KPMG LLP

KPMG Elements - Employee Reward & Benefit Technology

Our service is a consultancy and technology based offering for the provision of Employee Benefits and Total Reward Statements to aid with employee engagement and communications.

Features

• Employee benefit provision
• Employee Communications
• Voluntary benefit access
• Easier administration of employee benefits
• Payroll reporting for benefits
• Provider reporting for benefits
• National Minimum Wage compliance checks
• User administrator self service surveys
• Access to online payslips
• Central hub with access to third parties

Benefits

• Administrate all benefits in one central location
• Employees can easily make selections of benefits
• Employees can see the impact on their pay
• Engage employees through regular communications
• Enagage employees through the use of Total Reward Statements
• Reduce the admin payroll burden of manually making changes
• Bring online access to one central location for other services
• Ability to offer flex funding or flex funds
• Accessable through any mobile device
• Secure and scalable hosted solution

£20,000 a unit a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at psopportunities@kpmg.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

509540920501118

Contact

KPMG G-Cloud Team
02073111000
psopportunities@kpmg.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: No
• System requirements: Requires latest versions of internet browsers.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 24 hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: We are able to provide Helpdesk support to end users, generally between the hours of 09:00 and 17:00. This is provided through the provision of a dedicated phoneline and email address.; Web chat support is currently in development.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Full training can be provided to users along with relevant user guides and manuals.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Extract of data directly from the platform in the form of reports in csv format.
• End-of-contract process: We will assist you in any transition to a new provider. Once the migration has been completed and signed off all data will be removed from out platform.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Full functionality is available on the mobile service
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: N/A
• Accessibility standards: None or don’t know
• Description of accessibility: Our browser based solution will resize itself based on the device the user is accessing it with.
• Accessibility testing: None
• API: No
• Customisation available: Yes
• Description of customisation: The look and feel of our platform can be tailored to the users requirements. Similarly the layout and rules behind the system can be tailored to the users requirements.

Scaling

• Independence of resources: Hosting services are load balanced and can automatically scale depending on demand.

Analytics

• Service usage metrics: Yes
• Metrics types: We will provide metrics on call volumes, response times and types of queries.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Through reports built in to the platform. These can be built to the users specification.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Due to our AWS hosting environment we can provide 99.99% availability.
• Approach to resilience: The solution is hosted on the KPMG-managed Virtual Private Cloud on the AWS cloud platform. The application runs on AWS EC2 compute nodes. The application is in an auto-scaling group, so the number of compute nodes will automatically increase to cater to demand.
• Outage reporting: We utilise other AWS features such as CloudWatch for log monitoring, SES for sending emails, and S3 for storage.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password
• Access restrictions in management interfaces and support channels: Authentication can be carried out either through a single sign on link from the users systems or through the use of username and passwords. Accounts must already be registered on the platform.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Certifications / ISO
• ISO/IEC 27001 accreditation date: 12/05/2022
• What the ISO/IEC 27001 doesn’t cover: "ISO 27001 is an information security standard that helps firms to identify risks to its data, and put in place the controls to help mitigate those risks. KPMG is certified to ISO 27001:2013 for core systems, people, IT assets and physical security. ; ; Obtaining and maintaining ISO 27001 demonstrates KPMG's commitment to information security, and should provide its clients with assurance that our information security policy and processes are robust, and that a strong control environment exists. We are independently audited against the standard by an external third party. ; ; The scope statement for our ISO certificate reads: ‘The protection of information in relation to the provision of professional services to KPMG clients. This includes all client-facing business units that use KPMG’s centrally managed information systems and processes.’ "
• ISO 28000:2007 certification: Yes
• Who accredited the ISO 28000:2007: Standards and certifications / ISO 28 - N/A
• ISO 28000:2007 accreditation date: 12/04/2016
• What the ISO 28000:2007 doesn’t cover: -
• CSA STAR certification: Yes
• CSA STAR accreditation date: 31/12/2018
• CSA STAR certification level: Level 3: CSA STAR Certification
• What the CSA STAR doesn’t cover: N/A
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Multiple policies and standards exist from User security awareness and integrity training for all staff to the more specific standards and policies - IT Security Policy, Privileged User, Vulnerability management, Log Management, System access management, Information classification requirements to name a few

