TPXIMPACT LIMITED

UiPath Intelligent Automation (RPA)

UiPath's Robotic Process Automation (RPA) platform allows government (local, central and agencies) to rapidly automate much of the manual, repetitive, processes without changing the underlying technologies or the processes. The software robots mimic human work to deliver enhanced quality, better governance, greater efficiencies, managed costs and a better client experience.

Features

• Frictionless automation of IT and business processes.
• On Demand Hosted Robotic Process Automation (RPA).
• Infrastructure, Application and Process Agnostic.
• Infinitely Scalable Cloud Platform.
• Flexible commercial models.
• Includes Enterprise RPA functionality.
• Integrated Web Initiation Portal, Autonomic Scheduling and Digital Service Catalogue.
• Integrated Intelligent Orchestration, Scheduling and Management.
• Automation Component Library with access to Distributed Digital Objects.
• Extensible functionality for OCR, ICR, Cognitive, Machine Learning and NLP.

Benefits

• Release staff to frontline citizen-centric activities.
• Cost reduction (hundreds of percent in ROI in year one).
• Efficiency gains (operate 24 hours a day and without error).
• Compliance (every action taken by the robots is auditable).
• Single view of the citizen (massively improving customer experience).
• Rapid deployment (in weeks, not months or years).
• Scalability (new robots can be created in seconds).
• Low infrastructure costs (multiple robots on a single virtual machine).
• Data analytics built in (allowing predictive proactive actions).
• Deals with semi- and unstructured data (automate more processes).

£4,400 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@tpximpact.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

324114272525966

Contact

Bid Team
07528419817
bids@tpximpact.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Intelligent OCR, Chatbots, Machine Learning, NPL, BI, Artificial Intelligence, Cognitive technologies.
• Cloud deployment model: Hybrid cloud
• Service constraints: There are no constraints. Intelligent automation / RPA can be used in every department/agency and across all service lines. The robots are ideally suited to anywhere where you have people manually transferring information through or between IT systems. There is a minimum set of hardware and software requirements required to install the technologies.
• System requirements:
  • Windows Server 2008 R2 SP1 for server
  • SQL Server 2008 Standard Edition SP1
  • Windows 7 for desktop with .Net Framework 4.5

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: 24/7/365 response in 4 hours based on prioritisation.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: No
• Web chat support: Yes, at an extra cost
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: We support assistive technology users through Zendesk.
• Onsite support: Yes, at extra cost
• Support levels: L2-L3 support is free of charge. Manpower days and T&E is chargeable starting at £800 per day
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Online training is provided free of charge via the online UiPath Training Academy. Onsite training, if required, is provided as a chargeable service, with the rates dependent upon the customised training required. User documentation is provided free of charge online.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The UiPath platform does not store any customers' data, it remains on the customers' on-premises systems or cloud operation.
• End-of-contract process: Included in the annual license is the software, support, upgrades and training. Infrastructure is the responsibility of and at the cost of the customer.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Linux or Unix
  • Windows
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: Yes
• Description of customisation: The UiPath platform is highly extensible being written in .Net and using Microsoft Windows Workflow Foundation. We encourage customers to build their own Intellectual Property (which they own) on top of the platform.

Scaling

• Independence of resources: The UiPath platform can support hundreds of users and thousands of robots simultaneously.

Analytics

• Service usage metrics: Yes
• Metrics types: The UiPath server (Orchestrator) has Elasticsearch and the Kibana reporting tool built in. This means that the usage metrics can be analysed in any way customers need.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: UiPath

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: The UiPath platform does not store any user data so there is no need to export.
• Data export formats: CSV
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • Legacy (mainframe, terminal screen, etc.)
  • Microsoft Office (Word, Excel, Outlook, Access)
  • ERP systems (Oracle, SAP, Microsoft Dynamics, etc.)
  • Native PDF documents
  • OCR'd documents and forms
  • Images (JPEG, GIF, PNG, etc.)
  • Web (any HTML including frames and multiple screens)
  • Chatbot (Google and Microsoft cognitive services)

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: UiPath availability is predicated only on the customers' infrastructure. The UiPath platform is operational 24/7/365.
• Approach to resilience: Not applicable as the UiPath platform runs on the customers' infrastructure/cloud.
• Outage reporting: The UiPath Orchestrator will report any service outages and report in any way that the customer requires: dashboard, API, mobile, text or email.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Username and password control over access to uipath products. This can be achieved via AD or other auth mechanisms.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 26/04/2023
• What the ISO/IEC 27001 doesn’t cover: Provision of services outside the UK.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: CSA CCM version 3.0
• Information security policies and processes: UiPath Systems, Networks and processes are reviewed annually by the Information Security Office to ensure compliance with security policies and standards. Additionally, this review is subject to audit by the Internal Audit and External Audit.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Configuration & Change management is handled via Hipbath Maintenance and support agreement. UiPath will track the UiPath RPA product components and will ensure changes are handled via a documented & agreed procedure.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: UiPath implements all applicable security requirements reasonably needed for the protection of confidential data processed through UiPath systems while still continuing to operate its businesses effectively and efficiently.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: UiPath uses internal resources & external vendors to run assessment of potential risks & vulnerabilities. If a risk or vulnerabilities is identified we have a internal procedure that handle them based on impact/ priority. Incidents are handled based on priority, starting from 4hrs response.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: UiPath provide incident management via support portal for its customers.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  TPXimpact is committed to achieving the Science Based Targets Initiative definition of near-term emissions reductions aligned to the 1.5 degree pathway by 2030, and long-term reductions by 2050 to adhere to the SBTi Net-Zero Standard. We reduce GHG emissions wherever possible, and actively offset emissions we cannot avoid.; ; The digital industry is responsible for more emissions than the aviation industry, so we'll ensure to adhere to low carbon software principles through social value benefits such as:; - Practise carbon-aware development - doing more intensive tasks when the electricity grid is full of renewable energy.; - Optimise and minimise our codebase to reduce the storage needed and also data transfer when the system is being used. ; - Use a digital-first approach to content - building low-carbon pages (which are also more accessible), rather than downloadable files, wherever possible.; - Design the system so that people can efficiently find what they’re looking for, to reduce data transfer.; - Eradicate unnecessary bot traffic; about 25% of internet traffic is valueless bots.; - Rid the system of any ROTN content (Redundant, Out-of-date, Trivial or No-longer-used).; - Measure the carbon footprint of the system in the development cycle.; ; Our Carbon Reduction Plan is available to view on our website: https://www.tpximpact.com/about/planet/

