Website Development
We cover all aspects of website development including strategy, user experience design, user testing, cross browser development and application testing comprising all aspects of the development lifecycle.
Features
- Requirements gathering and business analysis
- User Experience and User Interface Design
- User Testing
- Website Development
- Testing
- Deployment
- Continuous Improvement
- Security Testing
Benefits
- Assessment and understanding of user needs
- Design and prototyping of websites
- Development of websites
Pricing
£562.50 a unit a day
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
2 7 9 3 1 9 9 6 1 1 9 0 2 0 0
Contact
Flipside Group
Philbert Hakim
Telephone: 07826038079
Email: phil.hakim@flipsidegroup.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Community cloud
- Hybrid cloud
- Service constraints
- N/A
- System requirements
- N/A
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Non-scheduled support is between 9.00am and 5.30pm Monday to Friday, excluding public holidays.
Out of hours is deemed as urgent work requested between the hours of:
5.30pm to 9.00am Monday to Sunday
9.00am to 5.30pm Saturday and Sunday.
Flipside will respond within 30 mins to an hour latest to acknowledge request and confirm a planned course of action within 4 hours of the request being raised - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AAA
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- WCAG 2.1 AAA
- Web chat accessibility testing
- We utilise off the shelf solutions for delivering support to our users predominantly Slack or Teams, both of which have native accessibility features as standard.
- Onsite support
- Onsite support
- Support levels
-
Support and Maintenance services are provided during Working Hours, in agreed Special Hours and Out of Hours.
Scheduled support is between 9.00am and 5.30pm Monday to Friday, excluding public holidays.
This is to provide the ability for The Customer to draw upon development support for time critical work that emerges in the month but cannot be pre-planned for.
For example if there is an urgent issue on the live app that the Customer requires immediate support to diagnose and rectify.
Non-scheduled support is between 9.00am and 5.30pm Monday to Friday, excluding public holidays.
This refers to hours agreed in advance between Flipside and the Customer to cover any one-off events as and when required. Such hours to be agreed in writing 10 days before such cover is required.
Standard and special support is charged at our standard rates.
Out-of-hours support is charged at 2 times our standard rate card.
Out-of-hours work is required to be invoiced separate of the retainer contract to ensure no interruption to the planned retainer work.
Flipside will assign a Technical Project Manager to manage and triage any support requests - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
As a pre-existing government supplier, we are already familiar with the GDS service standard which we apply to our overall delivery process limiting the need for organisation onboarding. At a project level, we work with the customer to understand their vision, objectives and the challenges to the achievement of both. It is here that we understand the needs of your customers, map your stakeholders and onboard to your ways of working and processes at a project team level:
Training and collaboration
Virtual Meeting
Team onboarding
Analysis of your existing customer research
Development team design (hybrid vs fully managed)
Requirements development
Gap analysis of requirements to the existing solution
Technical Specification Development
Security Requirements
Program KPI Definition - Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- All data produced during the course of the project remains the sole property of the customer. If required, this will be extracted and delivered in whatever format is required
- End-of-contract process
- The full development, deployment and delivery of the project is included in the budget estimate including everything required to transfer the project to an in-house or another development partner. If required, any documentation or handover processes required can be assessed on per project basis.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- N/A
- Service interface
- No
- User support accessibility
- WCAG 2.1 AAA
- API
- Yes
- What users can and can't do using the API
- Any API development would either be integration with pre-existing APIs provided by the customer or through the development of an API specific to the application we are developing
- API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- The websites would be developed bespoke and therefore in line with the buyers specification. Customisations would be possible as part of continuous improvement
Scaling
- Independence of resources
- One key learning from our experience of working with within government to date, is the importance of continuity in project approach and team structure. To facilitate this we have created a team structure that ensures oversight and guidance from a senior team supported by individual strategists, project managers and development dedicated to each project for the entire duration of the delivery. Resources are not re-allocated until the project is completed and deployed
Analytics
- Service usage metrics
- Yes
- Metrics types
- We provide off the shelf or bespoke analytics depending on the project need typically involving Google Analytics/Firebase, Power BI or Tableau
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Encryption of all physical media
- Scale, obfuscating techniques, or data storage sharding
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- This will be project dependent based on the specific project, the type of data stored and the requirements of the buyer
- Data export formats
-
- CSV
- ODF
- Data import formats
-
- CSV
- ODF
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- Availability is determined on a per project basis depending on the type of service being delivered. SLAs are created on a per project basis
- Approach to resilience
- Available on request
- Outage reporting
- Typically email alerts
Identity and authentication
- User authentication needed
- No
- Access restrictions in management interfaces and support channels
