CIRCYL LIMITED

Microsoft Power Platform Development and Consultancy

Circyl specialise in the design, development and deployment of business solutions based on the Microsoft Power Platform. We are experts in Information Management, Dynamics 365, Apps and Data and Analytics working with the latest Microsoft technologies and focussed on delivering successful outcomes, while increasing business value for our Clients.

Features

• Business Productivity
• Process Automation
• Data Analytics
• Systems Integration
• Business Platforms
• Business Intelligence
• Collaboration Tools
• Data Ingestion
• Document Management
• Data Validation

Benefits

• Data Accuracy and Visibility
• Free up users time from repetitive tasks
• Enter data once but use many times across multiple systems
• Collaboration across internal and external teams
• 360 degree visibility of all customer interactions and engagements
• Mobile access to systems and data
• Ease of use
• Security and control for documents and data
• Access anywhere with the same user experience
• Data represented in a manner to suit the audience

£4.70 to £78.10 a licence a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jason.betteridge@circyl.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

367363891949314

Contact

Jason Betteridge
07770658107
jason.betteridge@circyl.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Microsoft Office 365 and any other line of business application i.e. Sage, SAP, Salesforce, ERP, Manufacturing etc.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: There are no constraints to our services or to the software platform that our solutions are developed on.
• System requirements:
  • Microsoft 365
  • Azure
  • Dynamics
  • Power BI
  • Power Automate

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Remote Support – provided within normal office hours which is 9am to 5pm, Monday to Friday with 2 hour response time.; ; Target resolution times vary from 4 working hours to 5 working days depending on priority of incident. These range from an incident resulting in an application or system becoming completely unavailable or an Incident affecting a whole department or location with no effective work-around to an Incident that does not have a material adverse effect on any individual user or users or a ”How do I?” question
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Our Support and Maintenance service is comprised of two core elements:; ; • Guaranteed Support and Response Services – This is a fixed fee (per annum) for:; • Ongoing provision and management of helpdesk services; • Priority project resource allocation to resolve calls logged; we will use staff with relevant solution knowledge; • Support available for questions, queries and resolving issues. ‘How to use’ questions are also covered; • Quarterly service reports, detailing calls logged, resolutions and allocated time used to date. This may also include the recommendation to undertake additional paid work or purchase additional support time, based on the usage rate; • Annual Maintenance Health check (see below for further details); ; • Support Hours – This is the number of support hours allocated to the agreement per annum. In summary:; • These are the number of hours that are allocated to the agreed contract term. This time will then be used to resolve support calls logged via the helpdesk; • The time must be used within the agreed term and cannot be rolled forward to any other agreement; ; Support is charged at 20% of the solution cost.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The first stage of any project is to undertake a requirements definition workshop and readiness review to ensure that the scope of the project is fully defined and understood and that the client is in a position to manage the change that this project will invoke.; ; Following this, roles and responsibility, project dependencies, milestones and deliverables will be agreed along with a series of measurements of success so that we can ensure the project delivers against all client objectives.; ; Throughout the project delivery we will engage is knowledge transfer and training for key users and support in the development of the relevant assets to facilitate end user training an advance of go-live.; ; Given that the solution will be intuitive to use and aligned to the clients working processes, we expect user adoption to be extremely high, especially given the functionality similarities with Microsoft Office.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • Microsoft Word
  • Microsoft PowerPoint
• End-of-contract data extraction: All data will reside in the clients own Microsoft Azure Tenancy and as such is available for extract at any time. Clients are able to extract data in a format of their choice or we can assist with the migration of data to a new solution.
• End-of-contract process: At the end of the contract with Circyl, the client will still be at liberty to continue their use of the deployed Microsoft platform and continue their subscription directly with MS. Should the client no longer require the services or solution, all subscription and service costs would cease.; ; At additional costs, Circyl will support the client in any handover required to an alternative provider or solution, including the extraction or migration of any data and/or content.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: All apps are mobile responsive and provide full uncompromised functionality regardless of device. However, users may choose to customise functionality to be more related to mobile or tablet useage.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: API services can be customised to suit the user requirements or requirements for system interfaces.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Circyl solutions are based on the Microsoft 365 platform. As such clients can define their system requirements to suite the functional objectives of the project. As a low-code application platform users are also able to configure their own forms, applications, workflows and analytics.

