Skip to main content

Help us improve the Digital Marketplace - send your feedback

Civica UK Limited

Civica Embed for Policing

Civica Embed is a powerful MDM module that integrates directly into CRM systems like Microsoft Dynamics 365, providing staff with a complete view of the person ensuring the best decisions are made and best advice provided at the point of customer engagement. Civica MDM is a prerequisite

Features

  • Seamlessly manage and author master data through your CRM
  • ‘Enterprise search’ functionality across your CRM and all integrated sources
  • ‘Actively register’ customers in CRM from data in other sources
  • Enhanced deduplication capability for your CRM
  • Bi-directional integration to other data sources
  • The flexibility of cloud deployment

Benefits

  • Identify complete details of customers first time with accurate searches
  • Provide enterprise-wide real-time views of customer demographics in CRM
  • Reduce the time spent troubleshooting issues around customer data
  • Reduce call handling times and enhance customer service
  • Fulfil ‘tell-us-once’ for customers with all data available in CRM
  • Manage customer relationships more efficiently and with increased insight
  • Achieve operational efficiencies and cost savings
  • Support regulatory compliance to manage consent and fulfil SARs
  • Cleanse and rationalise data during migrations

Pricing

£1,733 to £6,473 a unit a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at g-cloud@civica.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

3 5 2 7 5 8 4 8 5 5 3 5 4 5 9

Contact

Civica UK Limited Civica UK Limited
Telephone: +44 (0) 3333 214 914
Email: g-cloud@civica.co.uk

Service scope

Software add-on or extension
Yes
What software services is the service an extension to
Civica MDM
And
MS Dyanmics
Cloud deployment model
Public cloud
Service constraints
Azure based
System requirements
  • Deploys into Azure
  • Civica MDM
  • MS Dynamics

User support

Email or online ticketing support
Email or online ticketing
Support response times
Civica undertakes to use all reasonable endeavors to respond in accordance with the following:-

• Priority 1 – Target response time one hour
• Priority 2 – Target response time four hours
• Priority 3 – Target response time four hours
• Priority 4 – Same day response
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Support levels offered are as follows:

Standard - 9am to 5pm, Monday to Friday.

Bronze - Standard support plus 3 consulting days for annual health check (or other consulting services). Additional cost: on application

Silver - Standard support extended between 8.00am to 6.00pm, Monday to Friday. Cost on application.

Gold - 24 x 7 support, for Priority One incidents, with others handled under the terms of Standard support. Additional cost subject to further agreement.

Platinum - Full 24 x 7 support for all incidents. Additional cost subject to further agreement
Support available to third parties
Yes

Onboarding and offboarding

Getting started
There are a number of stages involved in the implementation of Civica MDM, these are listed below:

[Bulk Loading] source system data, analysing & cleansing.

[Matching]. Identifies matches ranging from definite to probable to unlikely, with a score indicating the confidence of each match.

[Merging]. Creating a confidence level for matches. Matches scoring above a confidence score agreed with the customer are then merged to create a ‘golden record’.

[Keeping in-sync]. Create integrations to keep Civica MDM synchronised with the source systems. This integration would handle instances where new customers are added to a system, or when existing customer details are amended.

[Testing & Go-live]. Civica would undertake a rigorous testing phase, prior to the system being made available for User Acceptance Testing. Our Consultants will then migrate the environment to Production.

[Business as usual]. Configuration of out of the box reports for Data Stewards.

