ENTERPRISE CONSULTING (UK) LTD

Synergy ECM

Synergy ECM platform securely manages and shares various content types, including reports, images, and documents, across formats like PDF and Microsoft Office. It enhances productivity by providing a central repository for immediate document access, streamlining operations, supporting decisions, and improving service. This solution revolutionises document management and automates business processes.

Features

• Content storage and Document Management
• Fully automated report capture and retrieval
• Automated document recognition including OCR and ICR
• API integration for all major platforms
• Automated file batching and processing
• Outlook, Office and 365 integration
• Data analysis and Reporting
• Compliance and retention monitoring and control
• Granular access control
• Workflow automation

Benefits

• Mobile and remote access to documents and processes
• Enhanced security to protect sensitive information through robust access controls
• Manages retention policies aiding regulatory and compliance adherence
• Automates processes, reducing manual work, speeding task completion.
• Enables simultaneous document access and editing for improved teamwork.
• Ensures continuity with effective data backup and recovery solutions.
• Easily accommodates growth in data volume and business demands.
• Quick access to data enhances informed decision-making capabilities.
• Reduces physical storage and manual processing costs significantly.

£31,683.74 a licence

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mark.skinner@ecukl.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

258311973838986

Contact

Mark Skinner
07798764341
mark.skinner@ecukl.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: The core system is compatible with windows server only.
• System requirements:
  • Windows server 2016 or greater
  • SQL server 2017 or greater
  • .NET 4.7.2 or greater

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We respond to custom SLAs by arrangement.; Typical SLAs are usually between 9am and 5pm.; Our response times categorised by priority starting from a ten minute response time.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: We provide email, phone, remote and onsite support as standard with the core product. ; A technical support manager will be provided as a key point of contact.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: A comprehensive on-boarding package can be arranged to meet individual requirements. Including but not limited to, onsite and online training, remote support sessions, service calls and thorough documentation.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Data will be provided free of charge in a format specified by the user.
• End-of-contract process: All customer data will be provided free of charge in an industry-standard format, explanations on how to access and digest this data will also be provided to ease the transition to new systems.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: We use fully responsive CSS to make the mobile experience as close to like for like with the desktop version. There are no functional differences.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Synergy provides a browser access portal (web client) allowing users to remotely access all of Synergy's features.; Synergy supports a JSON based REST API covering all key features.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Jack Henry has carried out the user testing on the Synergy Interfaces.
• API: Yes
• What users can and can't do using the API: There are no limitations to the features available through the API, calls can be made to access all features of the synergy system.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Profile customisation options.; Quick (saved) search availability.; Personal folders.; Quick access feature tiles.

Scaling

• Independence of resources: Synergy is a fully scalable system with usage reporting which can be set to alert appropriate parties in the event of high system utilisation. In such events, additional instances can be started to cope with periods of high activity

Analytics

• Service usage metrics: Yes
• Metrics types: We capture full audit data of all functions used including data on where the function was accessed from and by whom.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Jack Henry & Associates

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can select and export data from a hitlist generated from a search query.; Data can be extracted to CSV, text or Excel formats whilst content can be exported in its original format or to PDF where applicable.
• Data export formats:
  • CSV
  • Other
• Other data export formats: Text
• Data import formats:
  • CSV
  • Other
• Other data import formats: Text

