AWTG LIMITED

iYouth

Our iYouth Web and Mobile App helps 3rd sector groups to operate grass roots activities such as youth clubs, sports clubs and digital inclusion schemes. iYouth enables enrolment and registration, safeguarding, information sharing, events management, group communication, messaging and alerts, e-payments and administration. It supports commissioners and enables social cohesion.

Features

  • Enrolment and registration: users enrol to groups, register for events
  • Safeguarding: ensure volunteers are vetted, collect consent forms online
  • Information sharing: enabled by a Content Management System
  • Events management: group managers organise meetings and events
  • Group communication: safe forums for curated peer to peer communication
  • Messaging and alerts: reminders for events, activities and tasks
  • e-Payments: users can pay subscription and event fees online
  • Administration: a simple interface minimises overhead on group managers
  • Security: strict controls govern access and authorisations within the platform
  • Bulletin board: publish club policies and other static information online

Benefits

  • Help local communities to recover from the impact of COVID-19
  • Support voluntary and community groups to operate grass roots activities
  • A user friendly solution for commissioners/funders, parents/guardians and children
  • Encourages community cohesion through educational, health, cultural and creative activities
  • Track progress of members that increase experience, qualification and attainment
  • Enable volunteers to easily gather, manage and store information
  • Minimise the administrative burden upon volunteers
  • Provides the coordination that helps community groups deliver most value
  • Publicise information about available funding and help volunteers apply successfully
  • Provide online training needed by volunteers such as first aid

Pricing

£0.40 to £0.60 a user a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ian.vernon@awtg.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

3 2 1 9 8 6 7 7 2 8 8 8 6 8 7

Contact

AWTG LIMITED Ian
Telephone: 02035155151
Email: ian.vernon@awtg.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Some down time is required for scheduled maintenance and upgrades.
System requirements
  • Users require an appropriate end user device and internet connection.
  • Web Apps require Edge15, Chrome69, Safari11, Firefox62, or later.
  • Native Mobile Apps require Android7, iOS12, or later.
  • Solutions designed for screen resolutions of mobiles, tablets, laptops, PCs.

User support

Email or online ticketing support
Email or online ticketing
Support response times
The AWTG service desk is available 24/7 and monitored by AWTG employees during working hours (Mon to Friday 7.30 to 17.30). P1 Calls: Target Response Time 30 mins, Target Resolution Time 4 Working Hours; P2 Calls: Target Response Time 60 mins, Target Resolution Time 8 Working Hours; P3 Calls: Target Response Time 4 Hours, Target Resolution Time 3 Working Days; P4 Calls: Target Response Time 24 Hours, Target Resolution Time 5 Working Hours. Customers are able to escalate a matter that has previously been reported to the Service Desk.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
AWTG will allocate a named support manager for each client. AWTG provides the same level of support for all clients. Users can log incidents with the AWTG service desk. This is available 24/7 and monitored by AWTG employees during working hours. The Service Desk is resourced by technical experts and is supported by a sophisticated AI assistant. All support calls, issues and fixes are documented and clients are provided with regular reports of performance. All support calls are prioritised 1 to 4 based on their Impact and Urgency. P1 Calls: Target Response Time 30 mins, Target Resolution Time 4 Working Hours; P2 Calls: Target Response Time 60 mins, Target Resolution Time 8 Working Hours; P3 Calls: Target Response Time 4 Hours, Target Resolution Time 3 Working Days; P4 Calls: Target Response Time 24 Hours, Target Resolution Time 5 Working Hours. Target Resolution Time: The elapsed time from the call being logged with AWTG to a complete fault resolution or to an agreed workaround being put in place until the fault is fully resolved. Target Response Time: The elapsed time from the call being logged with AWTG to an AWTG employee contacting the client to commence work on fault resolution.
Support available to third parties
No

