Proventeq Limited

Proventeq Content Productivity Suite

Proventeq's Content Productivity Suite: Our AI-powered tools help organizations seamlessly transition to Intelligent Workplaces built in SharePoint, Teams, and Azure. From augmented content analytics to intelligent classification and metadata extraction, we specialize in migration from non-Microsoft platforms to Microsoft 365.

Features

• Migration Accelerator- high-fidelity content migration
• Content Analyser- deep understanding of content
• Content integrator- cohesive digital asset management
• ClassiFile- relevant document search and efficient content governance
• Orchestrator- migration scheduler

Benefits

• Intelligently optimize your business content
• Maximize the potential of your content structure
• Enhance your data management infrastructure
• Meet security and compliance requirements

£3,000 to £22,000 a terabyte

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Bids@proventeq.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

319124148162981

Contact

Sarah Churchard
0118 907 9296
Bids@proventeq.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Not applicable
• System requirements: Refer Proventeq documentation for system requirements

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support response times: Standard support is available 9 AM to 5:30 PM on week days. Severity 1 - Response time within 4 working hours. Severity 2 - Response time within 8 working hours. Severity 3 - Response time within 16 working hours. Severity 4 - Response time within 24 working hours. Weekend and/or after office support across different timezone or same timezone is discussed with the client and response time is agreed.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support response times: Standard support is available 9 AM to 5:30 PM on week days. Severity 1 - Response time within 4 working hours. Severity 2 - Response time within 8 working hours. Severity 3 - Response time within 16 working hours. Severity 4 - Response time within 24 working hours. Weekend and/or after office support across different timezone or same timezone is discussed with the client and response time is agreed.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Proventeq facilitates users' adoption of our services through a multifaceted approach. This includes comprehensive user documentation accessible online, providing step-by-step guides, tutorials, and FAQs. Additionally, we offer online training sessions conducted by experienced professionals to familiarize users with the service's functionalities and best practices. For more personalized assistance, onsite training sessions can be arranged, tailored to the specific needs of the organization. Our dedicated support team remains available to address any queries or issues, ensuring a smooth onboarding process and empowering users to leverage the service effectively for their business needs.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Upon contract termination, users can extract their data from Proventeq's systems through a straightforward process outlined in our offboarding documentation. This process typically involves accessing a designated data export tool or interface within the platform, where users can select the data they wish to extract. Once initiated, the system securely packages the selected data into a format specified by the user, such as CSV or XML. Users then download the exported data to their local systems or migrate it to alternative storage solutions, ensuring continuity of data ownership and compliance with contractual obligations.
• End-of-contract process: At the end of the contract with Proventeq, a review of services provided typically occurs, addressing project outcomes and any outstanding issues. Discussions ensue regarding contract renewal, extension, or termination based on mutual objectives. The contract price generally covers core services like setup, licensing, implementation, basic training, and support. However, additional costs may apply for services beyond the agreed scope, such as advanced customization, specialized training, or third-party integrations. These extra costs are outlined in the contract terms or handled through separate agreements. In summary, the contract's conclusion involves evaluating service delivery, exploring future engagements, and clarifying any additional costs outside the contract's core services.

Using the service

• Web browser interface: No
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: The service is highly configurable and flexible to suit client requirements.

Scaling

• Independence of resources: This question is not relevant for Proventeq Content Productivity Suite software

Analytics

• Service usage metrics: Yes
• Metrics types: To be filled....
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Source and Target content is accessed via the relevant API or database connection using the relevant connection and permission access rights.
• Data export formats:
  • CSV
  • Other
• Data import formats:
  • CSV
  • Other

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: Most content management systems have an underlying database (some Microsoft SQL, others support Oracle) and an underlying file system. For some systems there is only the products official API that allows the data to be accessed. For others, Productivity Content Suite may either use it’s own access methods (and therefore require access to the underlying database and file system) or may still provide the option to use the API.
• Data protection within supplier network: Other
• Other protection within supplier network: Data within our network is safeguarded through a multi-layered approach. We implement robust encryption protocols to secure data both in transit and at rest. Access controls, including role-based permissions and two-factor authentication, ensure that only authorized personnel can access sensitive information. Regular security audits and updates are conducted to identify and mitigate potential vulnerabilities. Additionally, we employ intrusion detection systems and firewalls to monitor and prevent unauthorized access attempts. Continuous employee training and awareness programs foster a culture of data security, emphasizing best practices and compliance with industry standards and regulations.