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We guarantee at least 99.5% of scheduled available time per calendar month, with any supplied software being fully functional for the same 99.5%. This does not include any scheduled maintenance.; ; Service credits are available up to 25% of the fees due depending on a predetermined up-time scale.
• Approach to resilience: We use primary and tertiary back-ups on all application and storage servers with full availability in the event of a fail-over situation to maximise up-time. Further information is available on request.
• Outage reporting: We make use of a client-accessible dashboard which provides the current service status of all services.; Email alerts are generated and sent out to nominated parties in the event of predetermined failures. These outage reports can be customised to the client's needs.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: To restrict access, we use Role-Based Access Control (RBAC) based on the principle of least privilege. This means that users are granted access only to the resources and functionalities necessary for their roles. RBAC permissions are reviewed annually to ensure they align with current business needs and security requirements. Exceptional access requests require a detailed business case submitted to the IT Department which is then evaluated by the leadership team before approval. This stringent process ensures careful management and authorization of access to sensitive systems, minimising the risk of unauthorised access and security breaches.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: The ISMS Board is responsible for developing and overseeing information security; policies, managing risks, ensuring compliance with regulations, and planning incident response. They; allocate resources, monitor effectiveness, and promote training and awareness. Regular reporting; and communication with stakeholders ensure a cohesive approach to information security; management.; ; The Technical Director serves as the chair of the ISMS Board and holds ultimate; responsibility for its oversight. They play a critical role in ensuring the ISMS Board, Information; Security Policies and Procedures, and the ISMS as a whole adhere to relevant regulations, laws, and; industry standards. Additionally, they are tasked with conducting an annual review of ISMS; performance throughout the organisation and disseminating findings to the entire business.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Jack Henry offers a comprehensive roadmap of upcoming changes, incorporating all requested adjustments. Detailed change notes accompany updates and patches. Changes within Enterprise Consulting's purview undergo rigorous management through our internal Change Control process. These changes are scrutinised by our Change Control Board (CCB) and executed and documented by dedicated Change implementers throughout the project lifecycle. Upon request, a thorough chronicle of alterations to Enterprise Consulting solutions is readily available.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Jack Henry & Associates carry out frequent analysis of the latest available vulnerabilities, as well as a periodic static code evaluation on the whole Synergy ECM suite. ; ; We conduct a monthly review of the latest vulnerabilities from diverse online databases. These inputs feed into our in-house scanning, producing a report on relevant vulnerabilities. Upon identification, we prioritise patching based on severity and impact: Critical issues are addressed within 24 hours, High within 72 hours, Medium within 1 month, and Low during routine patching cycles.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We use a number of monitoring tools, both internal and 3rd Party provided, to continuously monitor the status of all devices and services within our network. The tools provide us with alerts when a potential compromise has been detected. ; We treat all potential compromises as the highest priority (Critical) until they are resolved or our investigation finds them to be otherwise. ; As Critical issues the first response will be within 30 minutes, Upon completion of the initial investigation, we then work to resolve the issue based on severity and impact, taking any steps necessary to insure a secure environment.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incidents can be reported to us via phone, email or via our incident response site. The IT department or relevant incident response team will assess and classify incidents based on severity and potential impact. Incidents may be categorised as low, medium, high or critical severity, with corresponding response levels. Whilst investigating we communicate with affected parties in a transparent, timely, and consistent manner.; All incident response activities, findings, and actions taken will be documented for post-incident analysis and reporting. Reporting on individual incidents will be available in real-time, a high level report of all incidents can be provided upon request.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We are committed as a company to promote and work in an environmentally friendly and sustainable manner. Our office strives to use sustainable sources and methods where possible, such as implementing recycling and reuse policies. ; We are committed to offsetting 60 tonnes of CO2 through tree planting every year in partnership with 'Make it Wild'. This pledge will be subject to annual evaluation and adjustments. ; ; Supporting the move towards paperless office working via the provision of the Synergy ECM system, which also promotes working from home, reducing the need for all staff to travel to work. ; We ourselves support remote and flexible working, allowing staff to work from home regularly and promote car sharing when travelling on site is necessary, or the utilisation of public transport to customer sites where possible.

  Covid-19 recovery

  Enterprise Consulting UK Ltd prioritises people's safety and the safety of its employees within the workplace. We aim to be transparent with our policies and update our internal guidelines to support COVID-19 recovery within the business. Updating staff on any changes in the working environment and practices that may be necessary to uphold these values. Some of the policies we have implemented include:; Work-from-home policy - supporting remote and flexible working. ; In office working, adequate space is provided for a comfortable and safe working environment adhering to any current government advice. ; Mindful employer - We are part of and adhere to the mindful employer guidelines, supporting our staff and focusing on their well-being and mental health. ; Building resilience within the company to support clients, employees and the company should similar occurrences happen.; The Synergy ECM system supports other companies in COVID-19 recovery by allowing them to implement remote working where possible.; Supporting the local community through continued employment of new staff where needed during and after the Covid-19 crisis.

  Tackling economic inequality

  Enterprise Consulting UK Ltd is committed to equal opportunities for all internal and external applicants for employment. It is our policy that all employment decisions are based on merit and the legitimate business needs of the organisation. We do not discriminate on the basis of race, colour or nationality, ethnic or national origins, sex, gender reassignment, sexual orientation, marital or civil partner status, pregnancy or maternity, disability, religion or belief,; age or any other ground on which it is or becomes unlawful to discriminate under by law.; We support continuous staff development and training within our company, allowing for growth in areas that both the company and our employees see fit. ; We always strive to improve the service we provide, through software updates, innovations in technology and delivering a high-quality product for the best available price. The synergy ECM software is completely scalable to meet future changes in demand.

  Equal opportunity

  Enterprise Consulting UK Ltd is committed to encouraging equality, diversity and inclusion among our workforce, and eliminating unlawful discrimination.; The aim is for our workforce to be truly representative of all sections of society and our customers, and for each employee to feel respected and able to give their best.; Copies of our policies on Equality, Diversity and Inclusion and a Modern Slavery Statement can be provided. These are regularly reviewed and updated as necessary. ; We take seriously complaints of bullying, harassment, victimisation and unlawful discrimination by fellow employees, customers, suppliers, visitors, the public and any others in the course of the organisation’s work activities. Such acts will be dealt with as misconduct under the organisation’s grievance and/or disciplinary procedures, and appropriate action will be taken.; We support equal opportunities for staff development and training within the company, allowing individuals at all levels to progress in their careers.

  Wellbeing

  We are committed to supporting the mental health and well-being of our staff as they form the foundation of our company. We believe in optimising the workplace for success while fostering a positive and supportive environment for our team. To further support this ethos we have signed up for the Mindful Employer pledge. ; Mindful employer - We are part of and adhere to the mindful employer guidelines, supporting our staff and focusing on their well-being and mental health. Being part of this pledge allows us access to resources to help our staff with a range of workplace and home-related matters should they require advice or assistance.; ; To allow employees to step away from their usual tasks, we make use of team-building activities and staff excursions.

Pricing

• Price: £31,683.74 a licence
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We can provide a fully featured 30 day trial of the system.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mark.skinner@ecukl.com. Tell them what format you need. It will help if you say what assistive technology you use.