Onboarding and offboarding

Getting started
All of our GCloud 13 solutions are configured to the specific needs of each customer. AWTG follows the Prince2 Agile and Scrum methodologies and we adopt a User Centered Design approach. We follow our standard five stage onboarding and configuration approach which is described in detail in our Service Definition Document. This 5-stage process consists of Define, Design, Develop, Demonstrate and Deploy; and it is applied in proportion to the needs of each customer. AWTG will provide clients with end user and system administrator training prior to the launch of the solution. The training can be at the clients own premises or it can be provided online. AWTG will provide clients with training materials and user documentation.
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction
Prior to the end of the contract, AWTG will agree an offboarding plan with the customer. This includes details of the data that the customer wishes to extract, the format in which the customer wishes to receive the data, and how and where the data should be transmitted in a secure manner. After contract termination all live customer data will be deleted and all customer backups will be destroyed. Customers can be assured that AWTG will provide extracted data in a timely manner and in a common file format that can be easily ingested by an alternative solution. Extracted data will be transmitted to the customer in a secure manner and there will be no additional cost for this.
End-of-contract process
Prior to the end of the contract, AWTG will agree an offboarding plan with the customer. Customers can be assured that AWTG will provide extracted data in a timely manner and in a common file format that can be easily ingested by an alternative solution. Extracted data will be transmitted to the customer in a secure manner and there will be no additional cost for this. AWTG can provide customers with additional services during off boarding if required. For example, we can retain backups until the customer has fully transitioned to a new platform. There is an additional charge for such additional services. Should the client choose to continue to operate the AWTG solution at the end of a contract period, then AWTG will agree new contractual terms, and we will not charge the customer any offboarding fees. Onboarding fees will only be charged where the customer requires additional services from AWTG such as changes to the configuration and implementation.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
AWTG provides Responsive Web Applications and Integrated Native Mobile Apps for Android and iOS. Mobile Apps take full advantage of the functionality of smart phones to provide features/content in the same way as other leading Web and Mobile Apps while maintaining familiarity and similarity with the Web application. Content for the Website and Native Mobile Apps is managed in the same cloud based Wordpress CMS. The Website is updated in near real time following any change in the CMS. Apps can be configured to ‘recommend’ or ‘force’ updates. The Apps will work when users have limited/no mobile network coverage.
Service interface
Yes
User support accessibility
WCAG 2.1 AA or EN 301 549
Description of service interface
System Admin access is via a web browser. Administrator accounts are created and issued by AWTG using 2FA. Other users must register to create an account. This requires a valid email address and a strong password. Users validate accounts by responding to an email sent to the address provided within a given timeframe. User class determines the users role and privileges within the solution. User classes range from basic (least privileges) to administrator (most privileges). Access controls are tested at least once a year.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
AWTG’s websites feature the UserWay Accessibility Widget to comply with WCAG 2.1 AA requirements. UserWay is a pioneer in innovative website accessibility technologies. UserWay is led by a world class team with decades of experience with complex accessibility protocols, delivery of large scale systems and ground breaking innovation. Userway employs some of the world's leading engineers, entrepreneurs, and visionaries who are defining the future of digital accessibility for us all.
API
Yes
What users can and can't do using the API
The APIs enable customers to import and export data in to and out of the application, in order to enable the application to provide the functionality and information required by the customer. The APIs are configured during the onboarding process. Each customer will have different requirements from the APIs.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
The majority of the features listed can be customised to meet the requirements of each individual customer. Configuration and requirements are defined, designed, developed, demonstrated and deployed during the onboarding process.

Scaling

Independence of resources
The architecture consists of several Web microservices. The storage layers are designed as data shards, therefore customer data is divided into separate storage containers allowing balancing between them. User identity and access management is driven by AWTG’s Keycloak solution. This features a PostgreSQL backbone enabling horizontal scaling of database tables. AWTG use Nginx Proxy Manager for horizontal scaling of multiple cache instances using Docker container replication or Kubernetes orchestrator in the Google Cloud Platform.