[Training & documentation (on-site)]. Civica offer a comprehensive training program for Technical System Administrators and Data Stewards.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Civica would work with customers to determine the most appropriate means of exporting data, dependent on the capabilities and integration standards offered by source systems as well as the frequency with which data is updated. Civica MDM is not prescriptive as to the format and minimum data set for any such external system data source load.
End-of-contract process
In order to ensure that a smooth and effective handover is possible at the end of the contract, a framework needs to be agreed prior to the contract commencement that provides both parties with a clear indication of the areas for which they will be responsible when the contract ceases.
To provide both parties with the necessary assurance that a successful handover can be achieved within the provisions of the contract, this framework should identify all of the main areas in which detailed arrangements need to be made in advance of the contract commencement. Should there be any areas where it is not possible to agree in advance, as some issues will be dependent on the circumstances at the time, these will need to be agreed following notification of termination.
Civica’s price contains provision for discharging these responsibilities comprehensively in the event of the expiry of the contract.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Chrome
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
None
Service interface
No
User support accessibility
WCAG 2.1 AA or EN 301 549
API
Yes
What users can and can't do using the API
Civica Master Data Management (MDM) provides both synchronous and asynchronous methods for connecting to data sources or an Enterprise Service Bus (ESB). Typically, Civica MDM is connected to an ESB through Azure Service Bus. The messaging queue technology provides guaranteed message delivery and ensures data integrity throughout the life-cycle of any data. The data governance policies that have been identified and agreed by the key data stakeholders will be modelled and configured within Civica MDM, allowing data to flow bi-directionally to and from source systems and/or an ESB. The validated data held within Civica MDM will then be published as a set of services allowing both data sources and other connected applications to leverage the data held within the Civica MDM to allow the organisational data held to truly be treated as an asset. The introduction of the MDM functionality as services, that are consumable from all aspects of the organisation, allow the implementation of Civica MDM to support a prioritised list of source systems as well as integration with external partner agencies and their data sources in the future.
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Our implementation approach is highly collaborative and based on providing training and knowledge transfer during implementation to empower customers to fully support their own environment, including self-sufficiency enabling customers to carry out their own data integrations into the Civica MDM technology in the future. This reduces total cost of ownership over time. Civica MDM is a COTS application which can be implemented and integrated rapidly. It is a standards based, flexible technology, such that additional source systems and changes to data definitions can be accommodated with limited technical effort. Full training and knowledge transfer on these tasks would be delivered during an implementation project. Civica MDM is designed to be configurable for a number of uses based on its flexible model and Civica’s approach to data integration. The product provides intuitive user-interface screens to configure the system and are aimed at the relevant user-group for that particular feature. Administrators have full control over configuration of the following: • Security, access credentials, auditing controls etc. Information Workers / Data Stewards can configure: • Matching rules, merging thresholds, report distribution etc. Developers can configure: • Civica MDM services, data adaptor, messaging infrastructure etc. All of these components can be reused.

Scaling

Independence of resources
Civica MDM is designed to be highly scalable using Azure Kubernetes and Azure Cosmos. Each Civica MDM customer can have their own instance installed on the Microsoft Azure cloud infrastructure so that there are no performance implications from additional customers subscribing to the service.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach
Data is fully encrypted at rest within Azure Cosmos database using AES 256 with either platform managed or customer managed keys.
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Civica would work with customers to determine the most appropriate means of exporting data, dependent on the capabilities and integration standards offered by source systems as well as the frequency with which data is updated. Civica MDM is not prescriptive as to the format and minimum data set for any such external system data source load.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • SQL Server
  • Oracle
  • Any supported by Azure Data Factory
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • SQL Server
  • Oracle
  • Any Supported by Azure Data Factory

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
Cloudflare is used to protect front end access.

Data is hosted within a Microsoft Azure environment and is encrypted at rest.

Azure managed identities and private end points are used within the solution.

Availability and resilience

Guaranteed availability
Civica MDM can support up to 99.99% availability depending on a customer's requirements.

For continuous operation of Civica MDM with high volume batch feeds or real-time trickle feeds.
Where there is a requirement, Civica MDM can be configured in a high availability configuration.

A single Civica MDM instance is not a single process, but a group of processes orchestrated to deliver the matching pipeline running in Azure Kubernetes.

This provides application level resilience and scalability, allowing Civica MDM to scale up and down in response to demand on the instance.
Approach to resilience
Civica utilises Microsoft Azure which provides high levels of availability and resilience and is designed from the ground up to be resilient, leveraging capabilities on Azure Kubernetes and Azure Cosmos to ensure highly resilient service,
Outage reporting
Civica MDM utilises a combination of tools within the Azure.
This includes the use of event logs and metrics and can make use of Azure Function Triggers to notify of any issues.

And the use of Civica MDM provides the capability to monitor and report on items such as batch load performance and completion, workflow execution statistics, data quality of master data and business process metrics via an HTML user interface.

Identity and authentication

User authentication needed
Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Other user authentication
Civica MDM can integrate with Microsoft EntraID in order to provide user and service authentication and authorisation. The configuration, management and revoking of user accounts is under the direct control of the IT administrators. All aspects of the solution honours strict role based access controls which can be used to restrict access to system features as well as data held within it. In addition, this can be controlled with Microsoft configuration management tools to enforce IT policy and conform to any internal network restrictions.
Access restrictions in management interfaces and support channels
Civica MDM has a built in role based authentication capability (RBAC) which can be integrated with 3rd party authentication mechanisms.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Description of management access authentication
Civica MDM can use Microsoft EntraId in order to provide user and service authentication and authorisation including Multi Factor Authentication (MFA)

The configuration, management and revoking of user accounts is under the direct control of the IT administrators. All aspects of the solution honours strict role based access controls (RBAC) which can be used to restrict access to system features as well as data held within it. In addition,

Solution uses Azure Network Security Groups for controlling network access, and internally within the solution private end points.

