Capita Business Services Limited

Software - COSAIN (Capita)

COSAIN has been the UK’s leading social media listening platform since 2012, and now includes powerful online data research and visualisation capabilities to gather insight on people and their networks.

Features

• COSAIN is designed for users with all skill levels
• Premium social media sources, and bio-specific online data sources
• Searches names/addresses/DOB’s/emails/handles/phones/IP’s/Companies House
• Intuitive UI, with Advanced-Search for granularity/noise reduction
• Prebuilt taxonomies of sector specific search terms, and search queries
• OCR of images, translation of social media posts, sentiment analysis
• In-app and scheduled mail reports, with additional ‘Dataviewer’ access
• De-duplication of volume data, intelligent geo-filtering for location data
• Email 2FA, secure hosting, SC/NPPV3/DV vetted staff

Benefits

• Continual innovation that reflects user feedback
• Users share and collaborate nationally on thematic areas of concern
• Continuous insight to reduce any threat, risk, and harm
• COSAIN supports situational awareness, collaborative working and decision making
• Dedicated client managers with relevant experience and sector knowledge
• 24/7 Support Team for operational and technical guidance
• Additional DataViewer licences for a distributed capability within organisations
• Results displayed with visual analytics, and stored in searchable database
• On-site and virtual training by experienced OSINT professionals
• Data exports integrate with multiple industry standard third-party tools

£19,495.00 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at engagewithus@capita.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

535860192546403

Contact

Capita Business Services Ltd
08702407341
engagewithus@capita.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: See full terms and conditions for any platform restraints.
• System requirements: Access to internet via web browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: During standard operating hours response time is within 30 minutes. Outside of standard operating and weekends response is within 1 hour. If the incident is urgent, users can call a dedicated support phone number for immediate response.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: Refer to service description.
• Onsite support: Yes, at extra cost
• Support levels: We provide support levels based on four severity levels: 1-4. ; ; A critical call would attract a maximum 30 minute response with a non-critical call attracting a maximum of four hour response. ; ; We provide our support plan for this service as standard with no additional costs within standard operating hours. ; ; We provide a client engagement manager to all clients who subscribe to the platform to ensure we provide a consistent service throughout the term of the contract.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: New COSAIN users are offered initial onsite training provided as part of the annual service cost.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The service has built in functions to meet this requirement.
• End-of-contract process: User access is terminated at contract end unless the service is renewed for an additional period.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile and tablets can be used.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AAA
• Description of service interface: The solution is delivered through a secure web site and is designed in React.
• Accessibility standards: WCAG 2.1 AAA
• Accessibility testing: Refer to service description.
• API: No
• Customisation available: No

Scaling

• Independence of resources: Underlying cloud infrastructure is designed to meet scalability and resilience requirements to ensure no impact as above.

