Brainwave Labs Limited

WMP Digital Front Door

WMP is meticulously crafted to streamline the management of overwhelming digital service demands, covering software, hardware, website development, cloud integration, and online publications. By integrating seamlessly with the Digital Front Door, WMP provides enhanced oversight and efficiency, transforming the delivery and management of digital services.

Features

• Automated Request Validation and Prioritisation
• Real-time monitoring preventing resource overcommitment with live capacity insights.
• Skill mapping to bridge internal capability gaps seamlessly.
• Transparent tracking to easily monitor request status in real-time.
• API Integration with ITSM Tools to streamline workflows.
• In-depth Reporting and Analytics for strategic planning.
• Continuously improve services based on user feedback.
• Customise interface for enhanced user experience.

Benefits

• Enhance efficiency and reduce resource requirements for digital service management.
• Prevent overcommitment and optimise resource allocation strategically.
• Allocate resources effectively to maximise organisational impact.
• Make informed decisions based on comprehensive analytics insights.
• Encourage disciplined prioritisation and value-driven resource allocation.
• Continuously refine services based on user feedback for optimal performance.
• Improves stakeholder engagement and satisfaction with transparent service management.

£120,000 an instance a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at michael@brainwavelabs.io. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

488571963602355

Contact

Michael Ekpe
07771255949
michael@brainwavelabs.io

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Hybrid cloud
• Service constraints: Nil.
• System requirements: Requirement for internet access.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 1 Hour.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Standard (working hours) support is included. Premium Support is at an additional cost as described in the pricing sheet, depending on the level on service.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: 1. Explainer Video: Access a comprehensive video walkthrough that simplifies the process of engaging with the digital front door in plain English, ensuring clarity and understanding.; 2. Comprehensive Documentation: Find detailed guides, FAQs, and step-by-step instructions within the platform, facilitating independent navigation.; 3. Tailored Onsite Training: Benefit from custom-designed onsite training sessions led by experts, offering hands-on practice to address specific team needs.; 4. Dedicated Support: Reach our customer support team via phone, email, or live chat for prompt assistance with queries and challenges.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: When a contract with our service comes to an end, we ensure that users can extract their data easily and securely. Here’s how the process works:; ; 1. Data Extraction Tools: Users have access to tools within the platform that allow them to download their data in common file formats, such as CSV, Excel, or PDF, depending on the data type. These tools are accessible through the user dashboard under the ‘Data Management’ section.; 2. API Access: For more comprehensive data needs or automated extraction, users can utilise our API to programmatically retrieve their data. Detailed documentation is available to guide users through this process.; 3. Support Assistance: If users require assistance with data extraction, our support team is available to help. They can provide guidance on how to use the extraction tools effectively or assist in preparing custom data exports if the standard options do not meet the user’s needs.; ; We aim to make the data extraction process as straightforward and user-friendly as possible, ensuring that all data is retrieved securely and efficiently as the contract concludes.
• End-of-contract process: At the end of the contract, here is a breakdown of what's included in the pricing and any potential additional costs:; Included in the Price:; • Data Extraction: Users are entitled to use built-in tools to download their data at no extra cost. This includes access to data in standard formats such as CSV, Excel, or PDF.; • Account Deactivation: Deactivating user accounts and access to services is included, with no additional fee for the account closure process.; • Final Review Meeting: A concluding session to discuss the service performance and any end-of-contract concerns is part of the contract without additional charges.; Additional Costs:; • Extended Data Access: If users need to extend their access to the platform beyond the contract end date to retrieve data or complete projects, additional fees may apply depending on the duration of the extension.; • Data Migration Support: Should users require assistance with data extraction or need custom reports and data formats, there may be additional charges based on the complexity and resource requirement.; • Archival Services: If users opt for archival of their data on our servers beyond the grace period outlined in our data retention policy, additional fees will be incurred.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Both our mobile and desktop services provide full access to our platform's features, but they are tailored to suit the specific strengths and user contexts of each device type. Using either the mobile or desktop version of our service, users can enjoy a flexible learning experience that adapts to their lifestyle and preferences, ensuring they have the tools they need in the format that best suits their immediate context.; The mobile UI/UX provides is designed with a simplified interface, optimised for touch interaction and provides instant notification features.