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We manage all configuration and change requests through a formal change management process. Processes are ITIL based, but with adaptations made to suit KPMG’s internal and supplier requirements for controls, governance and reporting.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Vulnerability scans are carried out monthly on external devices and monthly on internal devices. All systems exposed to untrusted networks (and, in particular, all Internet-facing systems) are pen-tested prior to release and whenever a sufficiently significant change takes place that forces a change in the risk assessment for the system
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: N/A
• Incident management type: Supplier-defined controls
• Incident management approach: Security Incidents are handled in line with the KPMG UK Incident Management process, aligning to elements of KPMG UK’s ISO270001. Incidents are raised through a dedicated channel and an incident manager assigned. The handler will then be triage accordingly, seek to contain the incident and coordinate recovery efforts with stakeholders

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We’ve committed to Net Zero 2030, backed by our environment strategy, aligned to the 1.5-degree pathway, and approved by the Science Based Targets Initiative. And introduced an internal carbon price. A self-imposed tax that’s applied to our energy use and business travel. Bringing the cost of our carbon emissions back to us to fund decarbonisation projects. Initiatives have inspired our staff and gained us a top 2% Carbon Disclosure Project (CDP) A Rating, Platinum EcoVadis medal and Environmental Management (ISO 14001) and Energy Management (ISO 50001) certification. ; During contract delivery we will: ; ; ‒ Encourage our suppliers to report their carbon data to CDP, helping us to measure and encourage progress and remain on their Supplier Engagement Leader board. Reducing pollution through our supply chain.; ; ‒ Facilitate a ‘fighting climate change’ 90-minute session and create a team charter to agree:; ; o Traveling SMART | Minimising travel for those involved in the contract and measuring and monitoring all contract related business travel and carbon emissions using our proprietary KPMG carbon tracker tool.; ; o Living sustainably at home | Managing home office equipment efficiently and avoiding printing.; ; o Adopting a ‘digital first’ approach | Using collaborative technologies for data storage/ sharing to maximise effectiveness and reduce email volume.; ; Reducing travel, power consumption, and paper usage to minimise emissions and support sustainable behaviours.; ; ‒ Host a 60-minute sustainability impact modeller tool demonstration. Helping reduce your carbon footprint of cloud deployments using bespoke tooling to optimise implementation. ; ; ‒ Monitor, measure, and report commitments using the Social Value Portal. An evidence-based, data-driven tool, underpinned by the National Themes, Outcomes and Measures framework. It’s endorsed by the Local Government Association and compatible with all major ESG frameworks. Bringing rigour to commitments tracking and allowing you to flex and value the impact and hold us accountable.

  Covid-19 recovery

  The pandemic accelerated changes in the way we work, forcing us to adapt to ensure rapid recovery. Office space has been transformed for innovation, collaboration, and convening between our colleagues, clients, networks, and local communities. ; ; Contract specific commitments: ; ; ‒ Leverage market-leading devices and hybrid working plans to allow teams to be outstanding in delivery empowered by agile working. Offering greater flexibility and choice during the working week, bringing together physical and virtual worlds.; ; ‒ Welcome those who have not been able to join the workforce previously to play an active role e.g., those who couldn’t spend much time away from home due to caring commitments, those with great distances to travel to an office, or those with a disability which precludes travel. Creating a more diverse workforce.; ; ‒ Host a 60-minute future of work session to share our latest thinking. Including, helping you to consider how innovative technologies can support some of the hardest aspects of change to achieve and sustain high performance and nurture creativity.; ; ‒ Monitor, measure, and report commitments using the Social Value Portal. An evidence-based, data-driven tool, underpinned by the National Themes, Outcomes and Measures framework. It’s endorsed by the Local Government Association and compatible with all major ESG frameworks. Bringing rigour to commitments tracking and allowing you to flex and value the impact and hold us accountable.