Analytics

• Service usage metrics: Yes
• Metrics types: To be agreed during negotiation.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Other
• Other data at rest protection approach: Encrypted storage.
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Built in functions allow this requirement to be met.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Excel
  • HTML
  • PDF
  • SpiderSense
  • I2 - AMB
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Standard availability of the service runs at 99.5%. No service credits are available if this is not met. Further details available on request if necessary.
• Approach to resilience: Our Data Centre provider is certified to ISO22301 (Business Continuity Management and Resiliency). All aspects of the Data Centre Facilities are provided N+1 with no single points of failure.
• Outage reporting: Users are contacted via email regarding any outages.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: All support and management access is subject to the same access controls detailed previously.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 31/03/2021
• What the ISO/IEC 27001 doesn’t cover: Further information is available on request regarding ISO27001 certification.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: All policies are available on request. As a minimum we meet ISO27001-2017.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Our data centre provider use an ITIL (Information Technology Infrastructure Library) based Change Management process to manage any proposed changes to the infrastructure. ; Change request forms ensure that changes are clearly detailed and that all of the relevant personnel have signed these off before any changes are made. Particular attention is given to any impacts potentially to Security and performance.; We maintain a Configuration Management Database which is kept up to date with all information necessary to manage each environment, configuration and dependent service.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Our Data Centre provider undertakes monthly security scans of our external IP addresses which highlight both application and infrastructure security risks, for example older versions of web facing software in use. We are notified within 24 hours of any security issues being identified along with a description of the remedial action required and whether this needs to be undertaken by us or the customer and can be carried out immediately. ; Systems are monitored 24 hours a day for any potential security incident utilising technology which correlates logs from various sources.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: There is a suite of monitoring tools that maintain a continuous watch on all systems within the datacentres. Any potential compromises are dealt with by an Incident Management Process.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Our Data Centres Service Monitoring System alerts based on pre-specified criteria. This can be tailored based on pre-defined processes to ensure that common events are dealt with swiftly or sent on for automated action.; The Service Desk is accessed either by phone or email to report incidents.; Further to an incident a detailed service report is provided to the client outlining the incident, any action and future mitigation. This is provided within 24 hours.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Capita will work with buyers to find suitable initiatives that align with the social value theme of Fighting Climate Change during call-off stages of G-Cloud 14. These will be customised to meet buyers' specific requirements and fit with our overall environmental strategy. This ensures that the commitments we deliver are relevant and impactful for the specific community and stakeholders involved ensuring a legacy of social impact that is both achievable and meaningful.; ; Capita is dedicated to delivering environmental benefits as part of its services. We understand the need to work towards net zero greenhouse gas emissions and to support environmental protection and improvement. Our Net Zero Strategy aims to achieve operational net zero by 2030, operational plus travel net zero by 2035, and full net zero, including the supply chain, by 2045. The strategy involves switching to renewable energy sources, cutting travel emissions, and moving to electric vehicles for our fleet. Capita also wants to help our clients and suppliers in their environmental efforts, by providing technology and solutions that support environmental sustainability and by engaging in partnerships that advance climate action.; ; To inspire our 43,000 employees to work more environmentally sustainably, we introduced a new environmental standard in 2023, which sets out Capita’s environmental commitments and obligations and includes an environmental training module for all employees to back up the environmental standard and net zero commitment. We encourage our employees to use their one-day volunteer allowance to support environmental activity such as litter picks or beach clean-up days and will leverage existing relationships and programmes to fulfil our commitments.; ; To provide transparency and accountability, Capita has set up reliable measurement and reporting mechanisms. These include environmental targets covering energy, climate change, conservation, and biodiversity, which are publicly reported to track progress towards the net zero goals.

  Covid-19 recovery

  Capita's G-Cloud service provision is strategically positioned to support and deliver against the social value theme of Covid-19 recovery. The G-Cloud services facilitate a robust digital infrastructure that enables public sector organizations to operate with greater efficiency and resilience, which is crucial for ongoing recovery efforts. The provision supports social value by enhancing access to digital services, thereby promoting inclusivity, and enabling remote work and learning environments. This is particularly significant in addressing the digital divide that was highlighted during the pandemic, ensuring that all members of society have equal opportunities to access essential services and information.; ; Capita has undertaken various initiatives to aid in the recovery from Covid-19, focusing on supporting people and communities, as well as organizations and businesses. These initiatives include improving workplace conditions for safe operations, providing digital and financial support programs, and setting up virtual contact centre solutions. Additionally, Capita's Enterprise Risk Management ensures operational resilience, while wellbeing initiatives promote physical and mental health recovery.; ; Capita will work with buyers to find suitable initiatives that align with the social value theme of Covid-19 recovery during call-off stages of G-Cloud 14. This would include working with local communities and economies, especially through employment, re-training, and return to work opportunities, community support, developing new ways of working, and supporting the health of those affected by the virus, including those suffering from Long Covid.; ; We understand the need for sustainable solutions that not only respond to immediate crises but also build resilience against future disruptions. Our approach demonstrates a forward-thinking mindset, ensuring that the lessons learned from the pandemic continue to inform and improve service delivery for a more resilient and equitable society.

