Opus 2 International

Opus 2 - Software & Services

Opus 2 provides cloud-based legal technology and services to connect people, case information and analysis. Our secure platform enables users to access a centralised set of documents, collaborate and prepare ahead of the hearing. The solution encompasses Realtime transcription and the electronic presentation of evidence which integrates with the documents.

Features

• Annotation and collaboration across case content, documents and transcripts.
• Hyperlink between key documents and referenced material in transcripts.
• Realtime transcription and audio synchronisation.
• Electronic Presentation of Evidence to display material in the hearing.
• Chronology & Characters tools to centralise case facts
• Remote access to all content including realtime transcripts.
• Search material for key words and phrases,
• Organise specific documents into custom bundles.
• User administered document and note level tagging.
• Export material with or without user work product.

Benefits

• Access documents and transcripts from anywhere in the world.
• Centralise case preparation and user annotations.
• Reduce duration of hearing with streamlined presentation of evidence.
• Easily update document bundle without manually changing multiple sets.
• Avoid unnecessary printing and distribution costs.
• Store case materials on one secure server.
• Two-factor authentication to securely access content.
• Reduce administration overheads by efficiently working electronically.
• Easily export documents if necessary.
• Realtime and final transcript fully hyperlinked with days evidence.

£2,500 to £13,500 a licence a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bdemea@opus2.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

272495371301243

Contact

Roopal Patel
+44 20 3790 7925
bdemea@opus2.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No
• System requirements: None, browser based software.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Target response time 30 mins to 1 hour (business hours); Target response time 4 hours (non-business hours)
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Dedicated Solution Operations Manager (supported by a wider team) to oversee and administer the software (documents, users etc.); ; Second line Product Support team to support and troubleshoot technical issues with software.; ; Dedicated Case Manager to organise and support all hearing room services.; ; Tecnical Services team to support with any technical issues during the hearing.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Online or onsite training provided as required. User guide provided to all users upon access to the platform. Ongoing phone and email support and further training where required by the users.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Offline PDF export to encrypted USB or secure file transfer site. Work product across the data set can also be extracted (by the user).
• End-of-contract process: Solution Operations Manager assigned to the case will provide post-instruction options to the Buyer; deletion, archiving, export and will provide an explanation, implications and costings for each option.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: All clients are placed on separate servers so there is no problem with increased demand by other users.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Individual users can export data directly from the platform from within a document or at folder level. If exporting a folder or multiple documents two options available; single PDF will combine all selected documents into a single PDF file or multiple PDFs will export each document as a separate PDF and also provide a web index. Documents can be exported with or without work product and pagination.
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats: PDF

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Opus 2 shall use all reasonable efforts to make the Opus 2 Software Available at least 99.9% of the time (excluding when Opus 2; Software is not Available as a result of one or more Uptime Exclusions) ; ; “Available” means the Opus 2 Software is available and operable for access and use by Customer and its End Users over the internet. ; ; Uptime Exclusions: No period of Opus 2 Software unavailability, degradation or downtime will be included in calculating the Opus 2 Software Uptime where this is not directly caused by Opus 2 including where this is casused by; customer’s use of the Opus 2 Software in a manner inconsistent with the Agreement, internet or other network outages arising from infrastructure not provided by/in Opus 2's control, scheduled downtime.; ; If Opus 2 fails to meet the Opus 2 Software Uptime the; Customer may request a service credit calculated as set; out below:; ; % Availability Service Credit; ; 99% or more No Service Credits due; Less than 99% 10%; Less than 95% 20%; Less than 90% 30%; Less than 85% 40%; Less than 75% 50%
• Approach to resilience: The service is designed to be able to be brought up in a secondary region in order to deal with downtime in the primary data-center region (we use AWS so we get their resilience on top of design considerations). Data is copied to the secondary region every ten minutes. Typical service availability for AWS is 99.999%.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Other user authentication: Email address, password and characters of a memorable word required when loggin in to the platform. Multi-factor authentication (using authenticator/OTP) can be enabled as an additional layer if required.
• Access restrictions in management interfaces and support channels: Access to management interfaces is undertaken via a central console only accessible from Opus 2 networks and requires MFA.; ; Support channels happen via bastion hosts with only key based authentication permitted.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Description of management access authentication: Email address, password and multi-factor authentication required to login.

