ACUBED IT SOLUTIONS LIMITED

Government Digital Services (GDS / CDDO)

Acubed.IT supports the digital transformation of key security related Government Services. We understand how digital technologies and ways of working can be harnessed to deliver improved public services. Our services include, discovery, planning, project management, service management, implementation, delivery and support of cloud/digital services and infrastructure.

Features

• Project initiation and establishment including business case development
• Infrastructure and technology architecture evaluation and selection
• User-research, service-design, prototyping, proof of concept, delivery and product management
• Apply architecture standards, principles and focusing on digital-by-default services
• Specialists across the full Digital, Data and Technology (DDaT) profession
• Rapid deployment of scalable and flexible solutions
• Compliance with specialist/technical methodologies and industry best practice
• Delivery of projects through SoW and agreed work packages
• Agile and scalable project teams – demand-based planning and forecasting
• Knowledge transfer and training workshops to customer staff

Benefits

• Flexible, cost-effective design/development projects based on GDS design principles
• Meets Government Service Manual and UK Technology Code of Practice
• Compliant with Government Digital Design Standards.
• Scalable, agile infrastructure solutions designed for growth and sustainability
• Sustainable systems and services based on user needs and benefits
• Scalable service providing rapid delivery to meet project requirements
• Central Government and wider public sector experts

£500.00 to £1,850.00 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@acubed.it. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

463362468401104

Contact

Amit Gupta
07738413142
enquiries@acubed.it

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: No constraints.
• System requirements: Access to the Gov.UK Services

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: During business hours (09.00 to 17.00) 2nd and 3rd line support is provided by our experienced delivery team who builds the product or service. They will work diligently to resolve issues in line with the Service Level Agreement which we will have agreed on upfront.
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Acubed.IT works on the understanding that 1st line support will be provided by the organisation’s internal or 3rd party Help Desk. We offer a range of 2nd and 3rd line support to meet the specific requirements of each customer. The support levels are agreed with the customer as part of the project definition. A dedicated account manager will act as a main contact point for the customer.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We discuss requirements with individual customers. Training offering includes the delivery of face-to-face training, train the trainer, provision of interactive user guides. Training levels are bespoke to the user requirements. Ongoing support can be provided.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The solution is configured to enable the customer to extract data via an export capability at the end of the contract.
• End-of-contract process: At the end of a contract period, if a client does not wish to continue with use of the service, the secure instance of the service for that client will be inaccessible. We will have worked with the client prior to this to ensure they have retrieved any required data from the platform. Once the client has retrieved any data from the platform, the instance will be deleted and the data will also be deleted (unless subject to any legal requirement to maintain data, securely archived, for any period of time).

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: It meets GDS accessibility standards.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Interface testing can be conducted as requested by the customer.
• API: Yes
• What users can and can't do using the API: APIs will be configured to meet customer requirements
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Customisation can be undertaken to meet use case and specific customer requirements.

Scaling

• Independence of resources: Service is scaled to meet demand and resilience is incorporated into the contract pricing.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics can be developed to meet customer reporting requirements.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Never
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: An export capability provided which will enable users to extract appropriate data (subject to classification).
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: Design pattern utilising the cross domain hybrid application (CDHA) framework would be implemented.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: The design pattern utilising the cross domain hybrid (CDHA) application framework is implemented.