  Tackling economic inequality

  Capita's G-Cloud service provision will be designed to support and deliver against the social value theme of Tackling Economic Inequality by fostering an inclusive and diverse business environment. We will aim to create new businesses, jobs, and skills, particularly in high-growth areas such as STEM, and to increase supply chain resilience and capacity.; ; Capita will collaborate with buyers during G-Cloud 14's call-off stages to identify initiatives aligned to the social value theme of Tackling Economic Inequality. Tailored to the buyers' specific needs, these initiatives will integrate with our responsible business strategy, ensuring that our commitments are impactful for the involved community and stakeholders, fostering a lasting social legacy. Our approach includes creating apprenticeships, skills gap training, promoting remote working, and establishing offices in areas of deprivation to provide opportunities for disadvantaged groups. We have developed a framework for responsible automation, supported people within our communities to harness the power of automation, advocated greater diversity within the tech sector and promoted accessible digital skills education. Our commitment to inclusive recruitment and the use of a diverse supply chain, which includes small and medium-sized enterprises (SMEs), voluntary, community, and social enterprises (VCSEs), and mutuals, further demonstrates our dedication to reducing economic inequality.; ; Capita's supplier charter outlines equitable supplier relationships, and we are an active member of Business in the Community which reflects our ongoing efforts to identify and address inequality within our workforce and operations. With a significant portion of our supply chain (92%) comprising SMEs, Capita's practices promote greater use of these entities, thereby contributing to a more balanced economic landscape.; ; Through these measures, Capita's G-Cloud service provision will not only support the social value theme of Tackling Economic Inequality but also align with the company's purpose-led, responsible business ethos, creating better outcomes for society at large.

  Equal opportunity

  Capita champions Equal Opportunity, striving for an inclusive environment that mirrors the diversity of the communities we serve. We have recently been recognised as one of the top companies for women by Forbes, ranking at number 18 on their list and won the Race Equality Advocate award at Vercida's Inclusive Employer Awards. This is a testament to our commitment to diversity, inclusion, and equality in our workplace and in our society. Capita will work with buyers to find suitable initiatives that align with the social value theme of Equal Opportunity during call-off stages of G-Cloud 14. Our approach includes:; ; Increasing Representation: Capita is committed to increasing workforce diversity, targeting multi-year goals for disabled, gender, and ethnic representation. For example, to tackle racism and enhance ethnic diversity, we have set a target for our UK workforce to have 15% Black, Asian and minority ethnic and 5% Black representation across all levels of the organisation.; ; Inclusive Recruitment: Capita employs inclusive recruitment practices, advertising roles broadly and emphasizing outreach to hard-to-reach groups. This is complemented by partnerships with organizations like Forces Family Jobs and Vercida, the UK's largest disability-focused jobs website. ; Promotion, pay and reward processes: We recognise the contributions of all colleagues, supporting and paying them fairly for the work they do. Efforts to narrow gender and ethnicity pay gaps include monitoring diversity in senior management, targeting 60% women and 20% ethnic minorities on senior management shortlists, enhancing shared parental leave pay, implementing structured interviews, and promoting career growth through mentoring.; ; Training and Development: Capita provides mandatory training in equality, diversity, and inclusion, as well as unconscious bias training for all new employees, which is repeated annually. ; ; Capita's strategy is to create a legacy of social impact by providing equal employment opportunities to disadvantaged groups, offering in-work progression, and enhancing skills.

  Wellbeing

  Capita is committed to supporting and delivering against the social value theme of Wellbeing. We will collaborate with buyers during call-off stage to find initiatives that support the social value theme of Wellbeing. Our structured Group Wellbeing Framework, supported by our Group Wellbeing Policy and Standard, will ensure a consistent approach to identifying wellbeing needs and implementing appropriate interventions to address those needs.; ; We care about creating workplaces that safeguard, help and enhance the wellbeing of all our colleagues. We are committed to:; ; • Prioritising the wellbeing of employees and managing factors that may cause negative emotional, psychological, physical, or social impacts.; • Creating a culture and environment throughout Capita that actively supports and promotes wellbeing.; • Providing the necessary training and awareness to protect the wellbeing of our employees.; • Enabling working conditions and providing guidelines for those working remotely, to ensure our business activities are safe from a wellbeing perspective.; • Fulfilling current wellbeing legal and other obligations that apply to us wherever we operate and assuring compliance with our Group Wellbeing Policy and Standard.; • Listening to the wants and needs of our employees to ensure we provide wellbeing support that is valued by all.; ; Capita's Wellbeing Hub serves as a central place for employees to access advice, support, and information to manage their wellbeing effectively. It includes resources to support physical, financial, mental, and social wellbeing, such as Time to Change training, financial wellbeing apps, emotional resilience tools, and guidance for team managers on supporting employees. We also provide an Employee Assistance Programme, offering independent services including counselling and practical advice on personal or work matters.; ; Capita's approach to wellbeing is holistic, encompassing not just the workplace but also the wider community, ensuring that social value is embedded in every aspect of our operations.

Pricing

• Price: £19,495.00 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: To be discussed.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at engagewithus@capita.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.