INOVEM Limited

Kahootz Enterprise collaboration platform

Kahootz Enterprise, accredited by the UK MOD to store and share information marked up to OFFICIAL-SENSITIVE, is ideal for public sector organisations that desire the simplicity of a quick-to-deploy cloud collaboration platform together with the administrative control, security, customisation, agility and configuration capabilities that an enterprise deployment demands.


  • Unlimited secure collaboration workspaces, rich functionality, highly configurable
  • Corporate branding, customised stakeholder database and user profiling
  • Advanced site configuration and centralised system administration and governance
  • Support for workspace template creation and public web communities
  • Increased cloud storage plus document approval workflows and publishing
  • Tele-conferencing and integration with Microsoft Lync instant messaging
  • Customised site security policies, single sign-on and plug-in development
  • Access to application programming interface (API) for EDRM/CRM integration
  • Monthly pay-as-you-use ‘Active User’ concurrent licensing
  • Disaggregated billing for cost centres, departments and partner organisations


  • Enables mobile working for employees and the extended enterprise
  • Breaks down organisational silos via online agile project team working
  • Speeds up deployment of workgroups, online communities and committee workspaces
  • Streamlines service transformation, staff consultation, social collaboration and discovery
  • Exceeds statutory requirement, and government standards, for web accessibility
  • Deeper levels of service integration, management and monitoring (SIaM)
  • Active User licensing - pay only for what you consume
  • Cost savings for multi-agency partnerships arrangements, no double-counting
  • Easier to deploy than Microsoft Sharepoint - no consultancy required
  • More for less when compared with Huddle and Box Enterprise


£3.59 to £10.97 a user a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

4 3 4 4 8 2 6 4 6 4 1 9 7 6 7


INOVEM Limited Luca Leone
Telephone: 01488 648 468

Service scope

Software add-on or extension
Cloud deployment model
Public cloud
Service constraints
System requirements
  • A recent web browser
  • An email client

User support

Email or online ticketing support
Email or online ticketing
Support response times
Level Response Resolution
1 - Critical 1 hour 4 hours. A software or hardware fix will be applied if necessary.
2 - Major 1 hour 1 day. A software or hardware fix will be applied if necessary.
3 - Minor 4 hours 2 days.
4 - Problem 1 day Next release.
5 - RFI 1 day Information provided.
6 - RFE 1 day Request noted.

Support requests that are received outside the Support Hours (08:30-17:30 weekdays) are handled at the start of the following support day. Response times may vary due to circumstances out of our control.
User can manage status and priority of support tickets
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Web chat support
Onsite support
Yes, at extra cost
Support levels
1 - Critical
The website is inaccessible to all users, or a critical software function cannot be performed by all users.

2 - Major
A major area of software functionality is not working correctly for many users and there is no convenient workaround.

3 - Minor
Several users are experiencing a software bug that is causing a minor loss of service. The problem is an inconvenience.

4 - Problem
All other bugs. The inconvenience is slight, and can be tolerated.

5 - RFI
Request for information - You are requesting guidance or help with the software configuration or functionality.

6 - RFE
Request for enhancement - You are requesting a new or improved feature in our software.

Support for all the above support levels are provided at no extra cost as part of the service. On-site support is provided at our published G-Cloud consultancy day rate.
Support available to third parties

Onboarding and offboarding

Getting started
Kahootz supports all commonly used web-browsers and requires no software downloads or plug-ins, so there are no unnecessary barriers to access. enables requests for provisioning and de-provisioning. Once a request has been submitted at the service is provisioned immediately.

Kahootz is extremely easy to use and most of our clients find they can implement Kahootz with zero training.

To help your users get the most out of Kahootz, we provide a very informative online Knowledgebase. We also provide email support to every user if they need extra assistance.

At an extra cost, we also provide workspace set-up consultancy and on-site Workspace Manager classroom training. This is a 1 day course aimed at those who will be creating and configuring workspaces . It covers:
• Different types of workspaces
• Overview of the features
• Workspace layout and customisation
• Policy and workspace defaults
• Principles of good workspace management
• Help, support and guidance resources.

We can also provide an Audit review, which is a 1 day workshop to review a client's implementation of Kahootz including workspace design, custom template requirements and user adoption approach.

A costed option for System Administrator training is available.
Service documentation
Documentation formats
End-of-contract data extraction
There are simple interfaces available to users to:
• Export databases, users, document comments and questionnaire results to Microsoft Excel, XML and CSV format
• Export documents and images to a ZIP file.

