Astech

CMIS Committee Management & Paperless Meetings

CMIS is a web based, governance & meeting management software that is designed to assist and facilitate the committee and decisions management within your organisation. The software also facilitates paperless meetings, report/workflow management, corporate meeting calendar, members profile-pages and forward plans as well as a host of governance related functions.

Features

• 3rd Party integration;Webcasting,social networking and RSS/XML web services
• Production for all meeting/decision/committee management publications
• E-petitions,Web library,Consultations,Outside Bodies,Election results
• Members website; register of interests/declarations of interests
• Fully integrated app to facilitate paperless meetings,with in-app voting
• Workflows, report management and forward plans
• Call-in/digests, Calendar and Diary integration
• Notifications facilities,action tracking,subscription to updates
• Robust security attributes applied at document,folder and library level
• Multiple board and committee setup and management

Benefits

• Full audit and visibility of your governance processes
• Complete web based application – No software installation required
• Paperless app reduces paper consumption and administration costs.
• Accessibility compliant seamless website integration
• Robust security attributes applied to documents/publications
• Continual development of new features to meet legislative requirements
• Security at the highest standard - ISO 27001
• Reduce errors and delays through automating manual processes
• Enhance the speed/accuracy of internal/external publications
• Public engagement- open and transparent decision making process

£7,000.00 to £10,000 a licence a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at MGregory@astech.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

339186585777866

Contact

Matt Gregory
01608 665588
MGregory@astech.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No - Not applicable
• System requirements:
  • Relevant up to date browser
  • No software installation
  • CMIS works from any modern day browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Astech operate a dedicated helpdesk that operates normal working hours Monday to Friday and out of hours support; • Category 1: Major - Critical: 2 hours by phone, planned approach to resolution confirmed in email within 4 hours.; • Category 2: Major - Significant impact: 2 hours by phone, planned approach to resolution confirmed in email within 8 hours.; • Category 3: Minor - Limited impact: 5 working days.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support via phone or email in line with our Support Service Level Agreement.; Dedicated Account Manager.; Online help system and customer forum also available.; Trainer support available remotely and on site in line with our Support Service Level Agreement
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: A comprehensive implementation and training service is provided with onsite/online initial training and configuration. Access to full online training and documentation. Full helpdesk support to help and guide users in software functionality
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Standard data formats can be provided, including XML and CSV
• End-of-contract process: We supply customer's data included in the format already held by the system. Any additional work to support offloading would be chargeable at our standard rates.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The browser-based solution is designed to be responsive to the user interface. ; The app is downloaded to the mobile device and focusses on a separate functional area.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Websites (Internal / Public); Desktop Admin Client (Windows); Tablet Apps (iOS/Windows/Android).
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We use a number of testing tools which include, siteimprove and WAVE to ensure compliance is met.
• API: Yes
• What users can and can't do using the API: Users can pull selected data out of our system using our API.; ; Allows access to underlying data sets for repurposing by 3rd party developers.; ; Used to provide integration with 3rd party applications such as video-conferencing.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The application has a customisable 'look and feel' to compliment the buyer's own corporate branding.; Report templates can be designed by the buyers. Workflows and configuration can be carried out by the supplier or a technical user with supplier support.The system is hugely configurable, from website branding, agenda / minute / decision sheet / plan templates, to system parameters. Customisable elements are a mix between our support service and users being able to undertake the changes.

Scaling

• Independence of resources: We utilise load balanced servers within our hosting environments.

Analytics

• Service usage metrics: Yes
• Metrics types: Basic public webpage usage is recorded by the system. The system also provides a vast amount of reporting functionality for example, but not exhaustive, management reports/ comprehensive set of reports/ real time dashboards
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Reporting data can be exported using our Extracts feature within the system.
• Data export formats:
  • CSV
  • Other
• Other data export formats: Excel
• Data import formats:
  • CSV
  • Other
• Other data import formats: Excel

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.95% uptime within specified Service Hours.
• Approach to resilience: Fully N+1 resilient infrastructure to eliminate any single point of failure.
• Outage reporting: Via our customer facing forum (which can also trigger email alerts).