Scaling

• Independence of resources: All project work is scheduled across our delivery teams and agreed with the client at the outset of the project. Dedicated resources are allocated to the project as dictated by the plan to ensure we meet all dependencies and deadlines. As such, this avoids conflict with other client projects.; ; Any change in requirements for the project or if clients are unable to meet their own dependencies, the schedule will be reviewed and adapted to suit. However, this may result in a delay as scheduling will be reliant on resource availability at the time.

Analytics

• Service usage metrics: Yes
• Metrics types: Service usage metrics provided through the Microsoft 365 administration portal
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data can be manually exported from the platform in a number of formats, either as an entire database or based on user defined views for specific datasets.; ; Alternatively users can take advantage Microsoft Data Export Service which is an add-on service made available as a Microsoft Dataverse solution that adds the ability to replicate Dataverse data to a Microsoft Azure SQL Database store in a customer-owned Microsoft Azure subscription. Data Export intelligently synchronizes the entire Dataverse schema and data initially and thereafter synchronizes on a continuous basis as changes occur (delta changes) in Dataverse.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Microsoft guarantees service availability of 99.9% for their Microsoft Dynamics CRM solution on which our systems are developed and provisioned. They provide a credits based refund as follows:; ; Downtime: Any period of time when end users are unable to read or write any Service data for which they have appropriate permission but this does not include non-availability of Service add-on features.; ; Monthly Uptime Percentage: The Monthly Uptime Percentage is calculated using the following formula:; ; (User Minutes -Downtime )/(User Minutes) x 100; ; where Downtime is measured in user-minutes; that is, for each month, Downtime is the sum of the length (in minutes) of each Incident that occurs during that month multiplied by the number of users impacted by that Incident.; ; Service Credit:; Monthly Uptime Percentage < 99.9% equates to a service credit of 25%; Monthly Uptime Percentage < 99% equates to a service credit of 50%; Monthly Uptime Percentage < 95% equates to a service credit of 100%
• Approach to resilience: Microsoft is driving towards having all services architected and operated in an active/active design that increases resiliency. This design means that there are always multiple instances of a service running that can respond to user requests and that they are hosted in geographically dispersed datacenters. All user traffic comes in through the Microsoft Front Door service and is automatically routed to the optimally located instance of the service and around any service failures to prevent or reduce impact to their customers.; ; Microsoft strives to limit the scope of all incidents by:; ; • Having multiple instances of each service partitioned off from each other; • Deploying updates in a controlled, graduated fashion using rings of validation so that any issues that might arise from the update can be detected and mitigated early in the deployment process. This design allows for regression of the update if needed and first occurs in a small group inside Microsoft (inner ring) before it is deployed for larger groups like all 140,000 Microsoft employees (ring 2), then for early adopter rings (ring 3) and ultimately for all customers globally (ring 4).; ; For more information see https://docs.microsoft.com/en-us/compliance/assurance/assurance-m365-service-resiliency
• Outage reporting: Microsoft provides comprehensive details of any service or system outages and any performance issues through the license holders administrative portal. This can be accessed by any authorised user of the solution and is updated in real-time.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Microsoft Azure Active Directory (Azure AD) provides a complete tool set for organizations to protect access to their resources and data—whether on-premises or in any cloud service—using strong authentication and risk-based adaptive access policies without compromising user experience.; ; Azure AD offers a robust set of identity security capabilities to help organizations secure against breaches, enforce granular access controls, and prevent identity compromise. Key capabilities include multi-factor authentication (MFA), risk-based adaptive access policies, in-session monitoring and control, AI-driven user and sign-in risk detection, and automated remediation.; ; For more information see https://www.microsoft.com/en-gb/security/business/identity-access-management
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: Information security is managed by the Microsoft and Azure platforms utilised in all of Circyl's solution provisioning. As such we comply to the standards and policies defined by Microsoft.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: System requirements are defined at the outset of a project as a result of a comprehensive requirements definition workshop. Requirements and objectives are detailed in a statement of work and specification that forms the deliverables for the project. Deliverables are tracked throughout the project to the point of UAT. Changes to the deliverables that result from UAT or project scope are registered in a change management log that aligns to a risk register to assess any impact on security, the project or the user community so that security, risk mitigation and user adoption plans can be adapted as necessary.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: Vulnerabilities are managed by the Microsoft and Azure platforms utilised in all of Circyl's solution provisioning. As such we comply to the standards and policies defined by Microsoft.; ; Threat and vulnerability management is built in, real time, and cloud powered. It's fully integrated with Microsoft endpoint security stack, the Microsoft Intelligent Security Graph, and the application analytics knowledge base.; ; Potential threats are assessed continually and patches are deployed on an ongoing basis, with feature upgrades 4 time a year.; ; For further information see https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/next-gen-threat-and-vuln-mgt?view=o365-worldwide
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Protective monitoring is managed by the Microsoft and Azure platforms utilised in all of Circyl's solution provisioning. As such we comply to the standards and policies defined by Microsoft.; ; To discover endpoint vulnerabilities and misconfiguration, threat and protective monitoring uses the same agentless built-in Defender for Endpoint sensors to reduce cumbersome network scans and IT overhead.; ; For further information see https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/next-gen-threat-and-vuln-mgt?view=o365-worldwide
• Incident management type: Supplier-defined controls
• Incident management approach: Whenever there's a security incident, Microsoft strives to respond quickly and effectively to protect Microsoft services and customer data. Microsoft employs an incident response strategy designed to investigate, contain, and remove security threats quickly and efficiently.; ; Microsoft cloud services are continuously monitored for signs of compromise. In addition to automated security monitoring and alerting, all employees receive annual training to recognize and report signs of potential security incidents. Any suspicious activity detected are escalated to Service-specific Security Response teams for investigation. All service operations teams maintain a deep on-call rotation to ensure resources are available 24x7x365.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: NHS Network (N3)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Circyl seeks excellence in every aspect of our business and is committed to sustainability and the reduction of our carbon footprint. Our policies include, but are not limited to: ; ; • Paperless office with all assets stored digitally ; • Hybrid working within shared office with hot desking to reduce our physical footprint for heating and lighting ; • Reduction in physical travel through the use of digital meetings both in the UK and Globally