Availability and resilience

• Guaranteed availability: We agree SLAs with the client regarding the service availability with appropriate refund policy.
• Approach to resilience: Information available on request
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Access to management interfaces and support channels is restricted through role-based access control (RBAC), requiring user authentication with secure credentials. Only authorized personnel are granted access based on predefined roles and permissions. Two-factor authentication (2FA) may be enforced for additional security. Access logs are maintained for auditing and accountability. Support channels are accessed through verified accounts or ticketing systems, with access limited to authorized support personnel. Additionally, encryption and secure protocols are employed to protect sensitive data in transit. Regular security assessments and updates ensure ongoing protection against unauthorized access.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: DNV
• ISO/IEC 27001 accreditation date: 26/03/2022
• What the ISO/IEC 27001 doesn’t cover: Not applicable
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Our security policies and processes are as per the ISO 27001 standard.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Components are meticulously tracked using version control systems or configuration management databases throughout their lifecycle. Changes undergo stringent assessment for potential security impact via comprehensive review processes, including risk assessments and security testing. Proposed changes are evaluated against security policies to ensure compliance and mitigate risks. Change management workflows involve stakeholder collaboration and approval mechanisms, ensuring validation before implementation. Audit trails and logging mechanisms capture change details, enabling traceability and accountability. Regular monitoring and auditing of configuration changes facilitate the identification and remediation of security vulnerabilities while ensuring adherence to best practices.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Vulnerability management involves assessing potential threats, deploying patches promptly, and staying informed about emerging risks. Threat assessments include continuous monitoring, penetration testing, and vulnerability scanning to identify vulnerabilities. Patches are deployed through automated processes and scheduled updates to mitigate identified risks. Information about potential threats is sourced from various channels, including security advisories, threat intelligence feeds, vendor notifications, and industry-specific forums. This information is regularly reviewed and analyzed to prioritize patch deployment and proactive risk mitigation measures.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our protective monitoring processes include continuous monitoring of system logs, network traffic, and user activities to identify potential compromises. We employ advanced threat detection tools and anomaly detection algorithms to swiftly detect any suspicious behavior or security incidents. In the event of a potential compromise, our response protocol involves immediate investigation, containment, and remediation measures to mitigate the impact and prevent further escalation. Our goal is to respond to security incidents promptly, typically within minutes or hours, depending on the severity and nature of the compromise, ensuring minimal disruption and maximum protection for our users.
• Incident management type: Supplier-defined controls
• Incident management approach: We maintain pre-defined incident management processes for common events, ensuring swift and effective resolution. Users report incidents through dedicated channels such as email, phone, or a web-based portal. We provide detailed incident reports outlining the nature of the incident, impact, actions taken, and preventive measures. These reports are communicated to users through email notifications or accessible via a centralized incident management platform, facilitating transparency and accountability throughout the incident lifecycle.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  As a company we are using a hybrid work approach where we minimize our office overheads for heating and lighting etc., this also means travel to the office is limited, where applicable. We are limiting our onsite customer visits where possible and deploying best-in class Digital Workplace productivity tools to deliver our work. This approach enables us to reduce our carbon footprint from excessive commuting to work and customer sites.

  Covid-19 recovery

  As we have progressed through the Covid-19 pandemic, we have followed all Government guidelines. We have deployed new ways of working, continuing a remote working model, so that we can deliver customer projects whilst working remotely. We have provided support and guidance to our employees, including allowing sufficient time to recover from Covid to help support their physical and mental wellbeing. We have also deployed best digital workplace tooling to enable the remote working and sustainable travel solutions.

  Tackling economic inequality

  As a growing SME we are creating new job opportunities, at various skillset levels. With our Hybrid working model, we are opening up access to talent across greater areas of the country as we are now not so dependent on close-to-office location. We regularly undertake a skills gap analysis to see what resource we require. We are ISO27001 UK certified to ensure IT Security is managed effectively. Our products for customers provide greater efficiencies in the use of data within larger government services and private organisations.

  Equal opportunity

  We are an equal opportunities company. We recruit for knowledge and skills and allow flexibility due to our Hybrid working model. This enables us to have a diversified workforce. We demonstrate respect to each other and ensure a fairness of approach in our recruitment and selection processes and in all interactions with employees and clients. We have a constant learning culture to enable individuals to enhance their personal skillsets.

  Wellbeing

  We encourage employees to take regular breaks for their wellbeing. We have introduced measures to enhance employee mental health such as organizing virtual coffee break sessions; undertaking regular pulse surveys and Senior Management having regular ‘check in’ sessions with employees. We have adopted a variety of digital tools to measure and support employee wellbeing. Our products/systems provide efficiencies that enable customers to provide greater support to their employees/users, (e.g. through ensuring more efficient and informed public services).

Pricing

• Price: £3,000 to £22,000 a terabyte
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Our free trial version is for a limited data volume and limited time. All features are enabled.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Bids@proventeq.com. Tell them what format you need. It will help if you say what assistive technology you use.