ANS Group

Microsoft Copilot Navigator and Ecosystem Enablement

The Copilot Navigator and Ecosystem Enablement is a comprehensive service designed to guide you through the exploration of Copilot for Microsoft 365. This service includes a series of collaborative workshops and enablement of your Copilot Ecosystem.

Features

• Review of existing data governance and security.
• Evaluation of operational and security readiness.
• Detailed maturity assessment using our proprietary model.
• Deep technical assessment of guardrails by evaluating areas of Purview.
• Copilot Ecosystem Enablement across guardrails and adoption

Benefits

• Establish an agreed Copilot strategy for your 6-12 month plan.
• Enhanced visibility and initial governance actions.
• Ensure proper adoption of Copilot accross the business.
• Understand operational readiness and highlight areas requiring improvement.
• Provide a detailed maturity assessment covering different areas of adoption.
• Outline platform vulnerabilities with action points.
• Delivery of guardrails within Purview

£0.01 a unit

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@ansgroup.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

281712595522427

Contact

Steve Carroll
+44 (0) 1612271000
tenders@ansgroup.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Microsoft Power Platform.; Microsoft Azure
• Cloud deployment model: Public cloud
• Service constraints: Microsoft regularly performs updates and maintenance on the Power Platform which serve several purposes:; 1. Security enhancements; 2. Performance optimisation; 3. Feature Updates
• System requirements: Most up-to-date web browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Customers will be able to take advantage of industry leading certified engineers and experts on the end of the phone 24x7x365.The service desk is backed by ITIL aligned process and provides comprehensive Response SLAs from P1 to P5:; ; P1 - 30 Mins ; P2 - 1 Hour ; P3 - 4 Hours ; P4 - 1 Day ; P5 - 2 Days; ; All incidents are recorded in ANS’ Service Desk ITSM system under the Incident Management workflow. ANS records the name of the person reporting the incident, call time and any pertinent information, along with resolution criteria ensuring that the workflow is initiated correctly.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: We offer three levels of support:; 1. Standard Single Solution Support.; 2. Co-Managed Support.; 3. COE Support.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: At ANS, we believe that helping our clients prepare for, implement and manage organisational change is paramount if they are to achieve long-term success. ANS are highly focussed on helping customers to achieve full user adoption with certified Prosci ADKAR Change Management skills across the team. ; ; We would recommend you engage with our Microsoft Power Platform Enablement and Adoption Service which is available as an add-on service to any Microsoft Power Platform engagement.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • Microsoft PowerPoint.
  • Lucid Charts.
• End-of-contract data extraction: Should the contract end for any reason, ANS will need to assess what steps need to be followed to ensure data is extracted efficiently.
• End-of-contract process: This scenario will need to be discussed on a case by case basis. Access to the support service will end when the contract does.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Accessing Power Platform solutions on mobile and desktop platforms offers distinct user experiences tailored to the respective device form factors and usage context. Some key differences are:; 1. User Interface (can be designed for desktop or mobiles to optimise the screen sizes.; 2. Functionality and Features (on mobile may offer subset of features due to the limitations of mobile devices. However, they often include essential functionalities such as data entry, task management, and basic reporting.; 3. Offline Capabilities for mobile devices
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Power Platform solutions on mobile and desktop platforms offers unique experiences optimised for the respective devices. Mobile solutions prioritise simplicity, mobility, and touch interactions, while desktop solutions emphasise advanced functionality, multi-tasking, and precision control.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We have designers available if required to assist with designing any Power App Canvas solutions to meet accessibility standards if required. We also can include additional interface testing which carry out ; 1. Screen Reader Testing; 2. Keyboard Navigation Testing; 3. Colour Contrast Testing; 4. Zoom & Magnification Testing; 5. Alternative Text (Alt Text) Testing; 6. Form Field Testing; 7. Assistive Technology Compatibility Testing
• API: Yes
• What users can and can't do using the API: The Microsoft Power Platform APIs offer extensive capabilities for integration, automation, and custom application development within the Power Platform ecosystem. These APIs enable various functionalities such as:; 1. Integration with External Systems; 2. Custom Application Development; 3. Automation; 4. Data Manipulation; 5. Authentication and Security; Limitations and things that cannot be done through the API are:; 1. Direct Access to Backend Services; 2. Highly Complex Development Scenarios; 3. Bypassing Platform Governance.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: User can customise the Microsoft Power Platform to tailor it to their specific needs.; 1. Custom Solutions can be created to manage the appropriate customisations effectively and can be exported for distribution to other environments.; 2. Enable or Disable features in the Settings area; 3. Create custom connectors to extend the capabilities of Power Apps, Power Automate, and Azure Logic Apps to allow integration with external systems and APIs; 4. Custom APIs; Users with the appropriate permissions can customise the Microsoft Power Platform. These are typically:; - App Makers; - Administrators; - Developers; - Business Analysts