Availability and resilience

• Guaranteed availability: Service level agreement will be discussed and agreed with the customer and reflected in the contract pricing.
• Approach to resilience: Available on request
• Outage reporting: System outages are reported via an API. Update/progress reporting will be put in place.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Permissions are managed in a controlled manner and reviewed on a regular basis.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Citation
• ISO/IEC 27001 accreditation date: 15/03/2024
• What the ISO/IEC 27001 doesn’t cover: Not applicable.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Polices are in place in line with ISO27001. Details are available on request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: A formal change process will be put in place including a Change Approval Board (CAB)
• Vulnerability management type: Undisclosed
• Vulnerability management approach: Threat assessment conducted in line with NCSC advice.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: We will work with the customer's security operation centre (SOC) to identify potential compromises and manage any related incidents.
• Incident management type: Undisclosed
• Incident management approach: We will work with the customer's security operations centre (SOC) to identify any potential compromises and manage any related incidents.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Public Services Network (PSN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Acubed.IT has made a firm committed to achieve Net Zero emissions by 2050, aligned with our carbon reduction strategy. To support this goal, we provide our employees with access to a Carbon Literacy training programme offered by the Carbon Literacy ; Project. As a Carbon Literate Organisation (CLO) we have observed a range of benefits, including reduced energy and resource consumption, an enhanced organisational profile, increased well-being and satisfaction among our staff, a healthier working ; environment, a safer supply chain, improved competitiveness, and reduced commercial risk. Our CLO accreditation serves as a testament to our organisation’s commitment to corporate social responsibility

  Covid-19 recovery

  Acubed.IT is dedicated to supporting COVID-19 recovery through increased employment and fostering development opportunities. Our national recruitment efforts aim to create opportunities in underprivileged areas and unconventional IT regions, aligning with the Levelling-up agenda. Our workforce operates under a flexible remote/hybrid model, allowing our staff a greater work-life balance. We have integrated the five foundational principles (fair pay, participation and progression, voice and autonomy) within our ; recruitment procedures and employment conditions. These practices enable us to attract good candidates from diverse backgrounds, reduce staff turnover and enhance overall productivity. Additionally, our organisation provides educational ; support to address skill gaps and help individuals attain recognised qualifications result in recognised qualifications, further contributing to their personal and professional growth. Tackling Economic Inequality. We recruit nationally to provide opportunities in disadvantaged areas and non-traditional IT regions supporting Levelling-up ; agenda. We operate a remote / hybrid model for staff flexibility.

  Tackling economic inequality

  We recruit nationally to provide opportunities in disadvantaged areas and non-traditional IT regions supporting Levelling-up ; agenda. We operate a remote / hybrid model for staff flexibility.

  Equal opportunity

  We emphasise the importance of cognitive diversity in our recruitment practices. Our active recruitment efforts span the entire United Kingdom, leveraging remote working opportunities to reach areas that may have historically had limited digital awareness. We employ a range of methods to engage with diverse talent. Salaries and promotions are based on merit, and we maintain transparency by disclosing salary ranges even within our management team. At all organisational levels, we are committed to achieving gender equality both in terms of representation and pay equity.

  Wellbeing

  Prioritising well-being and fostering an exceptional working environment is core to our approach. We promote open communication through one-to-one discussions, routine team and company meetings, as well as frequent social events. Effective communication is key to our approach, emphasising regular breaks, early finishes when necessary, and accommodating personal responsibilities like childcare. Empowering team members to have a say in decisions that impact their work and time management is fundamental. Daily team meetings provide a forum for informal catch-ups, issue sharing and support for colleagues in need. Acubed.IT is deeply committed to promoting mental health in the workplace. Our CEO endorses the Mental Health at Work ; Commitment and a dedicated “Mental Health Champion” within our leadership team emphasises its importance. Our comprehensive mental health at work plan includes initiatives such as mental health awareness training and workshops in ; which team members can explore the topic within a safe and supportive environment, while also providing guidance to colleagues by directing them to organisations offering professional support. In alignment with our commitment, Acubed.IT provides supportive measures, including flexible working hours, hybrid and ; remote working options, mental health awareness training for managers, opportunities for sharing challenging experiences, and onboarding procedures that reflect new ways of working, reducing isolation for new employees. At Acubed.IT, we prioritise ; well-being and mental health, creating an environment where our team not only excels but thrives.

Pricing

• Price: £500.00 to £1,850.00 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@acubed.it. Tell them what format you need. It will help if you say what assistive technology you use.