Intelligent print management solution
Highly-functional, centralised cloud-based, white-label online platform that is compliant and secure, allowing users to order from a “catalogue” of pre-prepared materials or create new content for local or off-site printing, digital downloads, fully supported by a dedicated, experienced print team with an approved framework of manufacturers, inhouse logistics and fulfilment.
Features
- Complete control of printed material configurable for off on-site printing
- Dedicated team of print, fulfillment and logistics professionals
- Secure SSO access, Integration with platforms SAP, Ariba, Coupa
- Intelligent, client-branded hub ensuring compliance
- Cloud-based service accessible from anywhere, anytime via standard browsers
- Centre store of pre-printed materials for order and delivery.
- Reporting on orders and cost by users and cost centres
- Incorporates digital products, download from repository or create and download
- Extends to all marketing collateral, branded merchandise, POS, events materials.
- Complete audit trail of all system transactions
Benefits
- Visibility and control of spend
- Scalable facilities and services
- Access to approved framework directed by a dedicated account team
- Competitive pricing structure
- Real time control/alteration of branding
- Less time spent searching and ordering materials for increased productivity
- Substantially reduces cost in administering and reconciling spend to cost-centres
- Provides single view audit trail for all spend
- Increased adherence to policies and regulations
- Easy control of authorized users
Pricing
£0.02 a unit
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
2 7 0 2 5 4 3 5 4 2 2 3 0 2 7
Contact
SPS UK&I LIMITED
Bid Team
Telephone: 07748114237
Email: bid.team@spsglobal.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
- No constraints previously highlighted by customer
- System requirements
- Users have anti-virus Software installed on their devices
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- A Help Desk can be included as part of our standard service. The normal Help Desk operating hours 8am-6pm, Monday to Friday excluding public holidays but clients have the ability to submit an online query/ticket between 7am and 8am. Anything received between 7am and 8am will be picked up by the Help Desk staff at 8am. Should this not be sufficient, a 24/7 support option is available at extra charge- please see fees for details. Support engineers are on hand to assist users with a range of queries and tickets are raised for all queries which are monitored to resolution.
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- None or don’t know
- How the web chat support is accessible
- Accessible directly through portal through clicking on online ticketing support option.
- Web chat accessibility testing
- Assistive technology testing has been performed.
- Onsite support
- Yes, at extra cost
- Support levels
- A Help Desk can be included as part of our standard service. The normal Help Desk operating hours 8am to 6pm, Monday to Friday excluding public holidays but clients have the ability to submit an online query/ticket between 7am and 8am. Anything received between 7am and 8am will be picked up by the Help Desk staff at 8am. Should this not be sufficient, a 24/7 support option is available at extra charge- please see fees for details. Support engineers are on hand to assist users with a range of queries and tickets are raised for all queries which are monitored to resolution.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- All chosen Users of the service will be provided with their own login/Service Access credentials. SPS adopts the train-the-trainer approach to product training. User guides will also be provided.
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- A specific Data extraction plan will be planned and agreed with the customer. Depending on the agreed data extraction plan, will depend on the method of data extraction. All data extraction methods are secure and in line with ISO27001 procedures.
- End-of-contract process
- Exit fees will be discussed and agreed with the client on each contractual basis before contract signature. Depending on the client’s requirements regarding contract exit and termination, we will agree what happens at the end of the contract.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Chrome
- Application to install
- No
- Designed for use on mobile devices
- No
- Service interface
- No
- User support accessibility
- None or don’t know
- API
- No
- Customisation available
- Yes
- Description of customisation
- All customisations will be explored and agreed with the buyer prior to contract. Client themselves are unable to make ad-hoc customisation to the solutions.
Scaling
- Independence of resources
- SPS has invested heavily into all its services to ensure the system capacities are built and designed to manage and operate whilst large volumes of users are accessing and using the system.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
We provide full Management Information reporting. We record detailed information to provide comprehensive qualitative and quantitative MI reporting. Reports are typically periodic and are emailed directly to authorised requesting users.
Reporting types:
-Real-time dashboards
-Regular reports - Reporting types
-
- Real-time dashboards
- Regular reports
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
-
- Encryption of all physical media
- Other
- Other data at rest protection approach
- Customer authored Data is encrypted at rest for all cloud services. When hard disks are taken out of service they are demagnetised and destroyed on site. Our sites are accredited annually to ISO27001.
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- Data can be exported by clients to us in various ways including SFTP or physical media
- Data export formats
-
- CSV
- Other
- Other data export formats
-
- SFTP
- Physical media
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- XML
Data-in-transit protection
- Data protection between buyer and supplier networks
- Other
- Other protection between networks
- This will depend on the agreed transfer method. It can be encrypted or secured in another fashion which will be agreed with the client
- Data protection within supplier network
- Other
- Other protection within supplier network
- Supplier-Defined process audited and certified to ITHC standard.
