Open Sky Data Systems

Gov360 OpenSky : Advisory & Consulting

Advisory and Consulting by OpenSky. For every digital transformation project, it is critical to assess organisation goals, existing digital and employee capabilities as well as the opportunities for success.  Our Enterprise process consultants, technology experts and change leaders are central to supporting and advising you on this journey.

Features

• Enterprise Process Analysis: using proven methodologies for process optimisation
• Technology Modernisation using AI powered modernisation & migration methodologies
• Technology Transformation Management through technology strategy and Architecture planning
• Process Mining: reveals how your processes actually run

Benefits

• Uncover the bottlenecks you can’t see in your business processes.
• Process optimisation to increase speed to market and drive growth
• Free your applications from legacy constraints
• Ensuring applications are agile and secure
• Solve your critical business challenges using technology as an enabler.
• Cost-effective architecture models and comprehensive technology roadmaps

£600 to £1,250 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at wflanagan@openskydata.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

363664653438998

Contact

William Flanagan
+44 203 051 2392
wflanagan@openskydata.com

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: N/A
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: Service constraints are dependent on each individual project.
• System requirements: Service constraints are dependent on each individual project.

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: OpenSky provide excellent, flexible support services for our solutions, from standalone applications to complex systems. Our standard package provides remote support services by dedicated support experts from 08:00 to 18:00 Monday to Friday, with 24/7 access to the service desk portal. We provide aggressive SLAs with response times from 30 minutes for Severity 1 tickets, to 4 working hours for Severity 4 tickets, and guaranteed resolution times from 4 working hours for Severity 1 tickets to 40 working hours for Severity 4 tickets. Non-standard packages (onsite, out of hours or on-call support services) can be tailored to your needs.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: N/A
• Web chat accessibility testing: N/A
• Onsite support: Yes, at extra cost
• Support levels: OpenSky provide excellent, flexible customer and technical support services for our solutions, from standalone applications to complex systems. Our ITIL aligned Service Desk combines expert technical personnel with expert customer service to bring the highest standard support solutions. Our standard package provides: - Level 2 and Level 3 Remote Support Services - Dedicated support service desk and cloud support experts from 08:00 to 18:00 Monday to Friday - 24/7 access to the service desk portal - Self-service Knowledge Base and FAQs facility on web portal - System Monitoring - Suite of Daily System Checks performed by start of business each day - Aggressive and guaranteed Response and Resolution times - Support Lead dedicated to your account - Face to face or video-conference meetings - Monthly Service Reports including performance against SLAs and KPIs - Facility for change requests, enhancements - Onsite Quarterly Service Review meetings Non-standard packages can be tailored to your needs, including: - Level 1 Remote Support Services - Onsite Level 1, Level 2 and Level 3 personnel - Out of hours or on-call support services
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: OpenSky provides comprehensive training and support to help users effectively start using our services. Our approach focuses on ensuring users understand the benefits of the new system and driving adoption for a successful rollout.; Training options include:; • Classroom: Hands-on, onsite training for small groups; • Webinars: Ideal for ongoing and refresher training sessions; • Self-service: Training guides, quick start tutorials, and other materials available via the support portal; • eLearning: Delivered through partners like Microsoft; We cater to different user groups:; • Core Group: Often involved in the project team, they become super-users and internal trainers; • System Administrators: Receive tailored training on system configuration and user management; • Wider Group: Role-based training delivered through dedicated onsite sessions or webinars; Our training covers both the "how" and "why" of the new system, reinforcing the benefits of working in a new way. We also provide ongoing support through our helpdesk services to ensure users can effectively utilise the service.; By offering a range of training channels and targeting different user groups, OpenSky ensures a smooth transition and successful adoption of the new system.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: When a contract for an OpenSky service ends, we ensure that users can easily extract and transition their data. We understand that all data remains the intellectual property of our clients, and we are committed to a smooth handover process.; If clients choose not to extend their contract with OpenSky, we will work closely with the incoming provider to map and transfer the data to their new platform. This ensures a seamless transition and minimizes any disruption to the client's operations.; For clients using Microsoft platforms, the process is even simpler. As part of our handover project, the incoming provider will assume control of the existing data within the Microsoft environment. This eliminates the need for complex data extraction and migration processes.; Throughout the end-of-contract phase, OpenSky's team will work diligently to support the transition, providing necessary documentation, technical assistance, and knowledge transfer to the incoming provider. Our goal is to ensure that clients retain full control over their data and can continue their operations without interruption.
