On-boarding, i-apply, i-license and Enrolment Platform
The On-Boarding, iapply and Enrolment Platform is a digital SaaS platform. It allows individuals, organisations and businesses to engage digitally with Government for all types of services grants, accreditations, schemes, permits and licences. It will allow easy bespoke end to end processing and correspondence to deliver crucial Government services.
Features
- End to End service management - start to finish
- Flexible configuration for multiple services
- pre-populate data for ease of service application
- integrate service and licensing process with other systems
- open standards data integration
- e-signatures available for identification
- full online digital process
- correspondence creation for you customers
- scalable both for services and volumes
Benefits
- Ease of onboarding a service
- Speedy issuance of permits and licensing
- full digital services to your clients
- Licence covers multiple services and users not per service
- Onboard and enrolment expedited immensley
- Esignatures and other identification methods available
- Integrate with your existing back office systems
- Ease of use and quick to build service flows
- Integrate with payment platforms
- Optional mobile inspection add-on
Pricing
£500 a unit a month
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
5 4 4 3 3 4 5 1 7 9 1 5 2 9 7
Contact
apto solutions limited
Simon Eastwood
Telephone: +44 (0) 7718319047
Email: simon.eastwood@aptosolutions.co.uk
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- CRM, Marketing, SalesForce, ServiceNow, ERP, Data Processing, legacy systems
- Cloud deployment model
-
- Public cloud
- Private cloud
- Hybrid cloud
- Service constraints
- No
- System requirements
- Browser
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Depends on SLA contracted
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 A
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- 0900 -1800 Monday to Friday excluding UK public holidays. 24/7 available on request.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- From the customer defining a project for onboarding which is driven by the complexity and number of systems to be integrated. At the lower end a simple flow and API, can be specified, built, tested and deployed within one to two days. Self service aspect of this service is up the point of utilizing supplied toolsets to specify these integrations, and thereafter the service will create, deploy and manage the process activities.
- Service documentation
- Yes
- Documentation formats
- HTML
- End-of-contract data extraction
- Typically the data is transitory from one system to another, or from point of data capture to the destination system. If the data persists in this service we supply free of chrage an SQL csv extract, name value pair, XML etc dependent on the persistence used.
- End-of-contract process
- Decommissioned, any perstistent data Standard Data Extraction in .CSV, XML, JSON format.
Using the service
- Web browser interface
- No
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- None
- Service interface
- No
- User support accessibility
- WCAG 2.1 A
- API
- Yes
- What users can and can't do using the API
- RESTful, SOAP available older versions & Synthetics API's via Robotics
- API documentation
- Yes
- API documentation formats
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- A number of customisations are available dependent on the functionality being delivered by the platform. However, the majority of setup tasks for creating the synthetic API's is configuration, rather than customisation.
Scaling
- Independence of resources
- We monitor our platform service automatically and load balance accordingly.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Standard Usage and Processing Metrics, as agreed with customer.
- Reporting types
-
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Adobe, Typeform, Apto forms, Appian
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- .csv, .tsv, XML, JSON
- Data export formats
- CSV
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- JSON
- XML
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
- We have different SLA's for different levels of service selected. That service level dictates the availablity percentage, the tolerances and subsequently the service credit. Service credits are applied only to future service payments.
- Approach to resilience
- Available on request.
- Outage reporting
- Email Alerts and Via Customer Support Portal
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Username or password
- Access restrictions in management interfaces and support channels
- The service can integrate with existing authentication systems or uses groups and user permissions for access to particular functionality of the service.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users receive audit information on a regular basis
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users receive audit information on a regular basis
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- QAS International
- ISO/IEC 27001 accreditation date
- 14/04/2015
- What the ISO/IEC 27001 doesn’t cover
- N/A
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
- ISOI 27001
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- This is documented as part of our ISO27001 policies and processes.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Changes to services and features follow our documented configuration and change management policy.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- As part of our ISO27001 policies and processes we follow a number policies to prevent, assess, log, manage and eradicate vulnerabilities.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- We have processes that continually review our monitoring devices, logs, processes, usage, application metrics, unauthorised connection attempts, attacks and so on.
- Incident management type
- Supplier-defined controls
- Incident management approach
- We have pre-defined ISO processes for incident management. Users report incidents through our helpdesk, using an incident management form. We provide incident management reports in a standard format as per our policy.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Tackling economic inequality
Fighting climate change
As a business we strive to operate a paperless office wherever possible. In our work with digital services, including forms and signatures, we recognise that decreasing the use of paper, and the needless printing of forms for signature, along with the energy associated with postage, is an important part of reducing Our carbon footprint.Tackling economic inequality
In the policy statement of improving supply chain resilience, continued & better usage of digital services including digital forms and signatures is key to preventing fraudulent activity. In addition, ensuring that government services are easily accessible to all, so that all members of society can quickly and easily consume government services is key to a continued inclusive society. Meeting accessibility standards is also key to this. High quality digital forms and e-signature approaches remain key to ensuring this
Pricing
- Price
- £500 a unit a month
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- An integration sample, demonstrated in our service container. There is an optional limited time period negotiated at the time for demonstration to other stakeholders.