SMART: AI Council Staff Copilot
The SMART AI Council Copilot is a generative AI solution that enhances all staff activity across the organisation, allowing secure access to LLM’s for day-to-day activities and which compliments the Microsoft Copilots. Built on the same technology, the SMART Copilot connects to automations to support business processes.
Features
- Powered by generative AI from Microsoft Azure
- Integrated into familiar applications
- Secured via authentication
- Accessible, customisable, intuitive (WCAG 2.1AA compliant), User experience
- Supports multi-vendor automation skills, including Microsoft Power Platform
- Intent analytics captures and analyses user interactions
Benefits
- Intent analytics captures and analyses user interactions
- Staff access the Copilot through Office365, or other business applications
- Uses your existing authentication to manage user credentials
- Enhances accessibility for all users, meeting diversity needs
- Promotes wider adoption by simplifying engagement across digital channels
- Gain insights into usage and identify training needs
Pricing
£75,001 a licence a year
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
4 6 9 1 9 8 0 5 3 0 2 5 7 3 8
Contact
ICS.AI LTD
Andrew smith
Telephone: 01256 403800
Email: andrew.smith@ics.ai
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
-
The following Microsoft licensing is required for the SMART AI assistants;
An Azure Subscription
Optional
SharePoint Online Plan 1 or Plan 2
Office 365 E1 or E3 or E5 Suite - Cloud deployment model
-
- Public cloud
- Private cloud
- Hybrid cloud
- Service constraints
-
The following Microsoft licensing is required for the SMART AI assistants ;
An Azure Subscription
Optional
SharePoint Online Plan 1 or Plan 2
Office 365 E1 or E3 or E5 Suite - System requirements
-
- Windows Server 2022+
- SQL Server (Std/Enterprise ) 2022+ / Azure SQL database
- Microsoft .NET
- Microsoft Azure & Cognitive Services
- Microsoft Bing Services
- Microsoft Azure Cosmos DB
- Microsoft Power Automate
- Microsoft Entra
- Microsoft Azure Key Vault
- Microsoft Teams
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- The response time is either 24 hour or 72 hours, depending on the contract signed by the client and applies during working hours from Monday to Fridays
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
The Support levels are as follows and the SLA for an Urgent issue is a fix or workaround within 24 hours or 72 hours, dependent on contract
1.Urgent - System not responding or critical function loss that affects all users
2. High - A function loss that causes significant disruption to business and users
3. Normal - Function loss that affects some users but will not stop them from being able to do other tasks
4. Low - A cosmetic issue or a minor function loss that affects some users
This service, up to an agreed number of hours per month is included in the cost of the Licence for the Citizen Services bot. Additional support hours can be purchased if required. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Through online training for power users
- Service documentation
- Yes
- Documentation formats
-
- Other
- Other documentation formats
- MS Word
- End-of-contract data extraction
- All user content is stored within the customers cloud environment
- End-of-contract process
- The software is decomissioned and product artifacts are removed from the customers Azure subscription and Office 365 tenant. No user content is affected.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- None
- Service interface
- No
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- API
- No
- Customisation available
- Yes
- Description of customisation
- Developers can modify and extend the product using the administrative tools and SDK.
Scaling
- Independence of resources
- The service is installed either locally on premise or on dedicated cloud resources, for each individual customer. Service infrastructure is scaled according to customer requirements.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Chat logs for all users are available including conversation data, searches and user selections.
- Reporting types
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Physical access control, complying with another standard
- Encryption of all physical media
- Other
- Other data at rest protection approach
- Azure provides physical access. No user content is stored within the SMART configuration database, all content is stored in client applications or in Office 365/SharePoint.
- Data sanitisation process
- No
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- Extraction not required, no customer data stored within product
- Data export formats
- Other
- Other data export formats
- Extraction not required, no customer data stored within product
- Data import formats
- Other
- Other data import formats
- Extraction not required, no customer data stored within product
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
- Other
- Other protection within supplier network
- No data is transferred from customer managed networks
Availability and resilience
- Guaranteed availability
- Availability is governed by infrastructure design as part of a deployment project. Load balancing and DR options are available.
- Approach to resilience
- Client facing application can be hosted on multple servers and back end processes can be moved between servers in the event of a primary server outage
- Outage reporting
- Windows monitoring tools (System Centre, Nagios, etc) can be used to monitor service and report on outages
Identity and authentication
- User authentication needed
- No
- Access restrictions in management interfaces and support channels
- Active Directory Users and Groups
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- Username or password
- Other
- Description of management access authentication
- As the service is run from the clients Azure subscription, they have a choice as to which mechanism to use for management access. This can include 2 factor authentication with user name and password or other options such as Azure Vault
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- N/A hosted in Azure which is compliant
- ISO/IEC 27001 accreditation date
- N/A hosted in Azure which is compliant
- What the ISO/IEC 27001 doesn’t cover
- N/A hosted in Azure which is compliant
- ISO 28000:2007 certification
- Yes
- Who accredited the ISO 28000:2007
- N/A hosted in Azure which is compliant
- ISO 28000:2007 accreditation date
- N/A hosted in Azure which is compliant
- What the ISO 28000:2007 doesn’t cover
- N/A hosted in Azure which is compliant
- CSA STAR certification
- Yes
- CSA STAR accreditation date
- N/A hosted in Azure which is compliant
- CSA STAR certification level
- Level 5: CSA STAR Continuous Monitoring
- What the CSA STAR doesn’t cover
- N/A hosted in Azure which is compliant
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- N/A hosted in Azure which is compliant
- PCI DSS accreditation date
- N/A hosted in Azure which is compliant
- What the PCI DSS doesn’t cover
- N/A hosted in Azure which is compliant
- Cyber essentials
- No
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- Achieved by the responsible Director mandating & reviewing organisation-wide information security policy that is supported by lower level security policies, procedures and guidelines (such as the information security, risk and compliance management structures, reporting lines, divisions of responsibility, delegated authorities and so forth).
