage of time.; ; The InsightAI system is guaranteed to have a 99.9% uptime.; ; Uptime is measured over each calendar month. It is calculated to the nearest minute, based on the number of minutes in the given month (for instance, a 31-day month contains 44,640minutes).; ; If uptime for any item drops below the relevant threshold, a penalty will be applied in the form of a credit for the client. This means the following month’s fee payable by the client will be reduced on a sliding scale.; The level of penalty will be calculated depending on the number of hours for which the service was unavailable, minus the downtime permitted by the SLA:; ; Important notes:; • Uptime penalties in any month are capped at 50% of the total monthly fee; • Uptime measurements exclude periods of routine maintenance. These must be agreed between Vendor and client in advance.
• Approach to resilience: We rely on Amazon's native hardware and network resiliency plan. The Insight system is load balanced across multiple availability zone to ensure application resiliency.
• Outage reporting: We plan on publishing a public status dashboard within the next six months.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Management interfaces and support channels are IP-restricted and require authenticated VPN to access.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: Cyber Essentials Certification

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: NIST-800-171r1
• Information security policies and processes: Principles; The company shall provide all employees and contracted third parties with access to the information they need to carry out their responsibilities as effectively and efficiently as possible.; ; General; ; a. Each user shall be identified by a unique user ID so that individuals can be held accountable for their actions.; ; b. The use of shared identities is permitted only where they are suitable, such as training accounts or service accounts. ; ; c. Each user shall read this data security policy and the login and logoff guidelines, and sign a statement that they understand the conditions of access.; ; d. Records of user access may be used to provide evidence for security incident investigations.; ; e. Access shall be granted based on the principle of least privilege, which means that each program and user will be granted the fewest privileges necessary to complete their tasks.; ; Access Control Authorization ; ; Access to company IT resources and services will be given through the provision of a unique user account and complex password. Accounts are provided by the IT department based on records in the HR department.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Core components of the InsightAI system are version numbered and routinely refactored and updated as part of our ongoing development process. All changes to the system are monitored for security compliance as part of our general deployment procedures.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We actively perform dynamic and static vulnerability testing on our services. ; ; We aim to deploy security-related updates as soon as the updates to the affected packages are made available by the authors/contributors. ; ; We regularly monitor vulnerability reporting forums and services to keep abreast of the latest vulnerability alerts that may affect the InsightAI system.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We maintain intrusion detection system and active analytics of user behavior in the system. We have developed custom alerts that trigger when non-standard user behavior is detected. ; ; We respond to incidents within 4-hours of detection.
• Incident management type: Supplier-defined controls
• Incident management approach: We monitor for common events within our systems and also provide users the ability to alert our team of incidents via email. ; ; We provide incident details and status notifications via our public dashboard.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  N/a
• Covid-19 recovery:

  Covid-19 recovery

  N/a
• Tackling economic inequality:

  Tackling economic inequality

  N/a
• Equal opportunity:

  Equal opportunity

  N/a
• Wellbeing:

  Wellbeing

  Our tool is used to identify and understand problems that your team faces. The area(s) explored are determined during the discovery/scripting phase of a campaign, and can focus on staff well-being just as well as it can focus on operational issues- and, of course, these can be linked. The campaign be set to run anonymously, and a range of options exist to enable you to pinpoint specific areas (roles, departments, geos, operations, tasks) that are causing staff well-being issues, and then use conversational AI to dive deeper in the discussion with each team member, allowing you to gain highly actionable insight into what you might do to improve your staff's wellbeing.

Pricing

• Price: £150,000 to £250,000 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at knicholas@bmnt.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.