Docuflow Ltd

Document Management, Content Management, Workflow, Data Capture, Portals, eOnboarding

infoRouter document and content management software is long established and is deployed globally with over 400,000 users it is easy to use with a collaborative document portal which connects information to individuals whether they work in words, pictures, audio, or video, infoRouter can manage any type of document or file.

Features

• Low Cost of Ownership
• Web based remote access
• Easy to Use and Maintain
• Instant Deployment
• Intranet Out-of-the-Box
• Web services API - Open Architecture
• Standards-based Technology
• LDAP integration
• Document Format independent
• Meta Data Services

Benefits

• Notifications and Reporting
• Version Control
• Integrates with Microsoft Office
• Works with documents, video, sound plus others
• Link to 3rd party solutions
• Look and user experience can easily changed
• Publish folders to share content
• Security and Access rights
• Automate manual processes
• Workflow and Approvals

£25.00 a licence a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@docuflow.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

388353988900760

Contact

Chris Rowlands
0333 577 4900
info@docuflow.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: InfoRouter will link to most 3rd party ERP , Finance Systems and applications a lot of organisations implement infoRouter to get further value from systems already in place.
• Cloud deployment model: Public cloud
• Service constraints: If there is planned maintenance you are informed we would discuss prior to going live any issues that highlighted but essentially infoRouter is an "out of the box" solution which as long as you go on-line you are able to access.
• System requirements:
  • https://support.inforouter.com/documentation/v80/inforouter-system-requirements.aspx
  • Intel Xeon or better
  • 16 GB RAM (32 GB in high traffic environments)
  • 500 MB Application disk space
  • Virtual server environments are supported
  • SQL or Oracle Database
  • Physical or Virtual PC/Server
  • MS Web Server IIS7 or above

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Monday to Friday 9 - 5 normally within one hour
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: We tend to provide support via a product called team viewer if remote support is required, https://www.teamviewer.com/en/trust-center/security/ , this provide live chat, screen sharing, screen control as an option.
• Web chat accessibility testing: We regularly use Teamviewer to support clients if problems can not be resolved on the phone.
• Onsite support: Yes, at extra cost
• Support levels: Telephone support is provided as part of the service, if application or development support is required this is charged dependent on work required
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: InfoRouter is a very intuitive product some customers just use the on-line training tools, there is a telephone help-desk and on-line training available via team viewer, we also provide chargeable training packs which are bespoke to the end user these can be a couple of hours or a couple of days depending on the requirement we would discuss at implementation the best option, essentially the training is bespoke and can be provided exactly to customer requirements
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: InfoRouter and InfoForms includes a data import /export module.
• End-of-contract process: There are no costs at the end of the contract, unless you require us to do any exporting of data.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: All features are accessible we recommend a tablet sized screen.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: Access to core infoRouter functionality pro-grammatically is provided via the included Web Services API. infoRouter exposes a series of Web Service Calls allowing a subset of functionality to be driven pro-grammatically from any language that can interface with a Microsoft .net Web service as exposed by infoRouter. The API is free to use and documented is available. In addition there is a simple MS visual studio project available to demonstrate a basic integration. Individual Service Calls information and a test facility are available directly from the infoRouter server.; Currently there are 185 Web Service calls available, and this number is growing steadily. They provide access to a number of core features and functions of infoRouter, such as metadata search, and result retrieval, document upload, and download (including multiple files as a zip), plus library, folder, and user creation.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Yes, buyers can customise the Service if they have the correct credentials/authorisation. The correct credentials/authorisation is given to the users by the designated Sysadmin User. ; ; For instance the look and feel of the log on portal page can be changed, user views can be changed, types of documents to be viewed can be changed, workflows can be changed etc; ; With suitable access rights, users can customise the front end portal and their own folder structure, and also screen views can be customised. The authors can customise screens to customers’ requirements.

Scaling

• Independence of resources: If required you can have your instance of administrator license alternative if this not required we can manage on your behalf.

Analytics

• Service usage metrics: Yes
• Metrics types: Audit trials are provided that provide various statistics such as user access to files, types of files accessed, etc
• Reporting types: Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Extra Resources Ltd

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: Less than once a year
• Penetration testing approach: In-house
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: InfoRouter includes a data import /export module.
• Data export formats:
  • CSV
  • Other
• Data import formats:
  • CSV
  • Other
• Other data import formats: XML