Scaling

• Independence of resources: Microsoft has taken significant steps to ensure that users are not adversely affected by the demand placed on their platforms, especially during critical situations. Microsoft has a commitment to scalability, innovation, and rapid response helps ensure that users can access their services without significant disruptions due to increased demand.

Analytics

• Service usage metrics: Yes
• Metrics types: Service Metrics and Analytics can be accessed by the Microsoft Power Platform Admin Centre, which helps you demonstrate impact, prioritise efforts, and optimise your Power Platform usage with standard reports.

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft Power Platform Licenses.

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Using standard out-of-the box export functionality.
• Data export formats:
  • CSV
  • Other
• Other data export formats: XLSX
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XML
  • XLSX
  • TXT
  • ZIP
  • SQL

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: ANS architects its solutions to industry baselines such as the CAF, WAF, Secure By Design. All access into customer solutions is conducted via ANS devices which are protected and monitored by our SOC and have full XDR. During design phase and architecture, firewall designs ensure that only required ACLs are in place to restrict network connectivity and segmentation.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Microsoft Service Level Agrement (SLA) for the Microsoft Power Platform are detailed on the Microsoft Learn (https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services).; Microsoft Key points are:; 1. Availability Guarantee; 2. Downtime and Maintenance; 3. Service Health and Continuity; 4. Data Location and Sovereignty
• Approach to resilience: Microsoft Power Platform is designed with robust resiliency features to ensure high availability and reliability. Key aspects of its design:; 1. Redundant Architecture; 2. Data Replication; 3. Automated Integrity Checking; 4. Active / Active Design; 5. Enterprise Resilience and Crisis Management (ERCM).; For more detail is available on Microsoft Learn (https://learn.microsoft.com/en-us/compliance/assurance/assurance-resiliency-and-continuity)
• Outage reporting: Microsoft provides several ways to report and stay informed about service outages and issues. ; 1. Microsoft Service Health Status Page; 2. Report an issue on the Service Health Page; 3. Third party monitor tools (such as Downdector); 4. Azure Status Page; More detail can be found on Microsoft Learn (https://learn.microsoft.com/en-us/microsoft-365/enterprise/view-service-health?view=o365-worldwide)

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Following strategies can be employed to enhance security and governance in the Microsoft Power Platform:; 1. Managed Environments; 2. Tenant Isolation; 3. Disable Anonymous Access; 4. Azure AD Groups and Policies
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: LRQA
• ISO/IEC 27001 accreditation date: 18/08/2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Blackfoot UK Limited
• PCI DSS accreditation date: 10/08/2023
• What the PCI DSS doesn’t cover: N/A
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ISO27017.
  • ISO27018.
  • NCSC Certified.
  • SOC 2 Type 2 Report.