- Provide, for users and processes acting on behalf of users, only that access necessary to accomplish assigned tasks in accordance with organizational missions and business functions. Refer to SP&P 660 Access Control Policy. Further information available on request
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Username or password
Audit information for users
- Access to user activity audit information
- You control when users can access audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- You control when users can access audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- We have policies in place which can be shared on request namely: STANDARD POLICY & PROCEDURE SP&P 690 Software Security Policy
- Information security policies and processes
- We have policies in place which can be shared on request namely: STANDARD POLICY & PROCEDURE SP&P 690 Software Security Policy
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Flipside have a comprehensive Software Security Initiative (SSI) in place. An SSI enhances our ability to consistently deliver highly functional, secure, and stable applications that exceed clients’ expectations. Full documentation of our development processes is available upon request
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Flipside have a comprehensive Software Security Initiative (SSI) in place. An SSI enhances our ability to consistently deliver highly functional, secure, and stable applications that exceed clients’ expectations. Full documentation of our development processes is available upon request
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Flipside have a comprehensive Software Security Initiative (SSI) in place. An SSI enhances our ability to consistently deliver highly functional, secure, and stable applications that exceed clients’ expectations. Full documentation of our development processes is available upon request
- Incident management type
- Supplier-defined controls
- Incident management approach
- Flipside have a comprehensive Software Security Initiative (SSI) in place. An SSI enhances our ability to consistently deliver highly functional, secure, and stable applications that exceed clients’ expectations. Full documentation of our development processes is available upon request
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
As part of the Interpublic Group, we approach sustainability as an opportunity for growth, as efficiently managed resource and energy use drives employee innovation, stakeholder engagement, and relevance in an increasingly connected world. Our sustainability policy was launched in 2010, and encourages employees to reduce impacts through four key behaviours:
Using energy more efficiently
Instituting recycling programs
Managing travel efficiently
Employing green building practices in real estate holdings
In 2020, IPG began expanded measurement of our emissions and other environmental impacts using GHG Protocol Corporate Standards at all of its buildings around the world.
Our climate action plan includes:
Committed to set an emissions reduction target in line with limiting global temperature rise to 1.5 degrees Celsius through the Science Based Targets initiative (SBTi)
Became a signatory to the Business Ambition for 1.5°C and a member of the United Nations-backed Race to Zero campaign.
Committed to sourcing 100% renewable electricity by 2030 for its entire portfolio.
Joined The Climate Pledge, co-founded by Amazon and Global Optimism.
Published SASB report, becoming the first company globally to publish in alignment with SASB’s Advertising & Marketing Sustainability Accounting Standard.
Plans to join additional initiatives that encourage businesses like ours to reduce emissions across our global organisation and our supply chain. - Equal opportunity
-
Equal opportunity
Flipside, built on talented individuals and a culture of performance and high quality work, aims to capitalise on unique talents whilst drawing on all experiences, skills and knowledge. We aim to attract, recruit, develop and promote individuals by seeking talent from the widest possible pool. We believe this brings creativity, insight, innovation and makes us an organisation that is representative of, and responsive to our customer and client needs. Our culture is one that promotes important values such as respect, integrity, community, innovation, creativity and collaboration and we feel that everyone has the opportunity to realise their potential.
It is our aim to ensure that all employees or job applicants are treated fairly and consistently, and do not receive less favourable treatment on grounds of sex, sexual orientation, marital status, disability, race, colour, nationality, ethnic origin, religion, dependents or age. Nor will they be or placed at any kind of disadvantage by imposed conditions or requirements which cannot be justified. As a company driven by understanding consumer insight we recognise the importance of our workforce being representative of a wide array of cultures and abilities. For us Diversity is about valuing everyone as an individual whether an employee, client, customer or those from the wider community in which we operate. We believe that there is no single way of treating people because everyone is different. We work hard to accommodate differing needs to ensure we harness talents, promote an innovative culture and ensure that the Company continually performs to the best of its ability. We will constantly strive to create a productive environment, representative of and responsive to different cultures and groups, where everyone has an equal chance to succeed. - Wellbeing
-
Wellbeing
We have a specific Mental Health and Stress Policy with the aim to ensure the physical and mental health of all employees. The main aim is:
• To promote a healthy, safe and friendly working environment and control and
reduce risks to mental health;
• To help provide and maintain a supportive and non-judgmental working
environment;
• To provide effective support to all employees in managing stress and other mental
health problems, and to encourage better recognition of mental health issues; and
• To recognise that the prevention of stress is easier than dealing with it once it has
arisen.
For details on the specific interventions, we can share our specific Mental Health and Stress Policy
Pricing
- Price
- £562.50 a unit a day
- Discount for educational organisations
- No
- Free trial available
- No