Analytics

Service usage metrics
Yes
Metrics types
AWTG provides customers with a range of service usage metrics covering Web and Mobile Applications. This information is provided through a mix of real-time dashboards and regular reports.
Reporting types
  • Real-time dashboards
  • Regular reports

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Data can be exported where this supports the business processes and workflows provided by the solution, as an automated export as part of the site functionality, or as backups/exports as part of support services.
Data export formats
  • CSV
  • ODF
Data import formats
  • CSV
  • ODF

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
Other
Other protection within supplier network
Within Google Cloud Platform, VM to VM routing, including routing to a VM like managed service such as Cloud SQL, takes place on Google's own network backbone, using RFC1918 private IP addresses. In some circumstances, this may require routing traffic outside of the physical boundaries controlled by or on behalf of Google, although as all services for an installation exist within the same Google Cloud Region and Google Cloud Regions map to specific data centres, the likelihood of this happening is extremely low.

Availability and resilience

Guaranteed availability
AWTG’s standard SLA is 24/7/365 site availability with an annual availability of 99.9%. This excludes planned downtime for pre arranged maintenance activities and downtime as a result of factors outside of our control. AWTG operates a service credit regime to compensate customers should we fail to meet our guaranteed level of availability (99.9% excluding planned downtime and downtime as a result of factors outside of our control). Service credits are calculated annually. Customers are refunded a percentage of their annual costs for every 1% shortfall in availability below 99.9%.
Approach to resilience
AWTG Platforms are hosted in two physically separate UK locations. The infrastructure is configured into an active-passive high availability cluster to ensure application availability. Zone 1 is the primary location and actively processes traffic. Zone 2 is a backup that replicates Zone 1, that monitors the health of the primary and takes over if Zone 1 fails. Load Balancing distributes client requests or network load efficiently across multiple servers in each zone, ensuring high availability and reliability by sending requests only to servers that are online in that zone. Load balancing is provided in both zones. AWTG platforms are designed to scale horizontally to handle growth in traffic or usage.
Outage reporting
AWTG platforms are hosted in the Google Cloud Platform. AWTG utilises Google Cloud Monitoring tools and its own additional artificial intelligence enabled monitoring and health state alerting tools to manage the performance of the Application including its ongoing availability. In the event of an outage, AWTG automatically alerts customers by email and automatically alerts AWTG DevOps employees by email and text message. Outages are managed as Priority 1 incidents. Here the target is to respond to the customer within 30 mins and to resolve the issue or put in place an agreed workaround to restore service within four working hours of the incident being logged. If this is not possible, due to the nature of the fault, then AWTG will make all reasonable efforts to escalate the issue and provide any additional technical resources as may be required to achieve a full restoration of the service.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
To access AWTG applications, user must first register to create an account. User registration requires a valid email address and a strong password. Users must validate their accounts by responding to an email sent to the address provided. If a user fails to respond to the validation email promptly, the account is deleted. Each user is allocated to a class which determines their role and privileges within the solution. Users have the minimum required rights to access only the facilities they have rights to. Only AWTG can create administrator accounts which are validated using 2FA.
Access restriction testing frequency
At least once a year
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
CQS (Certified Quality Systems) Limited
ISO/IEC 27001 accreditation date
28/05/2021
What the ISO/IEC 27001 doesn’t cover
The scope of the certification applies to the approved Information Security Management Systems relating to the following activities: The Provision of Engineering Consultancy, Design Optimisation and Network Performance Verification Services.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes
AWTG complies with ISO27001, CSA CCM 3.0 and Cyber Security Essentials. AWTG has established an ISO27001 certified Information Security Management System (ISMS) and governance framework. The security governance framework coordinates and directs the management of the solutions and services that we provide and the information that is contained within them. The governance framework ensures that procedures, employees, physical and technical controls continue to work through the lifetime of the solutions and services that we provide to our customers. The framework is regularly updated to respond to changes in the solutions and services that we provide, technological developments and the appearance of new threats. The framework specifies named officers responsible for legislative compliance including data protection and GDPR.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
AWTG maintains an accurate picture of assets along with their configurations and dependencies. Our ISMS conforms to CSA CCM 3.0. AWTG identifies and manages changes which could affect the security of the service and we detect and prevent unauthorised changes. We use the following Google configuration management tools Security Command Centre, Resource Manager and Cloud Deployment Manager. In addition, AWTG is able to validate the full hosting stack using Shielded VMs, which enable live measurement, monitoring, and alerting for any changes. Google provides robust logging services which provide information such as "who did what, where, and when."
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
AWTG has management process in place to identify, triage and mitigate vulnerabilities. Our ISMS conforms to CSA CCM 3.0 In addition, Google’s vulnerability management team track and follow-up vulnerabilities. Once a vulnerability requiring remediation has been identified, it is logged, prioritized, and assigned an owner responsible for ensuring it is remediated. Google administrates a vulnerability management process that actively scans for security threats using a combination of commercially available and purpose-built tools, intensive automated and manual penetration efforts, quality assurance processes, software security reviews and external audits.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
AWTG’s ISMS conforms to CSA CCM 3.0. Google Cloud Platform services monitor for attack, misuse and malfunction in order to detect successful and unsuccessful attacks and quickly respond to potential compromises of customer environments and data. AWTG uses the following Security products: Cloud Identity and Access Management, Cloud Security Scanner, Event Threat Detection, Cloud Security Command Centre and Security Health Analytics, and, Shielded VMs that enable live measurement, monitoring, and alerting for any changes of the full stack.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
AWTG’s ISMS conforms to CSA CCM 3.0. We have carefully pre-planned incident management processes in place so that when incidents do occur, the correct decisions are made minimising the impact on users of security, reliability and environmental issues. Google has a rigorous incident management process for security events that may affect the confidentiality, integrity, or availability of systems or data. This process specifies courses of action, procedures for notification, escalation, mitigation, and documentation. It is structured around NIST guidance on handling incidents (NIST SP 800–61). Google will notify AWTG of data incidents promptly and without undue delay.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Fighting climate change

