JESU LIMITED

Discovery and Software development

Unlocking potential through discovery services and bespoke software development, we offer a comprehensive solution tailored to your needs. Our team delves deep to understand your goals, crafting innovative software solutions that propel your business forward. Elevate your project with our seamless integration of discovery and development expertise.

Features

• Tableau developement
• Data visualisation
• Business analysis
• Product management
• Product Ownership
• Data analysis

Benefits

• Flexible skill set match project demands
• Customisable solutions - tailored SAAS offerings
• Analytics and reporting empower clients with actionable data

£500 to £1,000 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at maria@integratedsoftware.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

417123135534193

Contact

Maria Cruz
07872010809
maria@integratedsoftware.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: We are a small software development company that offers software development services. We are flexible on skill set for tenders and we are not bound to a permanent workforce. We have the ability to help with any software, we just need to understand what the technical stack looks like and what the requirements are.
• System requirements:
  • N/A
  • N/A

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: If its within working our - response will be issued during the day ; If its outside 9-5pm the response will be issued during the next working day.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: No
• Web chat support: No
• Onsite support: No
• Support levels: Support can be provided virtually - on a teams/slack/zoom calls. ; JIRA is used as a ticketing system. Once a ticket is raised it will be investigated to understand the detail of the problem with the person that has logged the issue. Once the problem is clearly understood, support will be provided.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: With clear communication about what our IT services offers, we are able to explain how the user can benefit from being involved with our IT services. ; ; By using simple language and avoiding to much technical jargon that might be confusing to non-technical users. We are able to ensure that our services have strong user-friendly interfaces that are easy and intuitive to navigate. ; ; This could involve designing a clean simpler user interface for the users website or other IT applications with clear training provided to support with the following areas for example.; ; Onboarding Documentation; Customer Support; Training Sessions (Live online training or recorded training session); Feedback Mechanism (Like surveys, feedback forms, or direct communication with the support team. We can then use this feedback to continuously improve our IT services and address any issues that arise. ; ; In summary - we will only provide training online. There will be no face to face training offered.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The plan is to make sure of the clients preferred software tools. In the event that a tool is absent, we will make use of what we have to fill the gaps and upload evidence to the clients preferred collaboration software. However should the client use our software tools we will enable users to export their data in common formats such as CSV (for tabular data) or PDF (for documents).
• End-of-contract process: The handover process would involve a meeting with the client making sure their is a smooth transfer of knowledge, tasks, and responsibilities to help minimise disruption and maintain business continuity. The session will be recorded and will be followed up with an email with links to where all the documentation had been stored on the clients preferred collaboration software tool for example sharepoint. There would be a methodical approach to outline files and folders with names and titles and a brief description as to what was stored in these files. This will be showcased to the client on a recorded call.

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: The business model is set up to hire contractual staff to meet the needs and skill set of the tender. We are not locked into the use of a permanent workforce. Scaling up will mean us working with reputable recruitment agents where relationships have already been establish through previous contracts that have already been completed in the public sector.

Analytics

• Service usage metrics: Yes
• Metrics types: Power BI/Tableau/CSV will be used to analyse and display performance metrics patterns, trends and effectiveness of a product. Real time dashboards can be set up depending on the requirements from the client at the time.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Never
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: User will need to select the appropriate method for exporting their data based on the system's capabilities and requirements. Common export methods are included in most system a built-in tools or features for exporting data. This could include options to export data in various formats such as CSV, Excel, or PDF.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network: Other
• Other protection within supplier network: MFA - Multifactor authentication along with the recent implementation of VPN

