UNIPHI UK LIMITED

UniPhi

Project, Programme and Portfolio Management (PPM) system. Fully integrated for all project controls and PMO functions for enterprise, major project, or practice management.

Covers schedule, cost, resource, risk, issues, contracts (inc. NEC), documents, and reporting management.

Award winning and successful in numerous global deployments. Case studies available for most sectors.

Features

• Covers all project and portfolio management functions.
• Portfolio, Programme, Projects and sub-project reporting. Any WBS.
• Document Management
• Risk and Issues Management
• Contract Management (any contract form)
• Project lifecycle/Schedule Management (baseline, actual/forecast)
• Cost Management (budget, actual/forecast). Any CBS.
• Restful API to interface with other systems
• Import/Export and bespoke file import features for data capture.
• Resource and timesheet management.

Benefits

• Provides full insight across portfolio, programme and projects.
• Integrates data across all functional modules.
• Efficient workflow, sign-off and document/report circulation features.
• Templated processes and documents.
• Enter data once, use many times. No repetitive data entry.
• Capture methodologies, standards and procedures for project team access.
• Configurable to your business terminology and data requirements.
• Operates with multiple devices and mobile app.
• Provides multiple reports options (tabular, graphical, dashboards, visualisations).
• Document generator for regular (e.g. progress) reports across all data.

£5.00 to £40 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at b.cairns@uniphi-software.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

243362295196304

Contact

Brian Cairns
07748703444
b.cairns@uniphi-software.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Cloud offering only. We do not deploy on premise.
• System requirements:
  • Internet connection
  • Web browser installed on device

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Immediate - Malfunction of the Software (or a material part of it) causing serious disruption to normal operational capability Investigate within 2 working days. Rectify error within 5 working days; High - Obvious and serious flaw in the Software (or a material part of it ) eg significantly impairs the use by 50% of end users. Investigate within 3 working days. Rectify error within 10 working days; Normal - All Errors not covered by "Immediate" or "High" above. Investigate within 5 working days. Rectify error within 20 working days or for next software release as determined by The Company
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Via web site. General enquiries and system use responses.
• Web chat accessibility testing: We have been able to make sure our software complies with vision impaired functionality and allows all users to configure the tool to their needs. A user is able to set the font size of the system and the layout scales appropriately.
• Onsite support: Yes, at extra cost
• Support levels: UniPhi supports all aspects of our software and utilises the following schedule of rates; ; Business consulting - £120 per hour; ; System configuration consulting - £100 per hour; ; Systems Architect - £120 per hour; ; Senior software developer - £70 per hour; ; Junior software developer - £50 per hour; ; Classroom Training - £200 per hour; ; Zoom training - £125 per hour
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: UniPhi kicks off with a workshop to define the vision and scope of the deployment. Processes are designed, data uptake completed and then training undertaken in a fully configured system.; Ongoing training is available, mostly virtual (via Teams, Zoom etc). User documentation is provided. Webinars and online training (YouTube) material is also available. Online chat is available for users to gain quick answers to small use case questions. Phone support is available to discuss any system use.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: UniPhi provides interfaces for the downloading of content at any time during the contract, including a contract end. This feature downloads all document content created in the system.; ; UniPhi's RESTful API can also be used to extract data into excel or other databases.
• End-of-contract process: UniPhi supports end of contract in the same way we support during the contract. Clients can use all support channels to take advantage of the data extraction features referenced and if they prefer, we can provide a read-only hosted version of the software in-perpetuity to access at any time.; ; If data destruction is required, this can be completed at an additional cost that is dependent on the destruction methodology required.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Web application is mobile responsive, meaning it re-scales for different devices. ; ; There are native apps for iOS and Android that allow for offline data capture.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Various service interfaces include phone, online chat and ticket logging.
• Accessibility standards: None or don’t know
• Description of accessibility: Support accounts are issued on request. Chat online requires the person to register their name and email.
• Accessibility testing: The online service interfaces have been tested by accessibility consultants for vision impairment.
• API: Yes
• What users can and can't do using the API: UniPhi has a complete RESTful API that provides both get and put calls enabling free transfer of information both to the UniPhi database and from it.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Administrator level users can configure many aspects of the system including the addition of custom fields and variables.; ; System integration usually requires customisation of integration dashboards; ; UniPhi provides a custom report writing service.