Fighting climate change

AWTG is committed to sustainable business practices and operations in order to minimize and where possible negate its impacts on the environment.

At time of writing, AWTG is seeking certification for ISO 14001 for environmental management.

AWTG takes all reasonable steps to minimise its impact on the environment. For example: recycling of equipment at end of life safely and securely; ethical sourcing of equipment; minimising our carbon footprint; taking green travel options; using low energy electronic devices; using equipment that automatically switches off when not in use.

AWTG has a silver certificate award from Ecovadis for our sustainability as a business and we continually strive to improve all areas of our operations to reduce the environmental impact.

AWTG is Certified for ISO9001, ISO27001, Cyber Security Essentials. This information security and quality management certification and compliance includes environmental policies/processes/standards.

AWTG demonstrates its commitment to environmental transparency by disclosing its environmental impact through CDP, a global non-profit that runs the world’s leading environmental disclosure platform.

In its disclosure, AWTG shares its environmental impact and continuous action towards achieving positive environmental impact on all AWTG products and projects. AWTG has disclosed its environment impact in order to raise awareness across the industry about how to ensure a sustainable future. AWTG aims to lead the way towards contributing to a sustainable and bright future for generations to come.
Covid-19 recovery

Covid-19 recovery

AWTG helps individuals, communities, towns, cities and regions to recover from the Covid-19 pandemic and the socio-economic impact of the lockdowns in many ways.

We provide free of charge outdoor public access wi-fi networks that enable digitally excluded people to access online information and services that help them recover.

We provide wi-fi networks for local authorities, the social housing sector, and NHS organisations.

We also help these sectors tackle digital exclusion. Our service include: digital inclusion strategy development; communication campaigns that encourage people to get online; free of charge public access wi-fi networks; and a web/mobile app designed to help commissioning organisations and 3rd sector groups to provide digital inclusion support in their communities (iYouth).

AWTG has a suite of software products designed to help the public sector exploit the social and economic benefits of mobile connectivity for post covid recovery.

Our iYouth Web and Mobile App helps 3rd sector groups to operate grass roots activities such as youth clubs, sports clubs and digital inclusion schemes. iYouth enables enrolment and registration, safeguarding, information sharing, events management, group communication, messaging and alerts, e-payments and administration. It supports commissioners and enables social cohesion.