Availability and resilience

• Guaranteed availability: Availability is Monday to Friday 09:00am to 16:00pm If we our unable to adhere to these hours it will be picked up and addressed the next working day
• Approach to resilience: Available on request
• Outage reporting: A public dashboard - a notification will be received via email to us.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Access Logging and Monitoring: Logging and monitoring access attempts to management interfaces and support channels can help detect and respond to unauthorised access in real-time. This includes tracking login attempts, changes made to system configurations, and other relevant activities like who might be currently log in. As well as ; (RBAC) Role based access control, Utilising RBAC helps to define roles with specific sets of permissions, This ensures that individuals only have access to the functionalities and data necessary for their roles.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: GDPR (General Data Protection Regulation): GDPR is a European Union regulation that governs the protection of personal data. It imposes requirements on organisations that process personal data of EU residents, including data protection principles, data subject rights, and data breach notification obligations.
• Information security policies and processes: Access Control Policy:; ; 1. Defines who has access to what systems, data, and resources.; 2. Role-based access controls (RBAC) to limit access to authorised personnel.; 3. Multi-factor authentication (MFA).; ; Security Awareness Training:; ; 1. Provide regular training to all employees on security best practices, including phishing awareness and social engineering.; 2. Ensure employees understand their roles in maintaining security and reporting any suspicious activity.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Configuration Management: ; ; A. Baseline: Baseline configuration for each service, documenting its initial state and all changes. ; ; B. Asset Inventory: Maintain an up-to-date inventory of all hardware and software assets, including licenses and dependencies. ; ; Change Management: ; ; A. Change Request Process - reviewing, and approving changes to the services. This process includes documentation requirements and risk assessment. ; ; B. Change Authorisation - stakeholders, such as project managers to review document before implementing changes. ; ; C. Change Implementation: Coordinate the approved changes, ensuring they are properly tested, documented, and communicated to relevant stakeholders. ; ; D. Change Review /Closure: UAT sign off and closure. Conduct retrospectives.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We Identify threats with regular checks for potential problems with our systems by looking at security warnings and reports.If we have an alert we use tools to search for the problems or problem in our software and systems. Figure out how bad it is and fix it quickly, focusing on fixing the most serious problems first, so we can keep our systems safe. We then make sure our software and security alerts is up-to-date by installing the latest fixes and patches preventing further problems or attacks.; By following these steps, we work to keep our systems safe from cyber threats.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We continuously monitor our systems, networks, and applications for suspicious activities and indicators of compromise.; This involves analysing logs, and system events to detect anomalies or unauthorised access attempts or potential threats.; If we detect a potential compromise, we immediately investigate the incident to determine the scope and severity of the threat. Isolating affected systems or networks to prevent further damage or unauthorised access. We then notify relevant stakeholders, including IT teams, management, and legal or regulatory authorities, as necessary.; We aim to respond to security incidents promptly, typically within minutes or hours of detection.
• Incident management type: Supplier-defined controls
• Incident management approach: Regarding pre-defined processes for common events we have step-by-step instructions for dealing with common issues like system problems or security breaches.; ; Users can report issues through our website, email, or by contacting our support team directly.; ; Once we resolve an issue, we share a report with details about what happened, and what we did to fix it, and how we'll prevent it happening in the future.; ; Our goal is to quickly address problems and keep everyone informed about what's going on in a timely manner.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Covid-19 recovery
  • Wellbeing

  Covid-19 recovery

  Skills training and employment opportunities : training programs and employment opportunities specifically targets towards those who have lost their jobs due to the pandemic. This means skills development workshops, job placements services and mentorship programs to help individuals re-enter the workforce. ; Supporting local businesses: Collaborating with other micro businesses to promote economic recovery within the community. This would involve sourcing services or partnering on initiatives to work together to achieve a common goal.

  Wellbeing

  At Integrated Software we understand the critical role technology plays in facilitating Covid-19 recovery and promoting overall wellbeing within communities. Our G-Cloud service provision is strategically designed to address these pressing societal needs, thereby delivering significant social value.; ; Wellbeing:; Promoting wellbeing is at the core of our mission. Our SaaS solutions are designed with user experience and accessibility in mind, prioritising intuitive and inclusive interfaces regardless of ability can effectively utilise our tools. By streamlining workflows and reducing administrative burdens, our services alleviate stress and improve work-life balance for public sector employees, thereby fostering a culture of wellbeing within organisations. Moreover, our platform offers features tailored to support employee mental health and wellness, such as task prioritisation tools and mindfulness resources. By nurturing a supportive and inclusive work environment, we contribute to the holistic wellbeing of public sector employees, ultimately enhancing productivity and job satisfaction.

Pricing

• Price: £500 to £1,000 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at maria@integratedsoftware.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.