  Covid-19 recovery

  We recognise the need to help people in local communities get back into work after a long period of illness or where their circumstances have changed as a result of the pandemic (e.g. being made redundant during the pandemic). We’re doing this in the following ways:; ; - Active community consultation and engagement to understand needs in the local areas where we are currently working and delivering services.; - Involving local stakeholders and users in design work (e.g. design of services, systems, products or buildings), or community-led initiatives. Current project examples include: improving transport links; reducing crime; reducing homelessness, poverty and hunger; reducing loneliness; helping with English language proficiency; and helping meaningful social mixing among people with different backgrounds.; - Finding the right methods for better engagement with people and different parts of the community (including the education system) and letting the community voice inform decisions, the strategy and projects.

  Tackling economic inequality

  TPXimpact prides itself on providing decent, accessible careers and training opportunities. We strive to be an employer of choice and provide a working environment that values flexibility, inclusion and personal and professional growth. This focus on flexibility and inclusion allows us to offer decent jobs to people who have traditionally been locked out of opportunities due to location, caring responsibilities or additional needs. We have a comprehensive, multi-pronged approach to tackling employment and training opportunities:; ; These include:; - Investing in long-term talent pipelines - We are committed to kick-starting 5,000 digital careers. We intend to help change the composition of the technology sector by continuing to raise the standards of our DEI initiatives, raising awareness of issues and investing in a pipeline of diverse talent. ; - Nurturing homegrown talent - Last year, in recognition of the serious skills gap, we launched the TPXimpact Design Academy. Our scheme is open to everyone – whether or not they have a degree – and with flexibility to accommodate people living anywhere in the UK.; - Upskilling minority-owned tech businesses - Our flagship community investment programme is Future Leaders. Now in its sixth year, it is a six-month accelerator programme for underrepresented digital entrepreneurs, which offers financial support, mentoring, professional development and networking opportunities.; - Recruiting in under-served areas - TPXimpact is a flexible, remote-first employer. We operate a hub model, which means that we are able to access local talent from right across the UK.

  Equal opportunity

  TPXimpact aims for equality and diversity of opportunity in all that we do. It’s our responsibility to reflect the richly diverse communities we serve, and to create access and opportunities for people from all backgrounds. Not only do we believe that this is the right thing to do, we believe that diverse, inclusive teams are higher performing and better for business. This is why we have put in place rigorous review processes to report on our progress and performance, as a company and within our projects.; ; Social value benefits include:; - Being an inclusive employer - Once we attract diverse talent, we look after them through inclusive and flexible working packages. We have actively removed many of the barriers that prevent some talent from pursuing careers in tech. ; - Amplifying underrepresented voices - We have four Employee Resource Groups (ERGs) for women, ethnic minorities, LGBTQI and neurodiverse employees. They act as a safe space for employees with shared lived experiences and their allies to discuss issues that are material to them. ; - Recruiting diverse talent - We’re doing this through our diverse inclusive recruitment network (ADA’s List, Working mums, Talk2Dan) and implementing inclusive practices in order to attract and employ a diverse range of people.; - Inspiring more diverse talent - We’re helping to attract and inspire more diverse talent to the tech industry through our 1% community action pledge. Employees are encouraged to dedicate at least 16 hours a year to sharing their skills with young people from under-represented backgrounds in order to create more training and employment opportunities in under-served communities.

  Wellbeing

  TPXimpact is powered by its people and we know that the health and wellbeing of our employees is essential to our success. Our people spend a significant amount of their time at work and we recognise that we have a duty of care to ensure that we’re supporting their long-term health and wellbeing. We have implemented numerous measures to improve the health and wellbeing of our workforce, structuring our support around the six Mental Health at Work commitments and the additional three enhanced Thriving at Work standards.; ; Our internal focus on mental and physical health has led us to consider how we can support our customer project teams (all stakeholders including suppliers), particularly given the stress they’ve faced in public service delivery. Our senior sponsors offer individual support, regular team check-ins, and act as escalation points to customers and employees alike.; ; With the aim of improving the health and wellbeing of our team, social value benefits include:; - A structured wellness activity programme; - An employee forum to engage our workforce on important issues; - A free Employee Assistance Programme with Health Assured and Champions Health; - Mental health line manager training (10% of the workforce Mental Health First Aider trained).; - Actively support wellbeing charities and initiates through volunteering time to health/wellbeing community projects.

Pricing

• Price: £4,400 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: The Community plan of the UiPath platform is free of charge and has no time limit. There is online support only. Software is available for onsite trials, PoC's and pilots, at no charge, subject to signing an NDA.
• Link to free trial: https://www.uipath.com/product/free-trials-and-downloads

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@tpximpact.com. Tell them what format you need. It will help if you say what assistive technology you use.