  Equal opportunity

  Circyl seeks excellence in every aspect of our business and is an equal opportunities employer. This means that it is the Company's policy that there should be no discrimination against or harassment of any employee or job applicant either directly or indirectly on the grounds of: ; ; • Race, colour, nationality or national or ethnic origin ("race"); ; • Sex or marital status; ; • Disability (e.g., a long term mental or physical impairment); • Sex change status; ; • Sexual orientation; ; • Religion or philosophical belief; • Political belief; • Trade union activity; ; ; or ; ; • Age ; ; Our commitment is to: ; ; • Eliminate, as far as is reasonably possible, discrimination and harassment from the workplace; ; ; • Encourage all its employees to take an active role against all forms of discrimination and harassment; ; ; • Deter employees from participating in discriminatory behaviour or harassment; ; ; • Demonstrate to all employees that they can rely upon the Company's support in cases of discrimination or harassment at work; ; ; • Communicate this policy across the business.

  Wellbeing

  Circyl seeks excellence in every aspect of our business and to establish, promote and maintain the mental health and wellbeing of all staff through workplace practices, and encourage staff to take responsibility for their own mental health and wellbeing. ; ; Circyl believes that the mental health and wellbeing of our staff is key to organisational success and sustainability. As such, our goals are: ; ; • To build and maintain a workplace environment and culture that supports mental health and wellbeing and prevents discrimination (including bullying and harassment). ; ; • To increase employee knowledge and awareness of mental health and wellbeing issues and behaviours. ; ; • To reduce stigma around depression and anxiety in the workplace. ; ; • To facilitate employees active participation in a range of initiatives that support mental health and wellbeing.

Pricing

• Price: £4.70 to £78.10 a licence a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Full functionality limited to 30 days

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jason.betteridge@circyl.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.