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: The WMP interface is meticulously designed for ease-of-use, with a sleek dashboard for swift progress tracking and service request tracking. A user-friendly menu provides easy access to submission forms, backlog, triage, in-progress, and assurance data. ; ; Notifications and automated progress updates keep users informed in real-time, while pass-through of SLAs from downstream systems ensures seamless service alignment. ; ; Accessibility options such as adaptable text sizes and keyboard navigation guarantee inclusivity across all users. Additionally, the mobile-responsive design ensures convenient service request tracking anytime, anywhere, with touch-enabled controls and offline functionality.
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: Testing Scenarios; Our testing includes a variety of real-world scenarios to ensure that users of assistive technologies can navigate the interface, access content, and interact with all platform functionalities effectively. Scenarios tested include:; • Navigating the dashboard and accessing various sections of the platform using screen readers.; • Interacting with learning modules using keyboard-only navigation to ensure that all interactive elements are accessible without a mouse.; ; Compliance and Standards; All interface testing is conducted in line with established accessibility standards, including the Web Content Accessibility Guidelines (WCAG) 2.1, to ensure compliance with both legal requirements and best practices. We aim to meet or exceed Level AA compliance, addressing issues related to navigability, readability, and operability.; ; Training and Documentation; In addition to interface testing, we provide comprehensive training materials and documentation that are accessible and easy to understand for users of assistive technologies.
• API: Yes
• What users can and can't do using the API: Our API provides robust options for users to customise and automate their interaction with our service, yet there are specific limitations to consider:; ; Capabilities; • Automated Account Creation: Users can set up new accounts, specifying user roles and access levels.; • Configuration: Settings for organisational structures, user journeys, and request categories can be configured via the API.; • Content Management: Add, update, or delete content types.; • User Management: Update profiles, modify roles, and manage permissions.; • Data Reporting: Generate custom reports on engagement and delivery performance, with options for data export.; Limitations; • Initial Setup: Initial platform setup and integration with enterprise systems like SSO may require direct UI interaction or technical support.; • Complex Configurations: Advanced security settings and intricate organisational structures often require manual setup.; • Bulk Operations: There are restrictions on the volume of bulk operations to prevent system overload.; • Feature Availability: Some UI features, particularly those involving complex interactions or real-time collaboration, are not accessible via the API.; • Rate Limits: API usage is subject to rate limits to ensure system stability and fair usage.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Our WMP solution offers flexibility, enhancing user experience and operational efficiency across diverse organisational needs.; Customisation Options:; • Interface: Adapt themes, colours, and layouts to align with brand identity.; • Order Processes: Tailor workflows to suit unique organisational procedures.; • Access Control: Define user-specific permissions and access levels.; • Reporting: Customise reports and dashboards to showcase relevant metrics.; • Integration: Seamlessly integrate with existing ITSM and workflow tools.; Customisation Process:; • Admin Panel: Easily manage UI adjustments, content, and user roles.; • API Access: Utilise our API for deeper system modifications and data integration.; • Templates: Use built-in tools for creating custom reports.; User Roles:; • Administrators: Oversee system settings, user roles, and permissions.; • Managers: Customise team operations and access specific reports.; • End Users: Personalise dashboard layouts and notification preferences.

Scaling

• Independence of resources: We ensure independence of resources through robust infrastructure scaling and resource allocation mechanisms. Our system dynamically adjusts resources to accommodate varying demand levels, preventing performance degradation during peak usage. Additionally, we employ load balancing and isolation techniques to ensure each user's experience remains unaffected by others' activities. This approach guarantees consistent and reliable service performance regardless of concurrent user activity.

Analytics

• Service usage metrics: Yes
• Metrics types: Yes, we provide detailed metrics on service usage for our tracking and fulfilment software. This encompasses tracking critical metrics such as number of items in work in progress, throughput, current capacity, current utilisation, and stage analysis. We also monitor adoption and user engagement by team or individual. User feedback and security metrics are also integrated. Additionally, we offer custom reporting options for tailored analysis.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Users can export their data easily through our platform's intuitive interface. Simply navigate to the "Data Management" section, where you can select export and find data you wish to export and choose the desired file format. Our platform supports common formats such as CSV and Excel, ensuring compatibility with various systems and tools. Once selected, the export process is initiated with just a few clicks, and users receive a download link via email or directly within the platform once the export is complete.
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.995% measured annually
• Approach to resilience: Brainwave’s engineers have developed a highly scalable, and resilient product architecture on AWS. System performance is vigilantly monitored for vital metrics, ensuring that no single system bears an excessive load. In the event of overloading or faults, automated processes swiftly deploy additional temporary systems or replace existing ones. Automation is ingrained in our architecture, enabling seamless system monitoring, updates, and corrective actions without downtime.
• Outage reporting: Outages reported by email and on status webpage

