Delta 4 Services Limited

Digistaff Intelligent Automation UCDS Processing

Our Digistaff virtual officers will validate, and automatically process your ATLAS and LCTR files from DWP. We can process on all of the leading Revs & Bens Software, Northgate, Capita & Civica.

Features

• Fully Managed Service
• Digital Process Automation for HB & CTRS
• Processes HB Stops and CTRS Changes
• Creates & Sends the MGP1 Return
• Creates New Claims Where Required for CTRS
• Attended Access to Searchlight for Additional Details Requirements
• Usable With Existing UCDS Automation or as Standalone
• Works with Northgate, Capita and Civica
• No Costly APIs
• Same Day Updates Using Your Business Rules

Benefits

• Higher Completion and Accuracy rates
• Industry Leading Productivity 24/7
• Increased Efficiency and Accuracy
• Application, System and Process Agnostic
• Reduced Operating Costs
• Same Day Processing/Reduction in LA Error
• Releases Staff to Undertake Higher Value Tasks
• Quick Deployment
• Instantly Scalable Resource
• Capture Structured and Unstructured Data

£9,000 to £150,000 a unit

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andy.heys@digistaff.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

255730168421556

Contact

Andy Heys
07824305347
andy.heys@digistaff.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: DigiStaff Managed Service for Local Government
• Cloud deployment model: Private cloud
• Service constraints: No
• System requirements: None - Infrastructure, Application & System Agnostic

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: All initial questions are responded to within 24 hours as a maximum Monday to Friday. Questions raised on the weekend will be responded to on the next working day.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Standard help-desk hours are Mon-Fri 9 - 5 excluding UK Public Holidays.; ; There are three defined sub-sets of fault:- “Category 1” - a fault which makes the Software unusable. Target response time two hours; target resolution 24 hours “Category 2” - a Fault which has a material effect upon the functionality, accuracy or performance of any function of the Software upon which Customer relies. Target response time of four hours; target resolution 48 hours. “Category 3” - a minor or cosmetic Fault. Target response time four hours; target resolution seven days.; ; Support is include in the cost.; ; We do not provide a technical account manager or cloud support engineer.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: A combination of onsite / online training and workshops and user documentation following industry best practice.
• Service documentation: No
• End-of-contract data extraction: No process data is stored within our infrastructure. As part of any contract agreement there will be a controlled return or deletion of customer data.
• End-of-contract process: Within the price of the contract will be a provision of automated processes that remain the intellectual property of Delta 4 Services. Off-boarding of clients is included in the price of the contract.; ; D4S follows as a minimum, the UK’s current standard for Data wiping as set out by HMG CESG IS5 Baseline and Enhanced. This standard dictates that hard drives must be overwritten a minimum of three times.; PROCESS:; The process that is followed by D4S engineers is as follows:; a. Hard drives are removed from service at the end of a contract, when upgrades are performed or when a hard drive is replaced due to a fault.; b. Drives are places into a logged queue marking them for data wiping.; c. Drives are stored for 30 days before being processed further.; d. Once 30 days has passed, an engineer puts the drive through the erasing process; e. If the wiping process succeeds then the drive is either disposed of or marked for re-use where in accordance with D4S policies.; f. If the wiping process fails, the process is restarted from point d.

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: All business and operational processes can be customised to meet your local rules and CTR schemes

Scaling

• Independence of resources: Each client has an independent environment and our service is built on a consumption model. The more we use the more we expand our infrastructure and service so there is no detrimental effect on any clients.

Analytics

• Service usage metrics: Yes
• Metrics types: Workforce utilisation, process performance and completion rates.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Via downloadable XML
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats: XML
• Data import formats:
  • CSV
  • ODF
  • Other

Data-in-transit protection

• Data protection between buyer and supplier networks: IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Network availability - 100% Infrastructure availability - 99.99% Availability is based on the total number of operating hours of a given calendar month and excludes planned and emergency maintenance.
• Approach to resilience: D4S uses UKFast as hosting provider, their resilience standard is:; ; UKFast owns and operates a 5.52MW tier 3 1,000 rack data centre estate. This contains multiple physically separate buildings, connected by dedicated fibre. High voltage power connections are provided from four separate primary sub-stations. All mission-critical services including Standby Generation, Cooling systems and UPS (uninterruptible power system) are provided at N+1 or greater across the whole facility. The complex has a power density of over 6KW per square foot, providing diverse A & B power to each data rack, and all eCloud service platforms are supported from quadruple power feeds. The data centre complex is supported by 9MW of standby generation with over 100,000 litres of fuel storage and eight hour fuel supply SLA. All critical services are supported by 4.6MW of UPS power and 4.9MW of data centre cooling. The public sector hosting suite has fully resilient networking, switches, carrier-redundant leased lines, power and backup generators, all separated from the rest of the UKFast network and data centre complex.
• Outage reporting: Initially email alerts, we are looking to expand this to provide a private dashboard in the near future.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Role Based Access and Privileged Identity Management.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Approachable
• ISO/IEC 27001 accreditation date: 12/05/2021
• What the ISO/IEC 27001 doesn’t cover: Covers all elements of the service provision
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: In line with ISO27001 accreditation and governance procedures

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Change management system operational which documents all changes, responsible parties, time of change and senior-level sign off. All changes pass through a Change Advisory Board (CAB).; ; Changes to processes are tracked through audit logs in the Blue Prism software.; ; Change requests are evaluated for potential security risks. Once approved, they are implemented through a controlled approach using the various control mechanisms in Blue Prism.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Vulnerability scan run once per Quarter and critical vulnerabilities patched within 30 days.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Internally designed and developed threat monitoring system is run on all infrastructure.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: ISO27001-complaint processes and systems for incident response are operational.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Public Services Network (PSN)

Social Value

• Fighting climate change:

  Fighting climate change

  DigiStaff have made a commitment to be a virtual company. We therefore hold no physical premises, reducing our carbon footprint and energy consumption. ; ; We aim to undertake meetings virtually to reduce travelling but where this is not possible we will seek to, in all instances, use public transport for travelling, where it is available.

Pricing

• Price: £9,000 to £150,000 a unit
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Free Proof of Value based on a limited number of transactions to be agreed on an individual basis.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andy.heys@digistaff.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.