Scaling

• Independence of resources: Each UniPhi deployment is in its own instance with its own database. Allocation of which hosting environment a client utilises is decided based on usage monitoring and can change over time.

Analytics

• Service usage metrics: Yes
• Metrics types: Full audit logs of user activities is accessible via the API; Standard reports out of the box show who has logged in, what parts of the system they have used and what interfaces they have used to access these modules.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: End users can create PDF documents of content captured in UniPhi as well as run tabular reports to excel. PowerQuery can be used to call our RESTful API and extract any and all data in the system.; Otherwise, API calls can be made to extract data to other databases or to SharePoint web parts.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • HTML
  • XML
  • PDF
  • JSON
  • XLSX
  • TIFF
  • PPTX
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XML
  • JSON

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: IDS/IPS real time intrusion detection and protection

Availability and resilience

• Guaranteed availability: UniPhi aims to achieve 100% Web Site Availability; ; Remedy: except under the conditions mentioned in the next section below, if the Web application availability is less than 100%, UniPhi will issue a credit to the client ; ; UniPhi will do its best to announce any scheduled maintenance at least 24 hours ahead of time to the the client; ; Server downtime is not recorded and no credit is issued during scheduled or emergency system maintenance. Outages caused by the actions beyond UniPhi's control including, but not limited to DoS attacks or other forms of intrusion are excluded from the uptime/downtime calculations.; ; To guarantee optimal performance of the hosting infrastructure, it is necessary for UniPhi to perform routine maintenance on the servers. Such maintenance often requires taking UniPhi web servers off-line, typically performed during off-peak hours. UniPhi will give you advance notice of maintenance requiring the servers to be taken off-line whenever possible. UniPhi reserves one hour of Service unavailability per month for maintenance purposes. Such unavailability is not included in the Service Availability calculation.
• Approach to resilience: We use tier 1 IBM data centres with full accreditation to all relevant ISO 27001 standards. More information is available on request.
• Outage reporting: Each client has their own instance so there's no general outage notice. Each client has a key account manager who will provide notice via email of planned maintenance and will phone client administrators immediately if there's an emergency outage.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Only vetted employees have access to management interfaces. They are given local accounts on the servers they manage and these are removed immediately once employment ends.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • Willing to obtain Cyber Essentials Plus.
  • We use independent third-party penetration tests every 6 months.
  • We are working towards ISO 27001 certification.
  • Our supply chain (data centres) have ISO 27001 certification.

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: UniPhi's CEO and founder liaises with our systems architect and outsourced data centre manager monthly to monitor our live security review document.; Penetration testing and data centre monitoring software reports are reviewed with actions assigned for any issues.
• Information security policies and processes: UniPhi's CEO and founder liaises with our systems architect and outsourced data centre manager monthly to monitor our live security review document.; ; Penetration testing and data centre monitoring software reports are reviewed with actions assigned for any issues.; ; The company has a documented information security policy that details how the company will handle data, including personally identifiable information.; The company has a documented disciplinary process for employees that violate the policy; The company provides training for employees that will handle personally identifiable, confidential and classified information