A data extraction service is available on request at any time during the subscription period or for a period of up to one month after the expiry of the subscription period. All the data that the service holds for a consumer will be exported as follows:
• Structured data will be exported as XML files
• Document and image data will be exported as system files, in their original format, and referenced within the XML files.

Data exports of up to 1Gb can be supplied as a download. The cost of data extraction using our standard export tools is often nil but we may charge a fee if there is a large volume of data.

Kahootz can design and develop a data-extraction process that exports data to meet specific requirements, or to assist in the import of data into another service, subject to design and development costs. Kahootz will provide a fixed-cost quote within 2 days and subsequently start the work within 2 days of being requested.
End-of-contract process
There are no termination costs.

We will commence data removal one month after your license to use Kahootz expires or earlier upon your request.

When this happens, all the data that the service holds for a consumer will be permanently deleted. Data will be removed from the live service within 2 days of being requested but can take 1 additional month to be removed from backup services. The data removal service is free of charge.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
Full Kahootz functionality is available on mobile devices. Kahootz uses a responsive design which allows it to be re-sized and adapt to the device screen being used. This approach, favoured by GDS, avoids the need to maintain a mobile application and ensures the preservation of custom layouts created by each Workspace or Community Manager.
Service interface
User support accessibility
WCAG 2.1 AA or EN 301 549
Description of service interface
By avoiding the need for software installations, special plug-ins or 3rd party add-ons, we make sure there are no unnecessary IT obstacles to team collaboration. Kahootz is tested to work with all common web browsers and is fully responsive, automatically adapting to any screen on any platform.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
Our collaboration software is regularly tested with text-only browsers and screen readers to ensure Kahootz meets stringent international accessibility standards, including: ISO/IEC 40500 W3C Web Content Accessibility Guidelines (WCAG 2.0) Level AA and also Section 508 and BS8878.
What users can and can't do using the API
The Kahootz API is available to Kahootz Enterprise customers. It provides access to all the functionality and features that are available in the service, apart from reporting.

The API operates over a secure HTTPS connection and uses secure token-based authentication. Data is sent to and from the service using JSON.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
Kahootz Enterprise clients have the option, through consultancy services, to customise the look-and-feel of what is presented to their users, which can include:
• Branding the Kahootz service to match your own (existing) website design
• Use of your own URL/domain
• Custom user profiles and site registration pages
• Your own custom default workspace and/or database templates.

System Administrators can configure a Kahootz site with preferred system defaults and, if required, run and manage multiple Kahootz sites concurrently, each with their own configuration sets, customisations and policy settings.

Kahootz provides facilities for authorised users to develop and easily maintain content with tailored navigation. Each workspace can have its own custom layout through a user-configurable dashboard that can include social media content and workspace content.

The workspace structure is a folder-based hierarchy and, within each folder, workspace managers can decide which collaboration objects are available and who is empowered to create and modify them, or even see them.

Throughout the workspace, users can add a narrative to content using the in-built rich-text editor. This makes it extremely easy to provide guidance with pointers to relevant content, instructions as to key actions required, and helpful advice on how to make contributions.


Independence of resources
We pro-actively manage the service to monitor a large number of metrics such as server CPU, disk usage, storage, database load and network bandwidth to ensure a highly robust, reliable and responsive service.


Service usage metrics
Metrics types
Site owners have access to a real-time reporting page which displays metrics corresponding to the parameters on which the subscription in based:
• The number of users paid for and how many are being used
• The number of users, broken down by day or month
• The amount storage paid for and how much is being used
• The amount of storage used, broken down by day or month
Reporting types
Real-time dashboards


Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Users can:
• Export databases, users, document comments and questionnaire results to Microsoft Excel, XML and CSV format
• Export documents and images to a ZIP file
Data export formats
  • CSV
  • Other
Other data export formats
  • JSON
  • Zip files
  • Microsoft Excel
  • PDF
  • HTML
Data import formats
  • CSV
  • Other
Other data import formats
  • ZIP
  • Microsoft Excel
  • PDF
  • JSON

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
The service level agreement is as follows:
• The minimum availability for the service is 99.95% per month.
• The minimum performance is for the server to process 99% of page requests (excluding bulk operations and reports) within 1 second.
• The minimum availability excludes up to 6 hours per quarter annum of scheduled downtime (between 10pm and 6am on weekdays or between 7pm and 6am on weekends).