• End-of-contract process: At the end of an OpenSky service contract, we work closely with clients to ensure a smooth transition and align with their overall strategy. Whether the project is being handed back to the client or to an incoming provider, we facilitate the necessary knowledge transfer through a comprehensive Hand Over to Service (HOTS) package. The HOTS package includes:; • Staff debriefs; • Status reports on outstanding issues, risks, and incomplete tasks; • Completion of all task and QA documentation; • Formal feedback on project performance and impact; • Lessons learned report; • Map of outstanding tasks for completion by the incoming/client team; • Financial close of the task; • Statement of completion; The price of the contract typically includes the agreed-upon scope of work, which is determined during the initial project scoping stage. Any changes or additional tasks outside the original scope will be mapped out and priced separately as additional days.; OpenSky's standardised approach ensures that each project is properly closed down and handed over to the client and/or support team. We aim to provide a seamless transition and ensure that clients are well-equipped to continue their operations or work with their new provider.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: OpenSky's solutions are designed to be mobile responsive, ensuring equal accessibility across both mobile and desktop browsers. The user interface adapts seamlessly to different screen sizes and resolutions, providing a consistent and intuitive experience for users on smartphones, tablets, and desktop devices. This mobile-friendly approach enables users to access, monitor, and manage automated processes on the go, without any loss of functionality or performance compared to the desktop version. OpenSky prioritizes mobile responsiveness to cater to the increasing demand for flexibility and remote access in today's fast-paced business environment.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: As an interface to OpenSky Support Services, we provide a dedicated Service Desk Web Portal that is available to customer on a 24/7 basis via standard web browser. Tickets can be logged to the service desk either by direct email to a dedicated support email address or via the web portal interface. Customers can view, track, manage and update tickets via this portal as well as accessing self service Knowledge Base and FAQ facilities.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: OpenSky conducts thorough interface testing to ensure accessibility for users of assistive technology. Our internal QA department employs a range of tools, including:; • Intent Based – Accessibility Checker; • AChecker – Accessibility Checker; • Cynthia Says; These tools help identify and resolve any accessibility issues in our service interface. By simulating the experience of users with various disabilities, we can validate that the interface is fully compatible with screen readers, keyboard navigation, and other assistive technologies. Regular testing and continuous improvement based on user feedback demonstrate our commitment to providing an inclusive and accessible service for all customers.
• API: Yes
• What users can and can't do using the API: OpenSky's services offer flexible API’s that allow users to integrate the service with their existing systems and workflows. The specific API capabilities and limitations may vary depending on the individual solution and customer requirements. However, in general:; • Users can configure and set up the service through the API, including defining workflows, data sources, and automation rules.; • API documentation will be provided to guide users through the setup process.; • Users can make changes to the service configuration, such as modifying workflows, updating data sources, and adjusting automation parameters through the API.; • API endpoints will be available for managing and updating various aspects of the service.; • Some advanced features or complex customizations may require assistance from OpenSky's support team and may not be fully accessible through the API.; • API usage limits and rate restrictions may apply to ensure fair usage and maintain service performance.; Full API documentation will be provided to customers, detailing the available endpoints, request/response formats, and any specific limitations or considerations for their unique solution.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: All customisation requirements are agreed separately with Customers in line with their requirements.

Scaling

• Independence of resources: At OpenSky, we ensure that users are not affected by the demand placed by others through advanced capacity planning and resource allocation. Our platform is built on a scalable architecture that dynamically adjusts to fluctuations in demand. By leveraging Microsoft cloud technologies and load balancing, we can efficiently distribute workloads across multiple servers, preventing any single user from monopolizing resources. Additionally, our proactive monitoring systems continuously analyse usage patterns, allowing us to optimize performance and maintain a consistent level of service for all users, regardless of the overall demand on the system.