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
ISOQAR
ISO/IEC 27001 accreditation date
06/12/2022
What the ISO/IEC 27001 doesn’t cover
NA
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
Viking Cloud
PCI DSS accreditation date
11/08/2023
What the PCI DSS doesn’t cover
Our certification covers Civica Payments software only.
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
  • ISO 22301
  • ISO 9001
  • ISO 27001
  • ISO27701

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Cyber Essentials
ISO22301
ISO9001
ISO27001
ISO27701
Information security policies and processes
In order to provide a wide range of services to public and private sector organisations, Civica maintains an active information security programme. This programme requires regular internal and external audit inspection of both physical and logical data protection structures. The policies and procedures are aligned to ISO 27001 and Cyber Essentials certifications.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Product enhancement requests are captured by the Product Management Team and then presented to our internal Product Review Board (PRB). Once the changes have been agreed and prioritised, they are passed to Product Development to add to a subsequent release. The customer will be notified at each stage of the process and provided a release schedule. Civica implement an Agile Development approach with tasks split into manageable iterations. Prior to the start of each iteration, Civica determine what will be delivered within the development period and taken from the product roadmap.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Industry standard static and dynamic code scanning tools are utilised as part of the build pipeline to identify any known vulnerabilities in addition to annual penetration tests by in house CREST accredited penetration test team. Any issue identified are addressed with updates made.

Due to the containerised nature of Civica MDM, updates can be quickly deployed as needed to address any identified vulnerabilities.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Civica MDM logs key events to a centralised logging mechanism IT monitoring tools to identify system warnings.
Proactive monitoring takes place through Azure Portal and management tools.

Civica MDM also retains an audit trail of key user events on interactions with the user interface. This includes logging in to the system, amendments to configuration and domain models as well as actions such as search, record manipulation and record viewing. Each event is timestamped using the date, time and meta data about the origin of the event, including the user, is retained.
Incident management type
Supplier-defined controls
Incident management approach
Any potential incidents will be logged and reported initially to a line manager. Depending upon the severity of the incident, it may be escalated to the Head of Technical Services and ultimately the Chief Executive Officer. Any direct impact on a customer or their data will be communicated immediately and an appropriate remedy agreed upon.
Monthly customer reports will detail incident information.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

As a company, we’ve made an ambitious commitment to achieve Net Zero Carbon emissions by 2040 (or sooner) by supporting our customers net zero ambitions, creating software with inbuilt sustainability and reducing our own impact.

Our Carbon Reduction Plan demonstrates our ambition to become industry leaders in reducing our environmental impact in support of the UK’s Net Zero Target. Underlining this ambition, we are focusing not only on our direct emissions sources but also actively engaging with our wider supply chain to understand, measure and develop meaningful emissions reductions targets in line with our Net Zero Target.

We are accredited to the ISO14001 Standard and to support delivery of our commitment our Environment, Social Value and Governance provides clear focus for the ongoing development of our environmental policy.

• We develop innovative software-based services that reduce power requirements.
• We help customers opt for more sustainable choices, through digital platforms/apps which remove paper, support flexible/agile working, underpinned by cloud-based services employing energy efficient technology.
• We support carbon neutrality with workforces/facilities to reduce carbon consumption over 10-years.
• We prioritise the use of green energy in Civica owned facilities within the next 10 years.
• We promote recycling through our ‘Zero to Landfill’ and ‘Zero Print’ schemes.

Our commitment to continue to promote with employees and customers a much greater responsibility and leadership in eliminating unnecessary single-use plastics; we will continue to look to make more innovative and systematic changes to further reduce our use of single-use plastics across the organisation and to openly share our outcomes and learnings.

We undertake SECR Streamlined Energy and Carbon Reporting on our environmental footprint and the progress we are making to becoming Net Zero.

Our commitment to fighting climate change will help deliver the policy outcomes for fighting climate change under PPN 06/20.

Tackling economic inequality

Civica is committed to building an inclusive and diverse culture that tackles inequality in employment, skills and pay. We promote equal opportunity through all our activities and ensure rights for all employees are always protected. We are listed as a 2020 Financial Times Diversity Leader and we are a ‘Gold’ Investors in People company.