To demonstrate that we meet our SLA, we use an independent 3rd party service (Pingdom) to monitor the site and create a public record of availability.

Service credits are awarded when the service availability within any month falls below the target service level. The service credit is a percentage of that month’s service fee. For subscriptions that are not billed monthly, the service fee is treated as the pro-rata monthly fee.
Availability Service Credit
>99% and <99.5% 5%
>= 98% and < 99% 10%
>=97% and < 98% 25%
<97% 50%

To receive service credits, a site owner must up to date with their payments and submit a request to, within 30 days after the end of the month in which the service failed to meet its service level agreement.
Approach to resilience
Kahootz uses modern and purpose-built Tier 3/4 data centres. Our hosting partner provides the world-class infrastructure necessary to keep our service up and running, uninterrupted around the clock.

Data centres have at least two entirely geographically diverse network connections. Significant network capacity overhead is maintained. The cooling systems, UPS and generator backup are all at least N+1 resilient.
Traffic volume and netflow is monitored to enable an appropriate response to disruptive events such as Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks.

Further information is available on request.
Outage reporting
We use an independent 3rd party service (Pingdom) to monitor the site and create a public record of availability. It is available at:

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Privileged interfaces available to INOVEM support staff only are protected by secure passwords, specific user accounts, encryption in transit on all protocols, and access is restricted to a key set of physical locations.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
Socotec Certification International (UK) Ltd
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
The scope of our certification was determined in conjunction with CESG and includes every aspect of the operation, support, delivery and development of Kahootz, with no exclusions.
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
Kahootz is accredited to ISO27001:2013. We have a detailed set of policies and procedures that ensure our rigorous approach to security is followed consistently. Security is a board-level responsibility. We have monthly, quarterly and annual reviews involving senior management, together with an annual audit by an accredited security professional.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Kahootz has a documented change management process that meets the requirements of ISO27001. Before any change to the service, we investigate the risk, impact, security implications, testing requirements, rollout and rollback options. Major changes must be reviewed and approved by senior management before they can proceed.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Potential threats are documented and tracked through to resolution using our ISO27001 "Incident and Weakness" procedures.

Security related issues are automatically given our highest priority classification and if a patch is required, we aim to deploy a mitigation within 1 hour and a resolution within 24 hours.

Information about threats is gathered from sources such as security bulletins and product vendors.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Operating system logs, network activity, disk use and application audit logs are carefully monitored to identify unusual events or unusual levels of activity. Any issues are treated as a priority 1 issue and investigated fully.
Incident management type
Supplier-defined controls
Incident management approach
Kahootz has a documented procedure for reporting, investigating and analysing security incidents and weaknesses. Each incident is assigned an owner who has responsibility to manage the initial actions required to deal with the incident and corrective actions to prevent it from happening again.

We undertake a regular review of incidents to identify opportunities for improvement.

Users report incidents through the Kahootz support desk. If an incident report is required, it is provided by email to Site Owners.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks

Social Value

Fighting climate change

Fighting climate change

As a cloud-based collaboration software platform, Kahootz enables organisations to connect and teamwork with external agencies, suppliers and key stakeholders without needing to physically meet. This both minimises the carbon footprint and provides substantial savings on time and travel costs.
Covid-19 recovery

Covid-19 recovery

Kahootz is currently used by the Cabinet Office, Department of Health & Social Care, NHS England & NHS Improvement and UK Health Security Agency to support collaborations around COVID-19. During the pandemic, INOVEM Ltd provided extra assistance and discount offers to assist public and private sector companies to deal with the pandemic.
Tackling economic inequality

Tackling economic inequality

Kahootz is specifically used by organisations, such as the UK Ministry of Defence, to create a more inclusive and diverse supply chain of SMEs and local entrepreneurs. Delivered at a lower cost than traditional Defence IT solutions, Kahootz is directly responsible for disrupting the status quo and creating new opportunities for collaboration and increased productivity between the public and private sector organisations.
Equal opportunity

Equal opportunity

All INOVEM Ltd cloud software services are tested against WAI-AA standards to ensure accessibility for users with disability issues.


£3.59 to £10.97 a user a month
Discount for educational organisations
Free trial available
Description of free trial
» Free for 30 days
» Unrestricted access to all features
» Access to online Kahootz Knowledgebase
» Access to sample workspace templates
» Full customer support
» 25 users, 2Gb storage, unlimited workspaces — (contact us if you want to try with more!)
Link to free trial

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.