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Username or password
  • Other
• Other user authentication: ADFS / IP restrictions; Single sign-on (SAML 2.)
• Access restrictions in management interfaces and support channels: Access is restricted by system administrators. Limited access roles granted.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Username or password
  • Other
• Description of management access authentication: ADFS / IP restriction.; Single sign-on (SAML 2.)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Amtivo Group Limited trading as British Assessment Bureau
• ISO/IEC 27001 accreditation date: 06/05/2022
• What the ISO/IEC 27001 doesn’t cover: .N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: Cyber Essentials

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials
• Information security policies and processes: Fully ISO 27001 accredited, with mandatory training and dedicated Information Security specialists in-house to monitor adherence.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Azure Devops is used to control the change management process. All changes are tested on an independent test platform prior to release.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Internal policies standards
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Available on request.
• Incident management type: Supplier-defined controls
• Incident management approach: Use of wiki for common events. Freshdesk helpdesk system for logging and reporting of incidents. Users can report incidents via email/ phone/ Freshdesk portal.; ; The Service Desk manages end user Service Requests, Incidents and Requests for Change (RFCs) which can be logged by e-mail, telephone and web portal.; ; Monthly customer reports will detail incident information.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

  Covid-19 recovery

  Astech understands the challenges technology buyers face in a post-COVID landscape. The pandemic highlighted the need for flexible, adaptable solutions that ensure business continuity even amidst disruptions. That's where CMIS comes in. CMIS is a powerful web-based solution designed to transform your organisation's agility and resilience. Here's how CMIS empowers you and supports COVID-19 recovery:; • Remote Work Without Compromise: CMIS eliminates geographical limitations. Accessible from any location with an internet connection, CMIS empowers your team to work seamlessly, regardless of physical location. This fosters business continuity even during unforeseen circumstances like COVID-19 lockdowns.; • Improved Collaboration in a Distributed Workforce: CMIS facilitates effortless collaboration across teams and departments. Real-time access to critical information and streamlined document management ensure everyone stays on the same page, regardless of location.; • Enhanced Business Continuity: CMIS safeguards business continuity by ensuring critical data and documents are readily accessible, even during disruptions. This minimizes downtime and keeps your operations running smoothly.

  Equal opportunity

  At Astech, we believe in fostering a diverse and inclusive work environment where everyone feels valued, respected, and empowered to reach their full potential. We recognise the importance of equal opportunities in achieving excellence and driving success in the technology sector. We do this by:; • Maintaining Diversity Focus: We actively promote diversity in our recruitment process, attracting candidates from a variety of backgrounds, experiences, and abilities. We leverage diverse recruitment platforms and utilise unbiased interview panels to ensure a fair selection process.; • Focusing on Skills and Qualifications: Our interview and selection processes focus on a candidate's skills, qualifications, and cultural fit for the role, eliminating any potential bias based on factors like race, gender, sexual orientation, age, or disability.; • Operating an Inclusive Environment: We cultivate a work environment that celebrates diversity and promotes mutual respect. We provide unconscious bias training to our team members and foster open communication channels to address any potential concerns regarding discrimination.; • Providing Equal Access to Opportunities: We ensure equal access to professional development opportunities, training programmes, and career advancement paths for all team members, regardless of background.; • Driving Accessibility: We are committed to creating a physically accessible workplace and actively explore ways to make our services accessible to wider cohorts, including those with disabilities.; • Maintaining Compliance with Regulations: We adhere to all relevant equal opportunities legislation and regulations within the country we operate in, including the Equality Act 2010.; • Promoting Diversity in the Tech Sector: We actively participate in industry events and initiatives focused on promoting diversity and inclusion within the technology sector.

  Wellbeing

  At Astech, we understand the undeniable link between employee wellbeing and business success. That's why we prioritise creating a work environment that cultivates a healthy and motivated team. We do this by:; • Promoting Flexible Work Arrangements: We offer flexible working options, including remote work opportunities, to promote a healthy work-life balance. This allows employees to manage personal commitments without sacrificing professional pursuits.; • Compressed Workweeks: Astech explores compressed workweek models for eligible teams, allowing for more dedicated personal time without compromising productivity.; • Offering Generous Time Off: We recognise the importance of disconnecting and recharging. We offer competitive vacation packages and encourage employees to utilise them fully.; • Promoting Health and Wellness Programmes: We actively promote healthy practices through on-site fitness programmes, gym memberships, and health insurance options. We also encourage participation in wellness challenges and provide resources on healthy living.; • Driving Mental Health Initiatives: We prioritise mental wellbeing by offering access to confidential counselling services and promoting open communication about mental health. This helps create a supportive environment where employees feel comfortable seeking help when needed.; • Provide Ergonomic Workstations: We invest in ergonomic furniture and equipment to promote physical comfort and prevent injuries.; • Promoting Learning and Development Opportunities: Astech provides ongoing training and development opportunities to help employees expand their skillsets and advance their careers. This fosters a sense of growth and purpose within the team, as well as acknowledging and rewarding employee achievements to drive a culture of appreciation and celebrate individual contributions.

Pricing

• Price: £7,000.00 to £10,000 a licence a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at MGregory@astech.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.