Bensasson & Chalmers Ltd

LAMP Management Information Software

Designed to analyse Project and Cost Centre income and expenditure for organisation management, tracking changes over time. LAMP provides a flexible solution for: Business Management; Time Recording & Expenses; Job Costing/ Project Costing and monitoring; Job Charging/Project Charging, Billing and Invoicing; Job Budgeting/Project Budgeting and Resource Planning; LAMP BI analysis.

Features

• Designed to faciliate and track business & organisational changes
• Extensive Project and Cost Centre options for costing and charging
• Flexible local setup and adminstration using non-technical facilities
• Integrated and customisable end user modules for ease of use
• Flexible configuration with extensive security access permissions
• Analyses data for both project management and organsational performance
• In built export facilities
• System processing for Charging and Invoicing, credit notes.
• Graphical reports for all levels of management reporting
• Utilises MS SQL Server as database ensuring wide acceptance

Benefits

• Flexible local configuration facilitates evolvement of business models and operations
• Multiple integrated functions faciliates the enter once/use many approach
• Multiple functions, fully integrated, facilitates ease of reporting
• Flexible organisational setup facilitates the audited changes in hierarchy structures
• Wide variety of key project data faciliates BI analysis
• Easy consolidation of project data for top level management viewpoint
• Integrated tracking for past data faciliates a trend analysis approach
• Maintenance of historic data faciliates operational and organisational analysis
• MS SQL Server provides wide acceptance for tools and links
• Integrated database for reporting at ALL levels (Operational/Management)

£22.00 to £35.00 a user a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at benc@invigilatis.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

464032467716109

Contact

Ray Milton
01223420048
benc@invigilatis.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Private cloud
  • Hybrid cloud
• Service constraints: Occasional (and minimised) suspension of hosted services to allow for routine OS updates (Planned Maintenance). These are at the discretion of the customer and are typically performed at times of lowest user interaction.
• System requirements:
  • Browser connection
  • For internally hosted systems, MS SQL Server is required
  • For internally hosted systems, hardware must be appropriately sized (users)
  • For internally hosted systems, hardware must be appropriately sized (data)
  • Allowable browsers are MS Edge, IE11, Chrome, Firefox
  • BI based on MS SQL & Power BI
  • Some client server operations require Windows 10+

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: WE provide a 24/7 web-site for reporting of problems, advice and dissemination of information. A helpdesk is provided between 9-5 Mon-Fri
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: All support is provided within the service charges, with the exception of on-site support - for which we will levy a site attendance charge at our normal daily rates.; ; A technical account manager is identified and provided at no extra cost
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Bensasson & Chalmers provides a flexible regime for training - this is typically done on-site (preferably, or at our offices if required) on the basis of 'train the trainer', i.e. we train the core staff and 'champions of the system'. Extra courses for end users can be provided at extra charge (at the standard daily rate). Additionally, training documentation can be downloaded from the 24/7 web support site.; LAMP is comprehensively documented with a guide for core staff - this can be used as a source for end user crib notes/FAQs/How to's. We also provide short video course assists for selected activities
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • MS Word
  • MP4 for video files
• End-of-contract data extraction: Please note that LAMP employs MS SQL Server as the database environment.; Bensasson & Chalmers, as part of its contractual exit strategy undertakes to provide a database backup in the MS SQL recognised format (Currently we employ SQL Server 2019).
• End-of-contract process: Bensasson & Chalmers as part of its contractual exit strategy undertakes to provide a database backup to the customer in the MS SQL recognised format within two weeks of the termination date. (Currently SQL Server 2019). On exit the access to the customer database is immediately limited to system administrator server rights only - the database ceases to be in an operational state. The customer's data on our servers is destroyed within 3 to 4 weeks of contract termination (the 'stand by period' is the first two weeks) unless other wise requested. If the customer requires additional data access after termination (but not for operational or data maintenance use, i.e. purely for data extraction purposes) then this is possible at extra cost (at the prevailing normal service cost) and notification of this requirement must be logged with Bensasson & Chalmers within the two week standby period. If assistance is required from Bensasson & Chalmers' staff then this will be charged at the prevailing daily rate. If the system is installed on an internal server then the customer will undertake to remove the programs within the standby period.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: LAMP deploys a standard menu driven interface throughout all its usable options (Client server screens and multiple web forms for input/out operations).
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: WAVE accessibility tools have been used to assess and revise our software.
• API: No
• Customisation available: Yes
• Description of customisation: Operational modules can be configured by the core users/System Admin using non-technical in-built tools. Functions can be transferred between modules as required.; ; Customisation tools are accessible by authorised users - these are defined by the customer.; Customisation is possible for:; 1) System user roles (who can do what in the system, via menu and module permissions) by local administration of user classes; 2) System user view (what data levels a user can see, via access security permissions by local administration of user classes; 3) Customisation is possible by the local system administrators using non-technical configuration controls; 4) Module and function deployment is customisable by user access permissions; 5) In addition to local administration, the system is customisable (i.e. suppression of fields and functions from a common set of provision) during initial setup by Bensasson & Chalmers employing a user specification