The iRegen Platform delivers smart placemaking to strengthen local identity and promote town and city centres as places where people should be. Integrated e-trading and e-bookings modules enable the smallest local business to trade online, from independent retailers to hair salons. iRegen provides a platform to deploy innovative 5G services.

The iBecome apprenticeship and careers portal is a modern, vibrant and engaging web and mobile app tailored to the needs of a town, city or region. Local young people can search and apply for apprenticeships; enrol on training schemes/events; and, access advice and guidance about education, skills, training and employment.
Tackling economic inequality

Tackling economic inequality

As an organisation, AWTG is committed to working with local suppliers wherever this is feasible within the scope of the services that we’re delivering.

When we work with local authorities on a major project, we commit to provide a new job position for an unemployed individual within the local area.

We also commit to provide students aged 16+ with work experience placements spread across the duration of our local contracts.

AWTG has a suite of software products designed to help the public sector exploit the social and economic benefits of mobile connectivity.

iRegen has been designed to help high streets recover from the compound impact of the financial crises, economic down turn and COVID-19 lockdowns. It is designed to attract people to the physical high street and the bricks and mortar businesses that are located there. It is also designed to support local businesses when shoppers are not in the high street by providing online access to sophisticated e-commerce functions. Integrated e-trading and e-bookings modules enable the smallest local business to trade online, from independent retailers to hair salons. iRegen also provides a platform for towns, cities and regions to deploy innovative 5G services to further attract people to shop locally such as Augmented Reality and Wayfinding.

The iBecome apprenticeship and careers portal is a modern, vibrant and engaging web and mobile app tailored to the needs of a town, city or region. Local young people can search and apply for apprenticeships; enrol on training schemes/events; and, access advice and guidance about education, skills, training and employment.

iBecome can encourage young people to apply for vacancies in industries with skills shortages or in high growth sectors; to provide access to training that address skills gaps; and it can remove barriers preventing applications for certain industries.
Equal opportunity

Equal opportunity

AWTG is committed to being an equal opportunities employer, and operates an equal opportunities policy for all employees, members of staff and job applicants in respect of recruitment, terms and conditions of employment and opportunities for training and promotion, regardless of age, disability, gender reassignment, marital or civil partner status, pregnancy or maternity, race (including colour, ethnic or national origin and nationality), religion or belief, gender, sexual orientation, or any other criteria not specifically related to potential, skills and abilities.

We have a legal duty to provide employees with a safe place of work. This includes a duty to provide a workplace which is free from harassment, including harassment by third parties. Harassment may in certain circumstances, also amount to unlawful discrimination.

Any breach of our equal opportunities policy and any act of discrimination or harassment will be viewed very seriously and will constitute a disciplinary offence in respect of which an offending employee may be summarily dismissed on the grounds of gross misconduct.

AWTG is committed to ensuring that no discrimination, harassment, victimisation or bullying at work, whatever the motivation, is overlooked or condoned.

The policy applies to all directors, Managers and employees of AWTG together with applicants, consultants, workers, agency workers, and contractors, trainees, homeworkers, casual staff and volunteers working for us and other individuals such as external suppliers, not directly employed by AWTG but with whom we have dealings during the course of our business.

Our policies apply equally to the treatment of our visitors, clients, customers and suppliers by our staff and the treatment of our staff by these third parties.
Wellbeing

Wellbeing

AWTG does not have a specific wellbeing policy. However, we support the health and wellbeing, including physical and mental health, of our employees through a combination of other HR policies and processes. Contributory policies include: health and safety; sickness and absence; alcohol, drugs and substance misuse; maternity, paternity and parental leave; flexible working; and, special leave.

AWTG has a suite of software products designed to help the public sector exploit the social and economic benefits of mobile connectivity.

Our iYouth Web and Mobile App helps 3rd sector groups to operate grass roots activities such as youth clubs, health and wellbeing, exercise and digital inclusion schemes. iYouth enables enrolment and registration, safeguarding, information sharing, events management, group communication, messaging and alerts, e-payments and administration. It supports commissioners and enables social cohesion.

Pricing

Price
£0.40 to £0.60 a user a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ian.vernon@awtg.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.