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: ISO27017, 27018, NIS CAF, PCI DSS Level 1 SP, HSCN, PSN, PASF
• Information security policies and processes: ANS have a fully documented ISMS in line with ISO 27001 with policies covering all elements of the control set listed within our SoA. All published on our internal intranet which is updated regularly with ongoing training conducted to ensure user awareness of all policy and procedure. notifications are sent when any changes are made to policy and procedure.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Internal ANS Change is managed through the application of standard project management process with all projects progressing through approval, CAB review and sign off by stage. All ANS Business Change includes the following managed stages (whether these are deployed on a formal or informal basis is determined by the size of the project, by cost, resource application and risk):; ; • Executive or Higher Management sponsor; • Business Case and Success Criteria; • Scope definition; • Documentation; • Risk & Opportunity assessment; • Milestone or stage review; • Stage sign off; • Final Review; • Testing; • Deployment; • Lessons Learned
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: ANS has a vulnerability management process which is certified against all of our security certifications. Vulnerability management is conducted at host level for internal scans, as well as external scans being ran against all public facing services. ANS uses EASM across its whole business estate, includes threat intelligence notifications against breaches relevant to technologies ANS uses, relevant APTS, dark web monitoring and VIP monitoring. ANS patches inline with industry standards, where all CVEs are risk assessed in their relevance and potential impact to the affected assets. For critical and high vulnerabilities, that risk to ANS assets, patching is conducted immediately.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: ANS has implemented an Information Security Management System (ISMS) that has been verified by our external accreditor to be compliant with the international standard for Information Security Management, ISO/IEC 27001. This system is supported by the ISMS manual, detailed policies and procedures, and underpinned by the pragmatic application of industry best practice. The ISMS defines ANS’ approach to its key protective security functions, corresponding in turn to the requirement of the standard (ISO/IEC 27001:2013).; ; We use the ISMS to develop a Protective Security environment, focusing on the Physical, Personnel and Information assets.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: ANS has developed and documented pre-defined processes for common events that may affect the confidentiality, integrity, or availability of its information assets. These are based on best practices and guidelines from ISO 27001.; Examples includes:; • malware infection; • denial-of-service attack; • unauthorized access; • data breach; • data loss; ; For each event, ANS has defined:; ; • the roles and responsibilities of the incident response team; • the incident classification and escalation criteria; • the incident response procedures and steps; • the incident communication and notification channels; • the incident recovery and closure actions

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We are a company built on our culture and values, with a strong committing to protecting the world and demonstrating our social responsibility. ANS are PAS2060 Carbon Neutral Certified and compliant for a number of years and are aiming to be net zero by 2050. Furthermore, we have and extensive variety of processes and procedures in place to support our commitment, which include: ; • Recycled 10 Tonnes of old servers with all profits going to charity. ; • Relocated data centre cooling equipment in 2022 to reduce the solar gains and save energy. ; • Removed old, inefficient computers so all staff PCs are now modern efficient laptops. ; • Recycle 100% of our WEEE waste using appropriate 3rd party providers.; • PAS2060 certified and compliant. We appointed Carbon Footprint Ltd, a leading carbon and energy management company, to independently assess our Greenhouse Gas (GHG) emissions in accordance with the UK Government’s ‘Environmental Reporting Guidelines: Including Streamlined Energy and Carbon Reporting Guidance’.; • In 2023 we offset 1265 tons of Carbon Dioxide by supporting numerous projects. ; • Cycle to Work scheme available to all employees including great bike sorage facilities on site.; • Introduced a salary-sacrifice electric car scheme.; In addition to the above, we believe environmental awareness is something which needs to be considered further, at home and at work. We provide environmental internal training and communication, which includes:; • Environmental Aspects and Impacts ; • Employees’ responsibilities ; • Environmental Policy ; • Waste Disposal ; • Travel and Transport ; • How ANS helps employees reduce their carbon footprint ; • CSR; • Our Certification

  Covid-19 recovery

  ANS is a proud Manchester based organisation and supports the local community, businesses and charity’s which has helped in the recovery from COVID-19. ANS continued to operate throughout Covid, with measures in place and allowing for remote working.; Creating Employment for those affected by COVID; ANS worked on numerous projects in the lockdowns to assist frontline organisations. One example was a council, to quickly and easily coordinate requests for support and volunteering in the community in response to the Covid.; Furthermore, ANS worked alongside universities to enable students to resume studying, in addition to working with NHS Trust to assist with the tracking and coordination of the Royal Free Hospital’s 15,000 staff during the pandemic.; This meant ANS was able to recruit and provide opportunities.; Support organisations to recover and a new way of working; ANS worked with a council to build a mobile-friendly application using the Microsoft Power Platform which works by pulling together data on individuals who are considered to be vulnerable, from a range of sources and formats, along with a request service.; Furthermore, ANS worked with a university to enable remote working for students.; A council worked with ANS to launch a complex case management system for coronavirus contact tracing which helped contain and manage Covid-19 outbreaks across their population of over 300,000 residents.; ANS had controls in place which included social distancing, we also operated a remote service where this was possible alongside ensuring measures were in place for those unable to work from home, including:; Social Distancing; Covid testing; Workspaces sanitised daily; Adequate ventilation is the building; ANS have numerous flexible working policies in place, including remote and hybrid working which has allowed a large majority of the company to remain working from home post-Covid, however, some roles do require being in the facility.

