Arch

Looply

Looply is used to link line-of-business systems to Microsoft Teams for notifications and decision capture.
The first system integrated to Teams is SAP. Others will follow and be listed here or on the Arch-global.com website.

Features

• Integrates Enterprise systems like SAP into Teams
• Delivers notifications and captures decisions in real time
• SAAS solution for easy implementation and support
• Supports simple and complex processes with integrated workflow

Benefits

• Higher productivity: delivering work to users in Teams
• Process transparency: everyone is kept up-to-date
• More effective communication via dynamically updated cards
• Integration potential with any client system

£1,000 to £25,000 a licence a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at henry.blythe@arch.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

419604556249931

Contact

Henry Blythe
+447968616464
henry.blythe@arch.co.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: ERP systems and Microsoft Teams
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Please refer to the Arch-global.com website for the currently supported systems.
• System requirements: Microsoft Teams

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Depending on the severity of the incident but within 2 hours for Priority 1 tickets. ; We don't offer weekend support.; Users can manage status and priority of support tickets.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide product and & consulting support via our website during UK business hours. Software product support is provided as part of the subscription cost. Clients can additionally contract with us for telephone and remote application consulting support via a call-off arrangement. We provide an account manager and technical support manager to our customers.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We offer a full service to enable on-boarding which users can customise to reflect their own needs and resource availability.; ; This includes onsite training, online training, and user documentation from the Looply support site.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Only transient data is held on Looply and no data is held solely there so at contract end there is no data to extract. ; ; Client data is deleted after the end of the contract.
• End-of-contract process: As end of contract needs differ, as do client capabilities, we work with clients to end their use of Looply efficiently. we make a reasonable charge for any consulting work required at contract end.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None, users gain benefit from the Looply service when they use Teams, either via a browser or via the Teams app itself.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The Looply service is delivered to end users via MS Teams.; ; The administration cockpit runs on AWS and supports the use standard accessibility tools.
• Accessibility standards: None or don’t know
• Description of accessibility: The Looply service is delivered to end users via MS Teams.; ; The administration cockpit runs on AWS and supports the use standard accessibility tools.
• Accessibility testing: None, but MS Teams has accessibility support built in.
• API: Yes
• What users can and can't do using the API: Users exploit the Looply API to integrate their target line-of-business system and MS Teams.
• API documentation: Yes
• API documentation formats:
  • HTML
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users can build their own Adaptive Cards, business workflows and additional communication channels like SMS and email.; ; We provide user guides, technical documentation and FAQs on the support site.

Scaling

• Independence of resources: Looply is built on AWS serverless architecture that responds dynamically and without limit to varying demands.

Analytics

• Service usage metrics: Yes
• Metrics types: Looply includes a comprehensive metering service and dashboard to analyse use.
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: User data is provided on request via the Looply website.
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: As per our Ts and Cs we will make commercially reasonable endeavours to make Looply available 24 hours a day, seven days a week, except for:; planned maintenance carried out during the agreed maintenance windows, unscheduled maintenance performed outside UK normal business hours, provided that we have used reasonable endeavours to give the customer at least six notice in advance; and any emergency maintenance as required, provided we provide prompt notice of any emergency maintenance to the Customer.; Enhanced support services may be available under separate agreement with us.; We will negotiate refunds and SLCs with customers as required.
• Approach to resilience: This information is available on request.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Access to management interfaces and support channels is restricted through role-based access control (RBAC) mechanisms. Only authorized personnel have access to these interfaces based on their specific roles and responsibilities within the organization. This ensures that only individuals with the appropriate permissions can perform administrative tasks or access sensitive information.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: 1. A risk-informed approach; assessing threats and potential impacts to prioritize our security efforts.; 2. Defined roles and responsibilities for decision-making, risk management, and incident response for transparency and effective oversight.; 3. Cyber security governance is aligned with our goals for Looply. We recognize that managing cyber risk impacts various aspects of our business, including strategy, development, and customer experience.; 4. We regularly review and monitor our cyber security efforts and review risk assessments, incident response plans, and security performance.; 5. We ensure that everyone in the company understands cyber risks and their implications via regular training and awareness programs.
• Information security policies and processes: These policies and the reporting structure are set out in our document:; ; " Arch : Information Security Policy & Security Standards Handbook"; ; Section 10 ; ; This document is available on request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Yes, Looply follows a robust change control policy and procedure to manage changes to its AWS-hosted SAAS application. This includes:; Formalized change request process through AWS services, such as AWS CloudFormation or AWS CodePipeline, ensuring documentation, impact assessment, and version control.; Classification of changes into standard changes, implemented through automated pipelines, and emergency changes, which undergo expedited review and approval by designated authorities.; Segregation of duties between personnel authorizing changes, typically product owners or project managers, and personnel implementing changes, often developers or DevOps engineers, ensuring accountability and oversight.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We conduct regular VAPT exercises to identify security weaknesses and vulnerabilities in applications. This includes both automated scanning and manual testing by skilled penetration testers.; We deploy patches within 2 working days; We derive information on potential threats from activity on the service, and suppliers (AWS and MS) alerts and notification service.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We exploit AWS protective monitoring tools for incident response.; On discovering a compromise we trigger our incident response procedure, which sets out action based on the level of exposure. ; From 3 working hours for the highest priority incidents to 5 working days for the lowest.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We do not have pre-defined processes for common events. ; Users make reports via our website. ; We distribute reports by email.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Using MS Teams allows users to travel less and thus reduce their emissions. Looply supports more use of Teams for an expanded set of use cases.

  Tackling economic inequality

  Looply and Teams allows people who do not have the income to live near centres of high economic activity to be employed productively.

  Equal opportunity

  Looply and teams enable the employment of people with diverse abilities, genders backgrounds by reducing barriers to entry in the labour market.

  Wellbeing

  Looply and Teams allow more flexible employment to support work in less stressful ways, for example flexible working that balances employment and childcare.

Pricing

• Price: £1,000 to £25,000 a licence a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Included:; 1 system integration and 10 users; Not included; Implementation services, if required.; Time limitation: 2 months.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at henry.blythe@arch.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.