Availability and resilience
- Guaranteed availability
- We meet target service levels set at between 99.6% and 100%. We can provide details of SLA and service level credits are agreed with clients on a case by case basis.
- Approach to resilience
- Available on request
- Outage reporting
- Email alerts from the Support Team.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- Username or password
- Other
- Other user authentication
- Username and password as well as authorisation levels are assigned to all users of the system. Allowing users with higher level of authority to access management interfaces and support channels
- Access restrictions in management interfaces and support channels
- Username and password as well as authorisation levels are assigned to all users of the system. Allowing users with higher level of authority to access management interfaces and support channels
- Access restriction testing frequency
- At least once a year
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users receive audit information on a regular basis
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users receive audit information on a regular basis
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- QMS
- ISO/IEC 27001 accreditation date
- 29/08/2019
- What the ISO/IEC 27001 doesn’t cover
- Information Security relating to hardware, Software, LAN and WAN management, documentation including paper based and digital Customer communications for client facing information, client owned and supplied information and internal processing facilities relating to the provision of central mail rooms including customer locations, document processing centres and head office activities.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- Security Standards Council
- PCI DSS accreditation date
- 14/12/21
- What the PCI DSS doesn’t cover
- The PCI DSS certification covers our inbound document processing operations such as document scanning, data capture, confidential document processing. All other outbound printing digital communication solutions are not PCI DSS certified.
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
SPS policies and processes are in line with ISO 27001 accreditation. SPS security policies include;
- Information Security Policy
- Data Protection Policy
- Encryption policy
- Password Policy
- Physical Security policy
- Incident Management and improvement process
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- SPS’ approach to Solution configuration and Risk management is built on recognised principles of change management and is again closely aligned with the principles of PRINCE2. SPS’ risk assessment and change management process ensures that there are regular reviews of any potential risks during the development pipeline of the solution and at the very least a one-time review of risks associated with any changes made to the solution throughout its lifetime. From this review, necessary preventive and / or contingency actions will be identified and passed to detailed work planning, including an update of the solution pipeline.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- The compliance team within SPS are responsible for the internal auditing of all processes and procedures. This includes undertaking with our information security manager information security risk assessments and risk treatment plans, looking at all critical assets and processes, alongside a Business Impact Assessment and BC Risk Assessment a Business, looking at critical business systems and processes. This is all then followed up by internal and external audits covering all parts of the certificated standards to ensure that SPS is working to their own internal processes and controls and we are able to maintain 9001, 14001, 27001 certifications.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- The respective asset owners are responsible for arranging for the controls to be implemented effectively; this would typically include defining the controls in policies and/or procedures, so that they can become part of everyday business practice. Asset owners are responsible also for the management of any risks which are not specifically addressed in the Risk Assessment. The SPS Risk Assessment and Risk Treatment plan document is structured by using the Asset List to identify the threats to each asset. Each threat and consequent risk is quantified. We further analyse this information for all significant risks and their respective controls.
- Incident management type
- Supplier-defined controls
- Incident management approach
-
SPS' procedure provides guidance on the handling of security incidents, breaches or suspected incidents and breaches. This policy applies to all SPS systems and sites and to all SPS staff, temps, contractors and third parties working on behalf of SPS. Once the incident has been identified and contained, efforts can then be focused on finding an appropriate solution. The fundamental features of any solution should be investigation, action and follow-up/record-keeping; the order in which they are implemented depends upon the nature of the incident.
The Services Director, assisted by the Compliance manager, will initiate the appropriate investigation.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
Through SPS’ Engage framework we have looked to drive improvements to sustainable working in recent years – factoring environmental considerations into business decisions. In 2019, we consolidated two of our largest SPS locations together into one combined operations centre, significantly cutting down on waste, emissions and power usage. This redevelopment culminated in a £2 million investment into our newly formed Digital Transformation Centre (DTC), with a focus on sustainability and security. Motivated by reducing our reliance on traditional energy sources, we installed a solar panel array on the roof of the new facility.
Since their installation in August 2019, our DTC has generated 71,600kwh of renewable electricity to date, equating to a 59.2 tonne reduction in greenhouse gas emissions. 100% of this power is delivered to the DTC, meaning the site is maintained by 100% renewable energy, with an additional power surplus. SPS is also actively returning any excess power produced to the National Grid.
The ‘reduce, re-use, recycle’ principle is also actively promoted at our DTC. Whilst all legal requirements surrounding waste are adhered to, including the Green Government Commitment, preventing the production of waste in the first place is paramount. Our unique on-site shredding capability works alongside with our waste contractor ensuring a 100% paper recycling rate. At present 80% of all waste from our DTC is recycled. All SPS sites maintain waste transfer records, meaning we can analyse our figures and identify areas for improvement.
Pricing
- Price
- £0.02 a unit
- Discount for educational organisations
- No
- Free trial available
- No