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: UniPhi is an asp.net web application. All code is stored in a subversion source control repository. Each client has their own branch off the trunk product. Merges are completed from trunk development to trunk and then to client branch. Patches are applied to the clients own application. The change control process includes testing, notification, back out plans, and approvals according to type and change and risk/impact of change.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: UniPhi procures third party penetration testing every 6 months.; Our data centre envrionment is monitored 24/7 by both physical security and software monitoring. Alerts are sent to our outsourced data centre supplier who then immediately contacts our system security personnel. Patches can be applied within 5 minutes where necessary.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our data centre environment is monitored 24/7 by both physical security and software monitoring. Alerts are sent to our outsourced data centre supplier who then immediately contacts our system security personnel. Patches can be applied within 5 minutes where necessary.; In 18 years of providing cloud based SaaS we are yet to have a serious incident, we have been able to manage sever DDOS attacks without impacting our clients access to the system.
• Incident management type: Supplier-defined controls
• Incident management approach: Our website has an FAQ for common incidents like password locked, account access and the like.; Users can report incidents via the support portal, via phone, online chat or support email. No matter which method, all issues are all issues are logged in our own version of our software. Client administrators have access to these logged issues and are notified via email of actions to resolve them.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  UniPhi has had sustainability goals embedded since 1999. Our current focus is to maintain our carbon neutrality. Policies that support this goal include:; • Interest free loans to all staff to install solar panels, insulation, dual flush toilet system and/or window glazing on their homes with repayments deducted from payroll over 7 years (a conservative payback; period);; • Mandatory NABERS ratings of 4.5 stars for energy and 4 stars for water in any office leased;; • Office desk numbers to FTE ratio of 0.5 that reflects the work from home policies stated in diversity;; • Zero printing targets that are supported by the fact that there are no printers in our offices;; • Waste and recycling information provided to staff as part of quarterly "life at home" meetings;; • No business travel allowed;; • Vetted green investment products provided for staff to donate via our intranet site;; • Awards to the top 3 staff members who had the highest positive overall carbon footprint per year, as; measured at https://www.carbonfootprint.com/calculator.aspx; ; Our servers are hosted in tier 1 data centres where the supplier organisation is committed to reducing the energy consumption of each centre to net 0 over time. The economies of scale of a cloud architecture over bespoke servers at our clients premises means that each new client on-boarded to UniPhi is another step towards carbon neutrality. The majority of our clients no-longer have internal hardware supporting their; business and the instigator of this was the move to UniPhi. The server and IT support costs alone paid for the subscription fees to UniPhi five fold.
• Covid-19 recovery:

  Covid-19 recovery

  Since Covid-19, we have invested heavily in tools and channels to support users in using our system as easily as possible. UniPhi's deployment approach is not necessarily linear and does not follow the usual waterfall methodology of software roll-outs. UniPhi's consulting background has led to innovations in the way we deploy including interactive workshops now run online, process oriented configuration and direct support via the online video conference tool of choice by our clients. ; Our staff have always had the option to work from home and we have been able to maximise producitivity of a disparate workforce for many years via the use of our own software to collaborate. This includes a "no internal email" policy. All correspondence internally is logged in our own application.; This flexible arrangements meant that from a work perspective productivity remained unchanged in a locked down environment.
• Tackling economic inequality:

  Tackling economic inequality

  UniPhi UK is part of a group of companies all mainly focused on delivering better project outcomes around the world. However, one of these companies is a training organisation delivering recognised qualifications to the disadvantaged. The UniPhi group of companies often hire graduates from these programmes, giving them their first opportunity at full time employment.; This culture permeates the entire group and we will be looking at new initiatives to support the disadvantages for years to come.
• Equal opportunity:

  Equal opportunity

  UniPhi UK is a small UK based business focused on developed local skills in P3M3. Our global holding company has a focus on developing diversity. This is evidenced through the current make up of our company. We would be one of very few software businesses in the world who have 50:50 gender balance. This was achieved through active recruitment processes that were developed to remove unconscious bias and to provide opportunities to those who may not receive it elsewhere. The ethnicity range has varied greatly over the years with the background of our team coming from all continents on the globe. Our local UK endeavours will continue this diversity approach
• Wellbeing:

  Wellbeing

  Our software is about supporting change for the better and we find that the more diverse the background of our company, the better we meet the needs of our users. A significant factor in the gender balance we've been able to achieve is the work from anywhere philosophy we have had since we first released UniPhi 1.0 in 2005. Within 12 months of releasing UniPhi 1.0 (a cloud product before the term existed) we were able to remove the need for a fileshare, VPN access and other technological constraints that mean people will struggle to work wherever they are. All UniPhi staff collaborate in the software. No internal emails are allowed and people are free to work wherever and whenever they like.; Our staff are mentored by senior personnel who are in-turn mentored by their seniors. Work expectation is a maximum of 40 hours in a week and to average 37.5 hours over the course of the year for full time staff. Both personal leave and holiday leave do not reset each year and staff are encouraged to take leave and keep leave balances low.

Pricing

• Price: £5.00 to £40 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Base case is a public sandbox but alternative bespoke arrangements are available according to proof of concept requirements.
• Link to free trial: https://cost-management.uniphi-software.com

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at b.cairns@uniphi-software.com. Tell them what format you need. It will help if you say what assistive technology you use.