Analytics

• Service usage metrics: Yes
• Metrics types: OpenSky provides comprehensive service metrics to measure the success of our solutions. These metrics include ROI analysis, tracking key performance indicators (KPIs) such as efficiency, error reduction, and cost savings. We monitor compliance, rework hours, and digital competency within your teams. Additionally, we assess the size and quality of the automation pipeline, audit passes/fails, and delivery time. By consistently monitoring these metrics, we ensure continuous optimisation of your initiatives, enabling you to achieve your desired business outcomes and maximise the value of your investment in our services.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: N/A
• Data export formats: Other
• Other data export formats: N/A
• Data import formats: Other
• Other data import formats: N/A

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: We guarantee a high level of availability for our services. Our SLAs ensure that our platform and services are available and performing optimally 99.9% of the time. This means that in any given month, our services will not be unavailable for more than 43 minutes. We achieve this through a robust, scalable architecture built on cloud technologies, which allows for efficient distribution of workloads and prevents any single point of failure. Our proactive monitoring systems continuously analyse performance, enabling us to identify and resolve potential issues before they impact availability. In the rare event that we do not meet our guaranteed availability, we provide service credits to our users as compensation. The amount of the service credit is determined by the length and severity of the downtime, and is applied automatically to the user's account. Furthermore, our SLAs include clear definitions of availability, maintenance windows, and exceptions. We also provide transparent reporting on our availability metrics, so users can easily verify that we are meeting our commitments. By combining high availability with strong SLAs and a commitment to transparency, we ensure that our users can rely on our services to support their critical business processes.
• Approach to resilience: Our services are built on Microsoft Azure, leveraging its cloud capabilities for high availability and resilience. Azure provides multiple datacentre regions within the UK - West and South (London).; For UK customers, OpenSky can offer the choice between hosting the primary environment in either the UK West or UK South Azure datacentres, with the other serving as the secondary backup location. This allows customers to choose the datacentre closest to them as the primary for optimal performance.; Azure's regional datacentres enable geo-redundancy and replication of data within the same geography (UK) to ensure data residency, high availability, and disaster recovery capabilities. Microsoft will not store or process customer data outside the specified UK geography without authorization.; OpenSky's resilient architecture on Azure spans multiple availability zones and regions, ensuring services remain operational even in the event of localized failures. Automatic failover mechanisms further enhance high availability.; Advanced security measures like encryption at rest and in transit protect sensitive data. Regular backups and geo-redundant storage within the UK ensure data remains accessible and recoverable.; OpenSky's proactive monitoring and well-defined incident response procedures help maintain the resilience of our services, enabling rapid issue resolution and minimal impact on customer operations.
• Outage reporting: At OpenSky, we prioritize timely and transparent outage reporting to keep our customers informed about any service disruptions. Our comprehensive reporting system leverages Azure Monitor and multiple communication channels:; ; Public Dashboard: A real-time, public-facing dashboard built using Azure Monitor displays the current status of our services.; ; API Integration: Customers can access outage information programmatically through our dedicated API, enabling integration with their monitoring systems.; ; Email Alerts: In the event of a confirmed outage, we promptly send detailed email alerts to affected customers, providing regular updates throughout the incident lifecycle.; ; Microsoft Teams Notifications: Azure Monitor can be configured to send outage notifications directly to designated Microsoft Teams channels, facilitating quick dissemination of information within collaborative workspaces.; ; By combining Azure Monitor's powerful capabilities with these communication channels, we ensure our customers have accurate and timely information about any outages affecting our services. This transparency enables informed decision-making and minimizes the impact of service disruptions on business operations.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: VPN access. 2-factor authentication. Username and Password
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: CDL Group
• ISO/IEC 27001 accreditation date: 10/12/2023
• What the ISO/IEC 27001 doesn’t cover: There is nothing out of scope for ISO 27001:2013. OpenSky Data Systems have been independently assessed and accredited to ISO 27001:2013 Information Security Management Systems, Standards and guidelines.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: At OpenSky, information security is a top priority. As a Microsoft Solutions Partner with certifications in ISO 20000:2018, ISO 9001-2005, ISO 27001-2013, and Cyber Essentials, we adhere to stringent security policies and processes.; Our comprehensive information security management system (ISMS) is based on industry best practices and standards. It includes well-defined policies covering data protection, access control, incident management, business continuity, and more. These policies are regularly reviewed and updated to ensure they remain effective in the face of evolving threats.; We follow a structured reporting hierarchy for information security matters. Our dedicated security team is responsible for overseeing the implementation and enforcement of security policies. The Security Team reports directly to the senior leadership, ensuring that security receives the highest level of attention.; To ensure compliance with our policies, we employ a combination of technical controls, regular security audits, and employee training. Access to sensitive information is strictly controlled and monitored. All employees undergo mandatory security awareness training, and we maintain a culture of shared responsibility for protecting information.; Our rigorous change management processes include security impact assessments for any changes to our systems or processes, ensuring that security remains a key consideration throughout.