WT DATATECH LTD

Compliance Software Solution

Our cloud-based Solution offers a straightforward, efficient, and powerful tool for managing all governance, risk, and compliance needs, including ISO standards. Our Compliance Solution combines management system integration and risk assurance software to provide the easiest path for your business to attain and uphold ISO certification.

Features

• One Compliance Solution for All ISO's
• Continuous Assistance
• Can Access Anywhere Repository and Workflow for Policies, Controls
• ISMS Manager, Control Manager, Risk Manager, Conformance Manager
• Import Data from Existing Management Systems
• Version Control and Read-Only Access
• Incident Management, Corrective Actions, and Tracking
• Document Management
• Role Based Access and Approvals
• Cloud Solution - Unlimited assets, users

Benefits

• Customized Roles, Responsibilities, and Authorities
• SWOT Analysis Template Included
• Seamless Addition of Operational Controls
• Tracking Compliance of Management Systems
• Remote Access Anytime, Anywhere
• Tailored Workflows, Alerts, and Notifications
• Personalized Dashboard Options
• Internal and External Audit Dococumentation
• Risk Logs
• GAP Analysis

£50 to £250 an instance a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at dileep.iarala@memss.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

528907767142084

Contact

Dileep Iarala
07738729304
dileep.iarala@memss.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: No Constraints work Any Cloud service provider but Planned maintenance is typically scheduled outside of regular business hours.
• System requirements:
  • Subscription to Cloud Service
  • Internet Browser

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Our Client Support group will make every reasonable effort to ensure submitted cases are assigned the proper Severity level. Submitted cases will be responded to in the order they are received, with consideration given for higher Severity levels. Response Time is the time it takes before a WT Datech Support agent makes initial contact with the individual who submitted the case. Bundled Service (Normal Priority 6 Hours, Serious Priority 3 hours, Critical Priority Live Call Only) Concierge Standard (Normal Priority 4 Hours, Serious Priority 2 hours, Critical Priority Live Call Only)
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We include support within our annual fee. We will allocate both technical account manager and cloud support engineer ; Standard Support - available during 09:00 – 17:00 hours, Monday to Friday (not English Public Holidays). Incidents may be logged via the web, telephone or email during these times. Additionally, Incidents may be logged via email or the web outside of these hours, but they will not be progressed until the next working day. we also support out of hours for priority issues.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Our web-based application, designed for your convenience, is accessible from anywhere. Our onboarding process begins with a review of your business processes, mapping them to Compliance Solution functionality. We then configure the system according to your requirements and provide training tailored to your needs.; During the implementation phase, we provide comprehensive training to your core project team, ensuring a solid understanding of the system. Your team will learn about data structure, available configuration options, and how specific processes operate. We offer both classroom and webinar training sessions.; Once you start using the software live, rest assured that you'll have access to our dedicated support staff, who are ready to assist with any questions or issues. Additionally, you'll have access to our comprehensive documentation and user guides to support your needs further.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Database used is SQL Server and the SQL backup (.bak file) will be provided if required at the end of the contract.
• End-of-contract process: Upon contract termination, the buyer must certify that all copies of compliance software processes, documentation, and confidential information provided have been returned or destroyed. This ensures the protection of proprietary information. The buyer must also acknowledge the relinquishment of its rights to use this information, marking the end of its access to compliance software resources.; Additionally, we offer the option to provide the data in other standard formats if needed. However, this service incurs an additional cost, determined based on the required export format and the volume of data to be exported. This provides flexibility for the buyer if they need to retain or utilize the data in a different format after the contract concludes.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Look and feel will verify to desktop service to mobile service. but can do all the tasks which can see in desktop version
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: We can Provide API access to Assets and Work order information.; Limitations is depends on the service selected.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Reference Data ; Workflow Process; We can customise to client requirements.

Scaling

• Independence of resources: Service usage alerts has been stepped and our service cloud based. We can increase allocation services as demand increases.

Analytics

• Service usage metrics: Yes
• Metrics types: Summary metrics including ; No Of Assets and various metrics; No of Work Orders and various usage metrics; Financial - Capital replacement metrics; Usage metrics; Performance reporting on KPIs; Resource management including time-sheet reporting; Custom reports available subjected to service agreement.
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: The data is exported as a set of comma-separated values (CSV) files. Data export tools provide a convenient way to obtain a copy of your Asset data, either for backup or for importing into a different system.; From Reports also you can export data in various formats (Csv/excel/XML etc)
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • IPsec or TLS VPN gateway
• Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We use Azure Cloud which is provided by Microsoft.; https://azure.microsoft.com/en-gb/support/legal/sla/; and also our internal team available to support the application availability twenty -four (24) hours a day, seven (7) days a week.
• Approach to resilience: We utilise a Azure Cloud environment built using the App service Management platform. It provides an environment that is: - Scalable through auto-scaling (up and out) - Highly available through automatic failover and full active-active High Availability. The application will be hosted in multi-node environment and this will protect from bringing the system down for any reason.
• Outage reporting: Outage are reported to our clients by email .