We have increased our focus and commitment to ensure we proactively implement equal and non-discriminatory treatment to all our workers. We have implemented a Diversity & Inclusion Strategy and have a Diversity and Inclusion Lead to drive the implementation of this strategy. This aims to tackle inequality in recruitment practices, team development, skills and pay through the following actions:

• We are a Living Wage accredited employer.
• We recruit locally to where services are delivered.
• We are committed to developing the skills of young people near our client’s businesses e.g., for a local authority, we have developed a programme of engagement workshops for young people with the potential for digital work experience.
• Our staff act as mentors for Youth Enterprise schemes in schools/universities.
• We are a member of the 5% club, an industry-led initiative focused on creating momentum behind the recruitment of apprentices into the UK workplace.
• Over 2.5% of our workplace is made up of apprentices or graduates and we intend to increase this to 5% by the end of 2025.
• We provide our own apprenticeship programme for managers, giving them access to training and development that may not be accessible outside the workplace.

Our commitment to building an inclusive and diverse culture will help deliver the policy outcomes for tackling economic inequality under PPN 06/20 and will dramatically improve job prospects and increase earning potential for the young and job seeking communities.

Equal opportunity

Civica is committed to providing equal opportunities and building an inclusive and diverse culture. The more diverse our workforce, the more informed the decisions we can make for our customers, supporting the communities in which we work.

We are proud to have been ranked as one of the top European companies for workforce diversity and equality, as chosen by in the Financial Times in 2020.

We are committed to building and maintaining an inclusive and supportive culture where diversity thrives:

• To ensure our recruitment practices support the attraction and hiring of diverse candidates, all vacancies are advertised on multiple Diversity & Inclusion platforms.
• We run attraction campaigns targeting females and BAME applicants. We use a process of anonymised applications, competency-based questions and scoring to remove bias. We also use decoders to ensure job advertisements use gender and culturally neutral language. We also ensure mixed panel interviewing.
• We advertise vacancies on https://disabilityjob.co.uk/ and share diversity statements on all job adverts.
• We have made training on diversity and inclusion mandatory.
• We aim to ensure increased diversity of new starters in technology/sales/leadership roles by 10% per annum over the next 3 years.
• We aim to ensure that at least 50% of shortlisted people are being considered from a diverse background for roles above £35k.
• We promote affinity groups within the company who represent a group of people linked by a common characteristic, often underrepresented, or historically excluded, which acts as a ‘safe space’ for such individuals. This identity could be related to race, gender, sexual orientation, language, nationality, physical or mental ability, socioeconomic class, family structure, religion, amongst others.

Our commitment to providing equality of opportunity will support the delivery of the policy outcomes for equal opportunity under PPN 06/20.

Wellbeing

Civica actively promotes a mentally healthy workplace and workforce integrating mental health and general wellbeing in all that we do from recruitment, appraisals to strategic management.

Through our Health and Wellbeing Policy and 40+ Mental Health Champions we encourage a flexible and realistic work/life balance. Our HWP provides a foundation to support both the mental and physical health of our staff through:

• Employee Assistance Programme and online Wellbeing Hub, which provides 24/7 access to websites, e-mail, phone and face-to-face counselling on all personal issues.
• Aviva DigiCare+ Workplace App providing external mental health consultancy.
• Mental Health Champions who support colleagues’ wellbeing in the workplace.
• RedArc Personal nurse service.
• Management Coaching - managers are trained in GROW (Goals, Reality, Options and Will) and in being Health and Wellbeing Advisors, supporting employees with mental/physical health needs.
• Health assessments/advice aimed at improving physical health.
• Cycle to Work scheme to aid physical and mental health.
• Weekly fruit drop for offices, encouraging a healthier diet.
• We provide free eye tests for all VDU users, encourage staff to take advantage of NHS flu vaccinations services, and support people wishing to use the NHS Stop Smoking Service.

We also support our customers’ and communities’ through The Civica Foundation, our home for all charity, community, volunteering and social value. Our Days of Difference initiative gives every Civica employee 3 days a year to make a difference to charitable or community causes. Our employees can use this individually, join-up as a team or take part in Civica coordinated events.

Suppliers/subcontractors are subject to Civica’s Sub-contractor Selection Process as defined in our ISO9001 QMS, which includes criteria for assessing health and wellbeing policies.

Our commitment to providing equality of opportunity supports the delivery of the policy outcomes for Wellbeing under PPN 06/20.

Pricing

Price
£1,733 to £6,473 a unit a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at g-cloud@civica.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.