Scaling

• Independence of resources: With an internally hosted system, hardware scaling on the servers should for allow for traffic increases. On an internally hosted system this is the customers responsibility.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Other
• Other data at rest protection approach: Data is stored in a secure data centre, with access control, physical security, locked cabinet and 24 hour CCTV.; ; Physical security with secure data centre buildings and environment. Infeasibility of unauthorised access to databases, as access is by secure logon procedures.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: With an externally hosted system, then export tools within the application can be employed. 'Export to Excel' is typically provided within the application via the combined Report Generator/export tool. A dedicated export to Excel is also available from many screens. In addition Bensasson & Chalmers can provide dedicated data export formats as part of the customisation/setup process (this service is charged at the prevailing daily rate. On an internally hosted service the customer can additionally employ database management tools that can be linked to its MS SQL environment.
• Data export formats:
  • CSV
  • Other
• Other data export formats: MS Excel
• Data import formats:
  • CSV
  • Other
• Other data import formats: MS Excel

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: With an internally hosted arrangement then the customer is responsible for service availability. With an externally hosted arrangement via Bensasson & Chalmers, we guarantee 99.99% availability of service, excluding any time allocated for pre-arranged maintenance work (i.e. O/S updates, service packs etc.) ; Details of our SLA and credits are described in our service definition and Terms & Conditions documents
• Approach to resilience: With an internally hosted arrangement then the customer is responsible for service resilience With an externally hosted arrangement via Bensasson & Chalmers, our hosted sub-contractor has ISO 27001 accreditation and has a disaster recovery policy in place. The content/clauses/procedures are confidential but can be discussed if required.
• Outage reporting: Outages are alerted via e-mails.; ; Further details can be obtained via our 24/7 web support site.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: User access to the software is by user name and password operating in conjunction with access security permissions that can be varied in the software by the system administrator. This set of control determines access to modules and functions and whether update to data is allowed.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We work with our customers to provide a secure standard within their datacentres.
• Information security policies and processes: With regard to software management/development, Bensasson & Chalmers is currently undertaking a process of working towards ISO 9001 and cyber essentials accreditation.; Bensasson & Chalmers operates with a QA system embedded into our Company Handbook that covers strategy, policy, legislative responses Risk Assessments and disaster recovery policies.; ; The CEO is the authorised contact for all security matters. In turn the CEO reports to the Board of the company. Security policies are in place for internal matters and these are reviewed constantly in the case of material change, and formally by board review and adoption on an annual basis. Management undertakes an assessment on a quarterly basis.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The software is developed solely by our staff. Development changes are in response to issues identified or by strategic development. Any change to software is subject to internal testing and management approval prior to release. Testing is covered by employing typical customer scenarios and context.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Penetration testing is done on a periodic basis by CREST accredited independent consultants. This is done at least once per year. Reports are transmitted to the company board for action approval. Software patches deployment is in response to severity status. With high severity issues the company undertakes to deploy company resources on an immediate basis.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: A support log is maintained for the service. Issues raised are assessed for severity and examined in relation to and with a separate regime of penetration testing. Any issues identified is reported to the company board with an assessment of severity and risk, and a recommendation for action. It is company policy under our QA controls that any security/IT incident is reported immediately to the appointed contact (The CEO). In this way the incident is monitored and tracked for suitable remediation
• Incident management type: Supplier-defined controls
• Incident management approach: A support log is maintained for the service (and for each customer). Issues raised are assessed for severity and examined in relation to and with a separate regime of penetration testing. Any issues identified is reported to the company board with an assessment of severity and risk, and a recommendation for action. It is company policy under our QA controls that any security/IT incident is reported immediately to the appointed contact (The CEO). In this way the incident is monitored and tracked for suitable remediation. The company undertakes to notify the customer of incidents and their severity

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our Quality Assurance procedures include environmental considerations to be part of our supply chain monitoring.

  Covid-19 recovery

  Bensasson & Chalmers has supported flexible/home working for all its staff to ensure their comfort and safety as the work environment has evolved post Covid

  Tackling economic inequality

  We encourage and support fair economic behaviour through-out entire supply chain. As an Equal Opportunity employer, we oppose discrimination on all grounds so that sections of our population do not suffer from economic inequality. As part of our Quality Assurance procedures we insist that all suppliers in our supply chain conform to the Equal Equality Act and to the issue of Modern Slavery.

  Equal opportunity

  As an equal opportunity employer and in accordance with The Equality Act 2010, Invigilatis is fully committed to protecting people from discrimination in the workplace and also in wider society. As part of our Quality Assurance procedures we insist that all suppliers in our supply chain also conform to these ideals

  Wellbeing

  Bensason & Chalmers fosters a flexible trusting working environment, encouraging its staff to be creative and enabling them to benefit from the achievements. We offer flexible hours working, and encompass home working, so that our staff have the opportunity to cater for domestic arrangements to enjoy a family life.

Pricing

• Price: £22.00 to £35.00 a user a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at benc@invigilatis.com. Tell them what format you need. It will help if you say what assistive technology you use.