Campbell Consulting

Website Design & Build

Specialists in the design and development of CMS driven websites. With over 20 years experience we have a tried and tested approach to gathering requirements, designing, prototyping and delivering websites on time and on budget. All work takes place in the UK at our Bournemouth office.

Features

• Open source and commercial CMS implementations
• Marketing and brochure sites
• Intranets and extranets
• Membership driven sites
• Ecommerce sites
• Backoffice integrations
• Legacy system support and integrations

Benefits

• Cost effective open source platforms
• Rapid development approach saves time
• 20+ years experience including Government projects
• Robust agile development process
• Solid testing and QA process
• Security by design

£350 a unit a day

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@campbellconsulting.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

444969177454305

Contact

Ian Campbell
01202 065711
hello@campbellconsulting.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: No
• System requirements: Windows Server 2008+

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 1 hour Monday to Friday 9am-5pm
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Support packages vary depending on requirements.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Training can be provided in-depth, onsite or remotely. Documentation is also provided for all aspects of the solution.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: All the data in the system can be backed up and saved to the users required location.
• End-of-contract process: At the end of contract, if the buyer is hosting the site themselves then nothing is required. All source code will be handed over. If we are hosting the site we will provide a quote to migrate this to a new provider.

Using the service

• Web browser interface: No
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: All sites are designed and developed using a Mobile First approach.
• Service interface: No
• User support accessibility: WCAG 2.1 AAA
• API: No
• Customisation available: Yes
• Description of customisation: Every solution we deliver is unique to our clients' needs. With the correct training users can do their own customisation.

Scaling

• Independence of resources: The hosting solution is scoped dependant on requirements. Usually this is a cloud based virtual server on Microsoft Azure or Amazon AWS. Each project has its own private server or multiple servers depending on the load expected. Auto scaling can be configured by request.

Analytics

• Service usage metrics: Yes
• Metrics types: Google Analytics is used by standard on all website projects.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Each CMS system allows data export via the admin interface.
• Data export formats: Other
• Other data export formats:
  • XML
  • JSON
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XML
  • JSON

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Amazon AWS servers have a Guaranteed Monthly Uptime Percentage (https://aws.amazon.com/ec2/sla/).
• Approach to resilience: Available on request
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: No
• Access restrictions in management interfaces and support channels: CMS users are controlled within the application and can have 2 factor authentication enabled as well as IP address restrictions.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials and GDPR
• Information security policies and processes: Details contained within our Information Security Policy and is available upon request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Details contained within our Change Management Policy and is available upon request.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Details contained within our Vulnerability Management Policy and is available upon request.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Details contained within our Vulnerability Management Policy and is available upon request.
• Incident management type: Supplier-defined controls
• Incident management approach: Details contained within our Support Management Policy and is available upon request.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Covid-19 recovery

  Covid-19 recovery

  Our business provides work to many people who lost their jobs due to Covid-19

Pricing

• Price: £350 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@campbellconsulting.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.