Audience Engagement Platform
The Audience Engagement Platform (‘AEP’) is a versatile and easy-to-use solution for cost effective engagement with service users, clients and citizens in a secure online environment. The Audience Engagement Platform empowers quick creation and sharing of content with stakeholders and has threaded discussion, polls and survey features.
Features
- Versatile collaborative spaces for your organisation and its stakeholders
- Create and share articles, events, documents and other content
- Intuitive editor for creating content and uploading images and documents
- ‘Social-media-style’ home feed based on user role and/or interests
- Integrated notification management enables users to set their preferences
- Threaded commenting for organic discussions and audience engagement
- Poll creation and deployment to all users or targeted groups
- Powerful form and survey builder with CSV extract feature
- Engagement dashboard for easy overview of popular content and resources
Benefits
- Cost effective and efficient audience and stakeholder engagement
- Proven platform that supports a broad-range of public engagement activities
- Ideal for online engagement with service users, citizens and members
- Look and feel can be customised to your organisation’s brand
- Fully responsive - great experience across all modern devices
- Customisable user accounts, roles and permissions
- Scalable - supports large numbers of users, surveys and categories
- Survey results can be extracted to CSV for local analysis
Pricing
£7,950 a licence a year
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
3 6 7 4 2 0 7 9 9 1 0 0 1 8 4
Contact
Cyber Media Solutions Ltd.
Tony Bonser
Telephone: 01785 222350
Email: enquiries@cyber-media.co.uk
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Service constraints
- No.
- System requirements
-
- Web browser
- Internet / data connection
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Target response times are summarised as follows. Critical Priority Level: 2 hours, High Priority Level: 4 hours, Medium Priority Level: 1 day, Low Priority Level: 2 days. Support is available Monday - Friday, 9am - 5pm (excluding Bank Holidays).
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
We operate a universal support offer for all clients identified in our SLA:
Critical priority issue (system unavailable): 2 hours
High priority issue (partially unusable, significantly affecting operation): 4 hours
Medium priority issue (aspect causing difficulty): 1 day
Low priority issue (a general question): 2 days
Support is provided at a standard cost as identified in our rates card.
We have a dedicated product support team that provides professional support to clients. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- We provide high quality webinar training.
- Service documentation
- No
- End-of-contract data extraction
- We will provide data extraction at contract end.
- End-of-contract process
- We will provide a standard extract of data and arrange for secure transfer via an agreed secure method.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- The platform is fully responsive and has been designed using 'Mobile-First' methodology to ensure all key functions are available to users of smaller devices.
- Service interface
- No
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- API
- No
- Customisation available
- Yes
- Description of customisation
- The platform is tailorable to individual service need in terms of features and user account permissions. The platform can also be 'skinned' with a bespoke design tailored to your organisation's individual brand and presentation requirements.
Scaling
- Independence of resources
- We use reliable and reputable suppliers. Environments are actively monitored and resources allocated to ensure service standards are maintained. Each deployment features a separate application instance to maximise resilience and security.
Analytics
- Service usage metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- Never
- Protecting data at rest
-
- Physical access control, complying with another standard
- Encryption of all physical media
- Scale, obfuscating techniques, or data storage sharding
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- We will provide an extract on request of the client.
- Data export formats
- Other
- Data import formats
- Other
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- The in service availability has been, and is planned to be, better than 99.95% We operate a transparent SLA. In all cases the times indicated are targets and we will make best endeavours to meet or exceed these targets.ets.
- Approach to resilience
- Information available on request.
- Outage reporting
- System maintenance and upgrades are performed outside of business hours. Customers are informed of any planned service outage in advance via email. In the event of unplanned outage, customers will receive a report on the cause of the outage and its remediation.
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Username or password
- Access restrictions in management interfaces and support channels
-
The product features secure account management features that enables configuration of user permissions.
In line with our Information Security Management System, all support channel users must be pre-registered by authorised contacts in order to raise support tickets. - Access restriction testing frequency
- Never
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
- DSPT
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- We have a comprehensive approach to security governance which we manage through an Information Security Management System developed in line with ISO 27001 and Government Cyber Essentials best practice. Our Information Security Management System is annually assessed via the DSPT (Supplier reference 8HP72).
- Information security policies and processes
-
We operate an Information Security Management System developed in line with ISO 27001 best practice.
Our Information Security Policy (CM 0003 - Information Security Policy) is supplemented with detailed security policies and procedures that all staff receive training on, including:
• 0004 - Policy on Transfer and Receipt of Personal or Sensitive Information
• 0019 - Policy on Visitors to Cyber Media
• 0030 - Policy on the Use and Disclosure of Personal and Sensitive Information
• 0035 - Change Management and Control Policy
• 0038 - Internal ISMS Audit Policy
• 0041 - Access Control Policy
• 0043 - Network Access Policy
• 0044 - Password Policy
• 0045 - Acceptable Use Policy
• 0051 - Network Security Policy
• 0052 - Remote Access Policy
• 0053 - Mobile Computing Security Policy
• 0054 - Remote Working Policy
• 0057 - Policy on Written Contracts and Information Governance Responsibilities
• 0065 - Information Security Incident Management Policy
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
We maintain detailed change logs for all our components and services.
Significant change must be assessed through compilation of a testing plan with clear acceptance criteria and security impact assessment via a Change Request Form.
The individual responsible for testing must be identified and briefed regarding the testing they will need to undertake.
The asset owner obtains approval for the change, taking into account any technical considerations, the costs of the exercise, the potential benefits and security impact.
Once the change request is approved by the Team Manager, approval is recorded and logged (RECF0101). - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Our infrastructure is scanned once per month using Nessus. All new software is risk assessed in line with our software management policy. Security patches are applied within 14 days of the update being made available by a vendor. To identify potential threats the NVD and CVE databases are regularly reviewed.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- We use a multilayer approach including firewalls and Symantec Endpoint protection.
- Incident management type
- Supplier-defined controls
- Incident management approach
-
We have an information security incident management policy (0065) that defines our response.
All staff will be made aware through their contract of employment, training and by their team manager of what is considered to be an incident.
Information Security weaknesses, events and incidents will be reported immediately by staff to the ISM as soon they are seen or experienced.
The ISM will also be responsible for closing out the incident. This includes reports to external authorities.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
Cyber Media is committed to minimising adverse environmental impacts and a proactive approach to implementing measures with ongoing positive environmental benefits. All our environmental commitments are measurable and demonstrable as we operate an Environmental Management System (‘EMS’). Any non-conformities are logged, monitored and efficiently resolved. - Equal opportunity
-
Equal opportunity
As a company we are committed to equal opportunities within our recruitment process and professional development functions.
Pricing
- Price
- £7,950 a licence a year
- Discount for educational organisations
- No
- Free trial available
- No