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access in management interfaces and support channels is strictly controlled to authorised personnel only. We enforce access restrictions through role-based access controls (RBAC) and multi-factor authentication (MFA). Additionally, access is monitored and audited regularly to ensure compliance with security policies and regulations. Our team undergoes regular training to reinforce security protocols and practices.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Our data centre and transit provider boast ISO27001 security accreditation. We cater Cloud solutions to public sector entities, delivering to high-profile security-conscious projects across Central and Local Government.; ; We meticulously document security-related processes and procedures, ensuring all staff are thoroughly informed and compliant.
• Information security policies and processes: Brainwave’s engineers have designed a highly scalable, and resilient product architecture on AWS. System performance is vigilantly monitored for vital metrics, ensuring that no single system bears an excessive load. In the event of overloading or faults, automated processes swiftly deploy additional temporary systems or replace existing ones. Automation is ingrained in our architecture, enabling seamless system monitoring, updates, and corrective actions without downtime.; ; Our secure hosting infrastructure safeguards all data. We ensure regulatory compliance through meticulous adherence to formal and informal policies and internal procedures, subject to regular review.; New staff undergo comprehensive training covering all aspects outlined in our IT Information Security Policy, vital for server and data access. Breaches or concerns are promptly reported to the Chief Technology Officer and the designated security officer.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our development team manages a central version control solution housing the code base. All code alterations are meticulously logged in this repository.; A Release Manager oversees software updates across various logical environments, including:; • Compiling update packages; • Coordinating customer testing; • Documenting release notes on resolved functionality or faults; • Tracking software updates; • Orchestrating releases to the production environment.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We operate our applications on the latest, security-supported versions of the Operating System and platform code. Where feasible, we deploy Long Term Support (LTS) versions, ensuring weekly updates and patches every Wednesday.; ; Upon identifying threats, we evaluate them with the relevant team and owners, prioritising necessary actions. Our information collection spans trusted sources, partner sites, and official product/service channels.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: The Brainwave platform operates on the public cloud infrastructure. Cloud providers deploy comprehensive monitoring devices across environments to detect unauthorised intrusion attempts, usage abuse, and network/application bandwidth utilisation. These devices monitor various aspects such as port scanning attacks, resource usage (CPU, processes, disk utilisation), application metrics, and unauthorised connection attempts. Near real-time alerts promptly notify potential compromise incidents, triggered by pre-defined thresholds set by the cloud Service/Security Team.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We employ pre-defined processes for common events. Users report incidents through our service desk or management tools. Incident management begins once the incident is identified, classified within our systems, and managed within our SLA following full ITIL processes. We have agreed escalation points and provide reporting to the client based on the severity level. Incident reports, particularly for P1 events, are available upon request.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity

  Covid-19 recovery

  To aid in the nation's recovery from the COVID-19 pandemic, our G-Cloud services enhance remote working capabilities and support public health initiatives through experiential learning platforms. These platforms are tailored to train government staff and the public in new digital tools and health guidelines through interactive, practice-based scenarios. This hands-on approach ensures that knowledge is not only acquired but also applied effectively, enhancing both individual and organisational resilience.

  Tackling economic inequality

  Our commitment to reducing economic inequality is furthered by providing scalable, experiential learning solutions. These offerings enable smaller government bodies and communities to gain access to quality educational resources, thus bridging the digital divide. By offering cost-effective, innovative solutions that include practical learning experiences, we ensure that technological advancements are accessible to all, promoting economic opportunity across diverse communities.

  Equal opportunity

  Our approach to delivering G-Cloud services is rooted in the principle of equal opportunity. Our commitment to reducing economic inequality is furthered by providing scalable, experiential learning solutions. These offerings enable smaller government bodies and communities to gain access to quality educational resources, thus bridging the digital divide. By offering cost-effective, innovative solutions that include practical learning experiences, we ensure that technological advancements are accessible to all, promoting levelling up of economic opportunity across diverse communities.

Pricing

• Price: £120,000 an instance a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: 30-day access to demo version of WMP

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at michael@brainwavelabs.io. Tell them what format you need. It will help if you say what assistive technology you use.