  Tackling economic inequality

  ANS has a strong commitment to tackling economic inequality, and this is demonstrated through our employees and companies we work alongside.; Our people; ANS have continued to grow as a business and are now a team of over 700 employees.; ANS take Continual Professional Development (CPD) seriously, from skills development to apprenticeships. ANS are committed to giving every employee 12 days per year to devote to professional self-development or business innovation.; ANS have a strong commitment to apprenticeships and have the ANS Academy. Upskilling the local workforce, we invest heavily into our junior staff giving them the best development opportunities. The ANS Academy provides industry-leading training and hands-on experience for the next generation of passionate tech leaders. We were recently rated ‘Outstanding’ by Ofsted.; We engage with schools and colleges based in Manchester, ANS has direct access to the rich and diverse mix of cultures. This ensures that all groups have access to the information on our apprenticeships. In 2022, this resulted in 45% of Apprentices hired identifying as BAME.; We partner with 2 girls’ schools in our community by running immersive days at our office where groups of students can speak with women from at ANS.; Fostering an inclusive workspace, our diversity groups represent various communities, including LGBTQ+, BAME, disability groups and gender.; Increase supply chain resilience and capacity; We also take into consideration the standards and qualification level of those in the supply chain that we choose to work with and/or recommend. At a practical level, we maintain relationships with local businesses, we value our position as a key contributor to the ‘Northern Powerhouse’. For our own on-site operation, we have contracted with many SMEs and VCSEs.; Demonstrating the value of these partnerships, advantages include:; Fewer overheads; Local employment growth opportunities; Innovation; Reduced carbon footprint; Less bureaucracy

  Equal opportunity

  ANS are proud to be a Disability Confident Employer. The scheme, set up by the Department for Work and Pensions, is designed to help employers recruit and retain disabled people and people with health conditions for their skills and talent. As a Disability Confident committed employer, ANS is providing inclusive and flexible recruitment processes such as offering video interviews and supporting flexible working patterns where possible. We also ensure our workplace is suitable to support any employee that may have a disability.; ; ANS recognises equity and fairness throughout the business and that discrimination in any form is unacceptable. Equal opportunities has long been a feature of our employment practices and procedure, that’s why we have an equal opportunities policy in place. Breaches of the policy will lead to disciplinary proceedings and, if appropriate, disciplinary action.; ; The aim of the policy is to ensure no job applicant, employee or worker is discriminated against. We ensure the policy is circulated to any agencies responsible for our recruitment and a copy of the policy will be made available for all employees and made known to all applicants for employment.; ; ANS have a strong commitment to equality in the workplace. We have a full modern slavery policy, but in addition to policies, we have internal iniatives in place to tackle workplace inequality such as having internal EDI groups:; ; • Women in ANS; • Diversity and Beyond (DAB); • The Rainbow Alliance; • The Association for Better Living and Education (ABLE) Group; • ANS Squirrel Club (Neurodiversity); • Parents in ANS; • Let’s Talk About Mental Health; ; ANS also has a strong commitment to equality in the workforce through being a living wage employer, alongside a disability confident employer.

  Wellbeing

  ANS is committed to the wellbeing of our employees and this extends to the wider community, we are strongly committed to the wellbeing of our teams, and provide numerous benefits to help with physical and mental health, which include but are not limited to:; ; • An extra day’s holiday on birthdays and an extra 5 days for tying the knot ; • ‘Celebration Day’ - staff can use for any occasion that is meaningful to them; • Hybrid, flexible and remote working ; • Free onsite gym ; • Private healthcare ; ; Furthermore, we emphasise the importance of mental wellbeing. Internally, we obtained a group of volunteers so that we could provide training to become Mental Health First Aiders (MHFA), accredited by MHFA England. They provide online drop-in and in-person sessions, which is accessible for both staff who work in our office and those who work remotely. The sessions continue to support our employees with their personal issues. In addition to health benefits, ANS are committed to ensuring our employees are able to develop in their careers, and therefore, we provide numerous measures, which include but are not limited to 12 development days per year. These days can be used for courses, examinations, partner training and many other reasons. Additionally, we provide regular PDR’s which enable ANS employees to reflect and set future goals on their career. ; ; ANS have a strong commitment to the local community, this is demonstrated through our community outreach in recruitment for the academy alongside our local community when selecting local suppliers. ANS look to use local suppliers where this is possible, and is demonstrated through the selection of local food vendors for our events, local event management specialists, our active support to local charities, such as the Manchester Youth Zone and using local waste service companies.

Pricing

• Price: £0.01 a unit
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@ansgroup.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.