School Business Services

SBS Financial Planner

SBS Financial Planner is a cloud hosted budgeting and financial planning & forecasting software, by School Business Services, developed for MATs, SATs, maintained schools and local authorities.

Our budgeting and financial planning software is used by 250+ MATs, 2,000+ schools across 145+ local authorities.

Features

• Financial planning
• Scenario modelling
• HR, Finance & MIS integration
• Real-time, bespoke reporting
• MAT level consolidated reporting
• Payroll reconciliation
• Financial forecasting
• Bespoke remote access profiles
• ICFP

Benefits

• True integration delivers time savings and improves accuracy
• Access on the go via any device
• Drive accountability to increase staff performance
• Provides agile budget decision making
• Deliver consistent reporting to stakeholders
• Business continuity via first class support provision
• Accommodates all operating models

£240 to £1,500 a unit a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@schoolbusinessservices.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

252067287574006

Contact

Niall Balmer
0345 222 1551
sales@schoolbusinessservices.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: N/a
• System requirements: Access to internet via any web browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Service desk is active Monday to Friday 8 - 5. Responses are immediate, with a commitment to respond within a timeframe no longer than 30 minutes.; Outside of these hours tickets are logged and responded to when the service desk reopens.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: First line service desk support is Free of charge.; Training may be billable, this starts from £120 per hour.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We take care of full implementation, migrating information from the existing solution to ours.; We provide training on the customers own data.; Training can be delivered onsite or offsite, depending on the preference of the customer.; We have a dedicated module (SBS Assist) which includes video and user guides to supplement the training.
• Service documentation: No
• End-of-contract data extraction: All data can be extracted to excel or PDF by the user.
• End-of-contract process: Standard recurring cost is the software subscription which includes service desk support.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Consistent across any device, some sizings may differ
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Cloud hosted financial planning software with various pages, taking the user through the process of building, reporting and monitoring budgets.
• Accessibility standards: None or don’t know
• Description of accessibility: Accessed via any web browser with the option to activate MFA.
• Accessibility testing: Each release is thoroughly tested at UAT and regression. Testing is conducted over all browsers to ensure compatibility and minimal impact to existing and future customers.
• API: Yes
• What users can and can't do using the API: Integrate with MIS, Accounting, HR and Payroll solutions
• API documentation: No
• API sandbox or test environment: Yes
• Customisation available: No

Scaling

• Independence of resources: We have a dedicated Dev Ops engineer who maintains and monitors a series of performance dashboards to ensure any hikes in volume are catered for by increasing server space before they become an issue.

Analytics

• Service usage metrics: Yes
• Metrics types: We have a dedicated audit module available to the customer who can see every move any user has made within their software.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Via excel from within the software
• Data export formats:
  • CSV
  • Other
• Other data export formats: Excel
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: 99.9% uptime; No refund agreement
• Approach to resilience: Available upon request
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: There is a central administration module managed by either our support desk or a dedicated person within the customer account. ; ; This module controls exactly what each user can see and edit within the software
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: Renewed 23/02/2022
• What the ISO/IEC 27001 doesn’t cover: N/a
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: No
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO27001

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All development is thoroughly tested prior to release.; This is following careful specification.; Testing is conducted in a dedicated sandbox area, across multiple browsers.; New and existing functionality is tested - UST and regression.; All releases are tested to safeguard against performance degradation.; All releases are performed out of operating hours to minimise impact to customers.; All releases are communicated days in advance to customer base.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our dedicated Dev Ops engineer' key responsibility is to continually safeguard against threats. The process involves continual monitoring and development of monitoring and safeguard controls. ; Information regarding threats can come via multiple channels such as our ICT support, market analysis and our own monitoring dashboards.; Patches can be deployed same day if threat is deemed significant enough.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Potential compromises are identified via our Dev Ops engineer monitoring of the network. This will more often than not ensure that we are able to deal with a potential compromise before it becomes a reality. As we have a dedicated Dev Ops engineer, this is given highest priority and dealt with immediately.
• Incident management type: Supplier-defined controls
• Incident management approach: Incident management in terms of infrastructure is addressed on a case by case basis, however, root cause analysis will always be conducted to ensure we prevent reoccurrence. ; If the threat causes operational impact we will report in our CAPA as part of our ISO27001 documented controls process.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity

  Fighting climate change

  As part of our Environmental, Social and Governance (ESG) strategy, our group report on: ; ; our journey to net-zero carbon emissions; how we are measuring the impact of our services; our supportive and inclusive culture for staff and educators; how we govern ourselves effectively as a group; ; A full download document can be provided on request.

  Equal opportunity

  As part of our Environmental, Social and Governance (ESG) strategy, our group report on: ; ; our journey to net-zero carbon emissions; how we are measuring the impact of our services; our supportive and inclusive culture for staff and educators; how we govern ourselves effectively as a group; ; A full download document can be provided on request.

Pricing

• Price: £240 to £1,500 a unit a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@schoolbusinessservices.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.