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI Group
• ISO/IEC 27001 accreditation date: 03/03/2021
• What the ISO/IEC 27001 doesn’t cover: Edinburgh and Singapore offices (assessments completed and successful - waiting on new certificate to be issued)
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials Plus
• Information security policies and processes: Opus 2 International maintains an ISO27001 certified information security management system. All staff receive security awareness training upon onboarding and yearly refresher training. ; ; Our core information security team report into the COO and consists of security experts who work with the wider Opus 2 team, from Human Resources to Software Engineering and from Finance to Support, to deliver our solutions and services to you as securely as possible.; ; Internal audits across all departments are performed on a quarterly schedule.; ; Further information can be found here https://www.opus2.com/security

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: A strict change management process as defined, for example, by ITIL would inhibit our ability to support the evolving needs of our varied customer base. We do track changes through our ticketing system, ensure that risk is evaluated, rollback plans are considered, and approval is required. ; We use a set of technologies to manage infrastructure compliance as compared to a known good baseline configuration such that unauthorised changes are detected and rolled back as necessary.All changes are logged, reviewed, and approved before deployment.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Regular vulnerability scanning with direct communications to IT or Operations for patching as required.; ; We can usually deploy patches within 24 hours for critical vulnerabilities but risks are reviewed prior this this happening.; ; Threat Intelligence comes from various sources including continuous assurance by a leading cyber security organisation.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Agent based software reports to a central console for correlation and alerting. These events are aggregated with client security logging and continuously analysed for anomalies by SIEM software utilising machine learning and AI.; ; The Incident Response policy will be followed in the case of a potential compromise.; ; Incidents are alerted in near realtime and will be responded to in less than 60 minutes.
• Incident management type: Supplier-defined controls
• Incident management approach: We have pre-defined processes for all common security events.; ; Users can report via email, text or instant messaging, security events are also triaged from automated systems. These are initially reviewed by the dedicated team and fed into the incident response process where applicable.; ; Monthly reports are provided to senior management and kept on record.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Opus 2 prioritises environmental policies and we have won awards for our innovations in reducing the use of paper in litigation and arbitration, including the Business Green Leaders IT Award.; ; We are recognised as a leading force in championing a greener approach in dispute resolution. We are on the steering committees for both the Campaign for Greener Arbitrations and Greener Litigations. Information can be provided upon request if required.; ; We have also played a leading role in enabling remote attendance at legal hearings, most recently leading the wider adoption of fully virtual and hybrid hearings across litigation and arbitration matters globally. This dramatically reduces the need for our customers to travel to physically attend hearings with significant positive environmental impact.; ; Further information can be provided upon request if required.

  Covid-19 recovery

  We can look to provide additional information upon request if required.

  Tackling economic inequality

  We can look to provide additional information upon request if required.

  Equal opportunity

  We are committed to eliminating discrimination and encouraging diversity amongst our workforce. Our aim is that our workforce will be truly representative of all sections of society and each employee feels respected and able to give of their best.; ; We track the diversity and inclusivity if our employees through self-certification during onboarding. Around 1.4% of our staff have declared a disability and 26.7% self-identify as BAME.; ; In line with the recommendations of the Government Equalities Office report “Gender Pay Gap, Closing it Together”, we have adopted actions targeted at reducing the gender pay gap and improving equality. This includes:; Use of structured interviews for recruitment and promotions; Transparency in promotion, pay and reward processes; Workplace flexibility; Offering mentoring; ; These actions assist in tackling the gender pay gap, but also ensures that our decision making is objective, clear of bias and therefore eliminates the possibility of discrimination based on race, ethnic origin, colour, nationality, national origin, disability, sexual orientation, religion, or age. As a result, we have a diverse workforce, made up of employees from different ethnic groups, nationalities, age ranges, sexual orientation, religion, and levels of disability.; ; Further information can be provided upon request if required.

  Wellbeing

  We can look to provide additional information upon request if required.

Pricing

• Price: £2,500 to £13,500 a licence a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bdemea@opus2.com. Tell them what format you need. It will help if you say what assistive technology you use.