- Information security policies and processes
- The Business Operations Director is responsible for setting and reviewing the following: Password Policy, Backup Policy, Network Access Policy, Remote Access Policy, Virtual Private Network (VPN) Policy, Guest Access Policy, Third Party Connection Policy, Network Security Policy, Mobile Device Policy, Retention Policy, Physical Security Policy, Email Policy
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- The solution is deployed using a Continuous Integration /Continuous Deployment methodology which is part of the Azure DevOps Service. DevOps is the combination of cultural philosophies, practices, and tools that increases an organization's ability to deliver applications and services at high velocity: evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes.
- Vulnerability management type
- Undisclosed
- Vulnerability management approach
- The SMART AI Service is hosted on servers within the customers network and we recommend that Windows Server security and hardening best practices are followed where applicable. The SMART AI Service requires authentication and any security vulnerabilities are patched as a priority once discovered. Penetration test can be arranged at the request of the customer.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- The SMART AI Service is hosted on servers in the customer network. The SMART Service requires authentication to access and through the use of web server logs and SMART Service logs patterns of inappropriate use can be identified. When an incident is reported ICS works with the customer to resolve the issue and update any configuration issues and will provide a patch or update where necessary. SMART AI security issues are logged as priority 1 calls are dealt using appropriate SLAs.
- Incident management type
- Supplier-defined controls
- Incident management approach
- The product support team follow defined processes around logging, assigning, escalating and resolving issues. Nominated service users can report issues via a dedicated web portal, email address or telephone number and are regularly informed of incident progress. Incident report updates are available via the web portal or by contacting the support team.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
Our SMART AI platform advances public sector efforts to combat climate change by reducing carbon footprints through digital transformation. By enabling 24/7 self-service and automating routine enquiries, our technology significantly reduces the need for physical infrastructure and associated energy consumption. This digital shift minimises the environmental impact of commuting and office operations, aligning with governmental targets to reduce greenhouse gas emissions. Travelling to clients whilst implementing solutions is kept to the minimum and when travel is required the company policy is to use public transport. 90% of other interactions are exclusively online.Covid-19 recovery
In the wake of COVID-19, our SMART AI platform plays a crucial role in the recovery process by supporting resilient and flexible public services. It alleviates pressure on front-line staff by providing robust self-service options across multiple channels, 24-7, allowing users to access services without physical interaction. This capability has been essential in maintaining service continuity during social distancing measures, enhancing the public sector's ability to adapt to similar future challenges efficiently. This has been repeated in other situations where inbound demand signifcantly increases for a period of time and the platform can deal with massive spikes. Post COVID-19 examples are the Ukraine refugee crisis and more recently the cost of living crisis.Tackling economic inequality
Our SMART AI platform contributes to reducing economic inequality by democratising access to essential public services. By lowering operational costs through automation and AI-driven efficiencies, public sector organisations can reallocate funds to critical services and vulnerable communities. Additionally, our technology facilitates wider access to services, ensuring that economically disadvantaged groups receive timely and equal support, thus bridging the service gap across socioeconomic statuses. When working in different parts of the Uk, our on site activivites contribute to the local eceonmy through the use of facilitites such as local, hotel, restaurants and other local services when we are onsite.Equal opportunity
To enhance equal opportunity, our SMART AI platform incorporates accessibility and inclusivity at its core. It adheres to WCAG 2.1 AA standards, ensuring that our digital services are usable by people with disabilities. We extend this commitment by supporting multiple languages, which not only aids non-native speakers but also fosters inclusivity in diverse demographic settings. This approach ensures that all community members have equitable access to public services, regardless of physical ability or language proficiency.Wellbeing
Our platform enhances community wellbeing by offering round-the-clock access to public services, reducing stress and improving life quality for users. By automating routine tasks, we enable public sector organisations to focus more on personalised support where it matters most, improving overall service quality and user satisfaction. Additionally, the support for multiple languages and accessible interfaces ensures that all individuals, including those facing language barriers or disabilities, can engage with services comfortably and independently.
Pricing
- Price
- £75,001 a licence a year
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- Limited period access to fully featured demo environment
- Link to free trial
- Environment provisioned per user