  Tackling economic inequality

  Like you, we are committed to shaping an environment to narrow disparities, level the playing field, and create better growth opportunities for diverse businesses. During the delivery of the contract, we’ll tackle economic inequality through the following commitments: ; ; ‒ Adhere to inclusive recruitment and progression practices that follow the five foundational principles in the Good Work Plan (satisfaction, fair pay, participation and progression, wellbeing, and voice and autonomy). Increasing self-worth and motivation and improving retention and productivity.; ; ‒ Provide access to KPMG’s Introduction to Python Coding 10-week course to your staff and suppliers. Successful participants will receive a Credly digital certificate. Strengthening logic and problem-solving skills and equipping future generations with the desired skills to make them a relevant asset.; ; ‒ Extend the reach of our technology and engineering apprenticeships by partnering with local authorities and charities. Generating additional paths to employment for people from lower socio-economic backgrounds and bolstering future skills in the UK. Practical work experience is gained while working towards professional qualifications/ accreditations and earning a salary. ; ; ‒ Create business opportunities for a range of local suppliers such as entrepreneurs and start-ups. By encouraging our 1,800 active suppliers to use local sourcing in their supply chain. For example, for our national catering contract we expect the supplier to source produce locally, supporting local producers and reducing food miles. Our sustainable procurement policy is supporting SMEs and VCSEs via various initiatives e.g. the prompt payment code. ; ; ‒ Monitor, measure, and report commitments using the Social Value Portal. An evidence-based, data-driven tool, underpinned by the National Themes, Outcomes and Measures framework. It’s endorsed by the Local Government Association and compatible with all major ESG frameworks. Bringing rigour to commitments tracking and allowing you to flex and value the impact and hold us accountable.

  Equal opportunity

  We aim to attract the best talent in the market, from all backgrounds at every stage of their career and empower them to reach their full potential. Our initiatives include establishing 16 diversity networks to support individuals and voluntarily publishing diversity pay gaps and action plans to close gaps. Improving progression for our historically underrepresented groups* and placing us in the Top 5 in the Social Mobility Employer Index since 2017.; * Bridge Group – KPMG progression gap analysis. ; ; During the delivery of the contract, the following commitments will go further to level the playing field: ; ; ‒ Take a risk-based approach to policies, training, governance, and approvals to ensure human rights due diligence. Although our industry is not considered high-risk, risk can arise in our operations and supply-chain. Supporting your zero-tolerance approach to modern slavery. ; ; ‒ Invite your employees to join our Cross Company Allyship Programme. Matching mentees from ethnic minority groups with mentors from across KPMG and our client base. Creating diversity of thought, experience, providing career guidance, and building professional network and confidence. ; ; ‒ Provide employability support to people who have served with the armed forces. We’re signatories to the Armed Forces Covenant and holders of the Gold Defence Employers Recognition award. Providing successful career opportunities for those embarking on ‘civvy street.’ ; ; ‒ Ensure the contract workforce are physical/ digital accessibility trained, recognising that not all disabilities are visible. Building an awareness of the policies and standards that enhance accessibility and productivity.; ; ‒ Monitor, measure, and report commitments using the Social Value Portal. An evidence-based, data-driven tool, underpinned by the National Themes, Outcomes and Measures framework. It’s endorsed by the Local Government Association and compatible with all major ESG frameworks. Bringing rigour to commitments tracking and allowing you to flex and value the impact and hold us accountable.

  Wellbeing

  Our wellbeing strategy has been shaped by listening to our people and working with specialists. Focusing on the areas where we can have the biggest positive impact. During contract delivery, we will support wellbeing with the following commitments: ; ; ‒ Provide the contact workforce with a rich, innovative suite of specialist information, advice, services, and treatment – supplemented with focused initiatives. Shaped by listening to our people and working with specialists. Using clinical, organisational, and positive psychology to empower individuals by providing the right care, at the right time. And allowing them to be at their best. ; ; ‒ Facilitate a 90-minute wellbeing workshop for the contract workforce, using our bespoke Wellbeing EDGE tool to create a wellbeing charter. Identifying team member “non negotiables,” creating an inclusive environment, and agreeing our collective approach to maximise team wellbeing. ; ; ‒ Facilitate monthly constructive health and wellbeing check-ins using Wellbeing EDGE and a wellbeing survey to measure the success of our approach and identify additional support required. Understanding how the team can be effectively supported through emerging challenges. Ensuring the workforce witnesses our commitment to continuous improvement, including feedback being incorporated and acted on. Thus, empowering them to continue to speak up.; ; ‒ Appoint a dedicated accredited Wellbeing Ambassador, with a passion for wellbeing, to challenge mental health stigma and begin empathetic conversations with team members. Building, embedding, and maintaining a sustainable wellbeing approach and giving visible support to those struggling mentally or physically. ; ; ‒ Monitor, measure, and report commitments using the Social Value Portal. An evidence-based, data-driven tool, underpinned by the National Themes, Outcomes and Measures framework. It’s endorsed by the Local Government Association and compatible with all major ESG frameworks. Bringing rigour to commitments tracking and allowing you to flex and value the impact and hold us accountable.

Pricing

• Price: £20,000 a unit a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at psopportunities@kpmg.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.