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We leverage the PROSCI-ADKAR® Model to guide our approach, managing change at both individual and organizational levels. All components of our services are meticulously tracked throughout their lifetime using comprehensive configuration item records.; Changes undergo a rigorous control procedure involving thorough analysis, security plan reviews, and extensive testing in non-production environments. ; Our dedicated Change Control Board carefully assesses changes and their potential security implications before granting approval. Post-implementation, we update our security testing processes to validate the changes and maintain the overall security posture.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We leverage Microsoft's robust vulnerability management process for our SaaS solutions. Microsoft continuously assesses potential threats using their global threat intelligence, ML, and human expertise. Patches are automatically deployed to the services as soon as they are available, typically within hours.; Microsoft's dedicated security teams proactively monitor various sources for potential threats, including their own telemetry, industry partnerships, and public vulnerability databases. This information is fed into their advanced security analytics systems, enabling rapid detection and response to emerging threats.; As a Microsoft partner, we benefit from their comprehensive approach to vulnerability management, ensuring our clients' data remains secure.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We leverage Microsoft's comprehensive protective monitoring processes for our SaaS solutions. Microsoft employs advanced security analytics, machine learning, and threat intelligence to continuously monitor for potential compromises. When a potential threat is identified, Microsoft's incident response team swiftly investigates and takes appropriate actions to mitigate the risk.; Microsoft's global incident response team operates 24/7, ensuring rapid response to security incidents. The team follows a well-defined incident management process that includes containment, eradication, and recovery. Incidents are typically responded to within minutes of detection, with the goal of minimizing impact and restoring services as quickly as possible.
• Incident management type: Supplier-defined controls
• Incident management approach: We leverage Microsoft's robust incident management processes, which align with the ITIL framework. Microsoft has pre-defined processes for common events, ensuring swift and effective incident resolution.; Users can report incidents through various channels, including the Azure Portal, Microsoft 365 Admin Center, or by contacting Microsoft Support directly. Upon receiving an incident report, Microsoft's global incident response team initiates a well-defined process that includes identification, containment, eradication, recovery, and lessons learned.; Detailed incident reports are available through the Service Health Dashboard and the Azure Status page, keeping users informed about the incident's status, impact, and resolution.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  OpenSky’s Advisory & Consulting Services not only drive technological and strategic improvements but also align with and promote the social value themes of the G-Cloud 14 Framework, ensuring that our contributions extend beyond economic benefits to foster broader societal improvements.; Our consulting services help organisations integrate sustainability into their strategic objectives. We advise on best practices for reducing environmental impacts through technology, such as implementing energy-efficient systems and leveraging cloud solutions that minimize physical infrastructure needs. This guidance supports our clients in contributing to climate change mitigation efforts effectively.

  Covid-19 recovery

  Throughout the Covid-19 pandemic, OpenSky provided essential strategic advice to help organisations navigate the challenges posed by rapid changes in their operating environments. Our consultancy helped ensure that adaptations to processes and IT systems were swift and effective, enabling continuity of essential services and facilitating a faster recovery.

  Tackling economic inequality

  We provide expert advice on using digital transformation to improve access to services across various socio-economic groups. Our consultancy supports the development of technologies and processes that enhance service delivery efficiencies, making it more economically feasible to extend these services to underprivileged areas, thereby addressing economic inequality.

  Equal opportunity

  OpenSky’s consultancy services emphasize the importance of diversity and inclusion within technology development and organisational policies. We help clients implement practices that ensure equal opportunities within their workforce and in the services they provide, fostering an inclusive environment for all stakeholders.

  Wellbeing

  Our advisory services include strategies for improving workplace environments and operational processes that impact employee and client wellbeing. We focus on enhancing digital ergonomics, streamlining communications, and ensuring that technology implementations improve rather than complicate the user experience, thereby promoting better mental health and job satisfaction.

Pricing

• Price: £600 to £1,250 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at wflanagan@openskydata.com. Tell them what format you need. It will help if you say what assistive technology you use.