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Not Applicable
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: CSA CCM version 3.0
• Information security policies and processes: Compliance Software has the following security policies and processes: Information & Security policy, Data Attack Preparedness and Response process and Data and Network Security Breach Incident Management policy. The IT Directors of the company conduct incident response with input from other members of the Data, Application and Infrastructure Architectural teams dependent on the type and scale of the issue, with policies reviewed and testing completed regularly, as a minimum.; As part of staff onboarding, we train the staff on the importance of security measures and how to respond to computer and network security incidents.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We follow standard development Configuration and change management process includes GitHub Source Control and Asana for issue tracking to monitor and track features and fixes.; All Change Requests must be submitted in accordance with change management procedures . Each Change Request must receive formal CAB approval before proceeding with the change and it will be created in Asana for tracking (Development, Deployment, 1st and 2 nd level Testing, Release to Test and Live)
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Application Logs created to a logfile and to database on every event based are monitored regularly. Patches are deployed when required. Potential threats are identified offline and online and with regular vulnerability scanning. ; Multilocation data backup and we have in place Disaster Recovery procedures and management process in all times.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Protective monitoring controls include recording the logs with time real time stamp with system information and logs suspicious activity at a module level. ; Full time in house testing with various tools/methods this will include the data, network, penetration and stress testing.
• Incident management type: Supplier-defined controls
• Incident management approach: All staff are trained and made aware of the incident management process which includes reporting the incident ; Priority 1, Critical: System down and Critically Impacts to all business activities.; Priority 2, Functional failure: Prevent operation of particular functionality and not usable.; Priority 3, Intermittent failure: The problem is affecting a particular functionality and impacting limited users but the problem is relocatable.; Priority 4, Minor:. Very low impact to users or the problem is cosmetic.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Fighting climate change WT Datatech support in cloud services has significantly impacted the well-being of our staff, our client's staff, and the local communities we serve. With the rise of remote work, we prioritize physical, social, and mental health through our Wellbeing Strategy and Policy. This strategy aims to cultivate a happy and confident workforce that delivers exceptional customer service while positively impacting our communities, whether remotely or in-office. Our initiatives are tailored to meet the needs of our staff, identified and developed accordingly. To ensure the health and happiness of our employees, we have: Established a network of trained mental health first aiders to assist colleagues across our contracts. Fostered a supportive environment that promotes wellbeing through mindfulness and wellness activities each month, with ongoing employee feedback and engagement. Created an environment that supports wellbeing, maintaining a culture of engagement to ensure a happy and confident workforce that delivers exceptional services and positively impacts our communities, whether working remotely or in-office.

  Covid-19 recovery

  Covid-19 recovery Thanks to our cloud technology strategy, when COVID-19 struck, we seamlessly transitioned to remote working with minimal disruption to our services. Since then, our model has evolved into hybrid working. Our offices now offer smaller, modern spaces where teams can work permanently (if unable to work from home) or for essential face-to-face engagements. We've implemented all COVID-19 regulations within these offices, including social distancing measures, one-way walkways, sanitization stations, and informative posters. Despite these changes, our operational performance remained unaffected, allowing us to continue providing Business as Usual (BAU) services, ensuring continuity for our clients' management software needs. WT Datatech has supported our clients and employees throughout the pandemic, contributing to local communities where possible by offering employability advice and educational support through university programs.

  Tackling economic inequality

  Tackling economic inequality With a solid commitment to social value and addressing economic inequality, WT Datatech pledges to uphold the following throughout the contract: WT Datatech understands the challenges that small or new businesses face in their growth journey. We recognize that providing IT Management software can sometimes hinder their operations or ability to secure new business. That's why we offer comprehensive support, including free workshops to identify compliance gaps and assist in developing policies and procedures to meet IT Management software standards. We aim to effectively support businesses of all sizes, offering cost-effective rates and additional assistance to ensure their success. Through our operating model, which leverages remote working via cloud services, we create opportunities for those facing barriers to employment and individuals in deprived areas. We provide training opportunities for Consultants and other staff as needed, ensuring inclusivity and equal access to advancement. Additionally, we have established CPD pathways to facilitate professional progression. WT Datatech is dedicated to addressing economic inequality and collaborates with buyers to explore new and innovative methods of breaking down barriers.

  Equal opportunity

  Our commitment to equality and diversity is not just a statement but a comprehensive policy that we live by. This policy covers Staff Training & Development, monitoring, effective employee communication, and equality-focused training. It is a policy and a promise aligned with all legislation surrounding equal opportunities. We are committed to ensuring this is reflected in our services, and we take pride in the fact that our policy is incorporated into staff contracts and is briefed during staff inductions. Through our robust equal opportunities, diversity, and inclusion policies, we go beyond mere compliance. We actively tailor our services to provide equal opportunities, reflecting the unique demographics and characteristics of the population across the areas in which we operate. We understand that each community is different and value and respect these differences in our approach.

  Wellbeing

  Our cloud support services have significantly contributed to the well-being of our staff, client staff, and the local communities in which we operate. As remote work becomes more prevalent, we prioritize physical, social, and mental health through our Wellbeing Strategy and Policy. This strategy aims to foster a happy and confident workforce that delivers excellent customer service and contributes to the sustainable transformation of our local communities, whether working from home or in-office. These initiatives are tailored to meet the support needs of our staff. To ensure employee health and happiness, we have: An established network of trained mental health first aiders is available across our contracts to assist colleagues. We maintain a culture of well-being through engagement, offering a variety of mindfulness and wellbeing activities each month. We continuously consult with and invite employee feedback to tailor our initiatives effectively.

Pricing

• Price: £50 to £250 an instance a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: It includes all features with a basic configuration. Max 30 days we will provide a trial.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at dileep.iarala@memss.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.