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Secura’s hosted platform is Highly Available by design, they operate an N+N infrastructure so hardware is protected from outages by multiple power feeds and power supplies. They also own and manage a resilient dark-fibre ring network with dual vendor supply that spans our Data Centres. The platform is virtualised using VMware’s hypervisor technology and all VMs hosted on the platform are protected by VMware’s native High Availability which guarantees a maximum of 120s VM failover to a working host in the event of hardware failure. Along-side this Secura publish a Standard Availability VPC SLA of 99.99% per VM and customers are reimbursed (financially) in the event that services fall below this level. ; ; For refunds the Service Credits accrued in any Month shall not in any event; exceed fifty per cent (50%) of the Total Monthly Service Charges; (“Service Credit Cap”). please see below link for a more detailed explanation of refunds and SLA's these are duplicated into our contracts. ; ; SLA & Refunds https://secura.cloud/master-services-agreement; ; PDF Download - ; file:///C:/Users/Chris%20Rowlands/Downloads/Blank%20Managed%20Services%20Schedule%20(1).pdf; ; Please see below document we use Secura as our cloud partner.; ; file:///C:/Users/Chris%20Rowlands/Downloads/Data%20Centre%20Overview%20Document.pdf
• Approach to resilience: The site is situated away from the road in a secure location and environment, with no point of failure and fully accredited for security and against failure. ; ; please see link more information can be provided or data centre visit can be arranged. ; ; file:///C:/Users/Chris%20Rowlands/Downloads/Data%20Centre%20Overview%20Document.pdf
• Outage reporting: Incidents including outages are communicated via http://www.securastatus.com/ this is updated. In the event of outages or network failure, along with the status page, emails are sent out via a Service Desk portal to all customers affected, explaining the issue and estimated resolution time – regular updates are sent out via the service desk to keep customers updated on progress.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Different users and groups have different levels of access and administration, which when they log in under their user name is automatically enforced.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus ISOQAR
• ISO/IEC 27001 accreditation date: 12/10/2017
• What the ISO/IEC 27001 doesn’t cover: Processes not involved with hosting and manged services.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Nettitude Ltd
• PCI DSS accreditation date: 16/04/19
• What the PCI DSS doesn’t cover: Requirement 1 – Not Tested; Requirement 2 – Not Tested; Requirement 3 – Not Tested; Requirement 4 – Not Tested; Requirement 5 – Not Tested; Requirement 6 – Not Tested; Requirement 7 – Not Tested; Requirement 8 – Not Tested; Requirement 9 – Partial Tested. 9.5 and 9.9 Not Tested as ‘Entity provides physical environmental security’; Requirement 10 – Partial Tested. 10.1, 10.7 and 10.9 Not Tested as ‘Entity provides physical environmental security’; Requirement 11 – Not Tested; Requirement 12 – Partial Tested. 12.3 Not Tested as ‘Entity provides physical environmental security’. 12.11 Not Applicable as ‘Entity provides physical environmental security’; Appendix A1 – Not Applicable; Appendix A2 – Not Applicable
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: The objective of Information Security is to ensure business continuity and minimise business damage by preventing and minimising the impact of security incidents. In particular, information assets must be protected in order to ensure: 1. Confidentiality i.e. protection against unauthorised disclosure 2. Integrity i.e. protection against unauthorised or accidental modification 3. Availability as and when required in pursuance of the Organisation’s business objectives. To ensure that this objective is met the Organisation has implemented an Information Security Management System within which it has set a number of objectives which can be used to demonstrate Continual Improvement of this System.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Components consist of the Operating system, The Database and Web application.; ; Manual updates as and when required would be instigated.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Pen tests are run on a regular typically 4 times a year, and any threats that are detected are then dealt with immediately with the appropriate patch being released. An external consultancy is utilised for testing.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Once we are made aware of potential compromises, the authors of the software have procedures in place to facilitate the fixing of the issues.
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents are submitted to a central area where they are analysed and acted upon, all incidents are escalated as a process to the support and service so the most appropriate can be actioned.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  In response to the urgent need to combat climate change, our commitment is unwavering. We pledge to integrate sustainable practices across all operations, prioritise the reduction of carbon emissions, and foster innovative solutions for a greener future. Our strategy aligns with the government's environmental objectives, ensuring our contribution towards achieving net-zero targets and enhancing biodiversity. By embracing renewable energy, promoting resource efficiency, and supporting community engagement, we aim to set a benchmark for environmental stewardship within our industry and beyond.

  Covid-19 recovery

  In the wake of Covid-19, our focus shifts towards recovery and resilience. We are dedicated to implementing comprehensive health and safety measures, ensuring the well-being of our employees and the community. Our strategy includes supporting mental health, fostering economic stability, and adapting operations for ongoing protection against the virus. By aligning with government guidelines and leveraging innovative technologies, we aim to not only recover but emerge stronger, more agile, and prepared for future challenges. Our commitment is to a recovery that is inclusive, sustainable, and reflective of our collective journey through these unprecedented times

  Tackling economic inequality

  Addressing economic inequality stands at the core of our mission. We are committed to creating opportunities that promote inclusivity and diversity within our workforce and the communities we serve. By implementing fair wage practices, supporting skill development, and enhancing access to education and training, we aim to bridge the gap in economic disparities. Partnering with local organisations and aligning with government initiatives, our efforts are dedicated to fostering a more equitable economic landscape. Through innovation and collaboration, we believe in driving meaningful change, ensuring prosperity is accessible to all, irrespective of background or circumstance

  Equal opportunity

  Committed to championing equal opportunity, we pledge to cultivate an environment where diversity is celebrated, and inclusivity is the norm. By rigorously implementing non-discriminatory hiring practices and promoting a culture of respect and understanding, we aim to ensure that all individuals, regardless of gender, race, religion, or sexual orientation, have equal access to opportunities within our organisation. We actively support professional development for underrepresented groups, ensuring barriers to advancement are dismantled. In partnership with stakeholders and aligning with government guidelines, our goal is to lead by example, demonstrating the value and strength found in diversity.

  Wellbeing

  Prioritising well-being is fundamental to our ethos. We are dedicated to nurturing a supportive and healthy environment for our employees, stakeholders, and the communities we operate in. Our approach encompasses mental, physical, and emotional health initiatives, including access to wellness programs, flexible working arrangements, and a strong support network. By embedding well-being into our strategic planning and daily operations, we aim to enhance productivity, foster a positive workplace culture, and support a balanced lifestyle. Collaborating closely with experts and adhering to best practices, we are committed to leading the way in corporate well-being, ensuring our collective health and happiness are at the forefront of what we do.

Pricing

• Price: £25.00 a licence a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We provide a full working trial licences with instruction of how to use; Development work is not including , normally it is for 14 days but can be extended.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@docuflow.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.