Skip to main content

Help us improve the Digital Marketplace - send your feedback

Zengenti Limited

Content Management System (CMS) Contensis package for Higher Education

This is a custom, higher-education package for the Contensis content management system. Contensis supports any design that can be built in HTML. It’s the foundation for accessible and responsive websites, intranets, portals and channel shift systems. It’s used by universities, local government, housing associations, NHS and police services.


  • Customer experience management (CXM) and personalisation features
  • Create structured content easily before re-using and publishing it anywhere
  • User-friendly, fully accessible, form-based editing experience
  • Publish mobile-responsive content to any digital channel
  • Validation tools catch mistakes and prevent accessibility issues
  • Thoroughly documented and supported APIs allow almost limitless custom development
  • Comprehensive content scheduling and lifecycle management
  • Audit trail, version control, track changes, dual-page previewing
  • Productivity features for content authors, tasks lists, reminders
  • Workflow: simple, powerful, easy to set up


  • Our advice and technology helps you to run successful websites
  • Website visitors can access your websites quickly from any device
  • Benefit from maximum uptime and resilience on our cloud infrastructure
  • Easily comply with, and maintain, WCAG accessibility standards
  • Quickly create new landing pages to support student recruitment campaigns
  • Learn from, and share with, a community of top universities
  • Build and re-use structured content in any channel, saving time
  • Improve content governance with sophisticated workflow and user permissions
  • Create, translate, and manage content in multiple languages
  • Integrate back-office systems surface important data in one place


£334 to £2,854 an instance a month

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

5 4 7 2 6 3 7 8 3 5 7 9 9 5 5


Zengenti Limited Stef Robinson / Ola Andersson
Telephone: 01584 824202

Service scope

Software add-on or extension
Cloud deployment model
Hybrid cloud
Service constraints
Planned maintenance varies with service level chosen. Details are provided in Service Definition document.
System requirements
  • Users editing in Contensis need one of the following browsers;
  • Edge
  • Chrome
  • Safari
  • Firefox

User support

Email or online ticketing support
Email or online ticketing
Support response times
All critical tickets are responded to 24/7/365. Other levels are handled during working week only.
User can manage status and priority of support tickets
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Phone support availability
24 hours, 7 days a week
Web chat support
Onsite support
Yes, at extra cost
Support levels
We provide a single, consistently good level of service, which is appropriate to meet the 99.99% uptime commitment in the SLA. The associated response times for support tickets are;
1. Critical Incident: these are handled 24/7/365, receipt is immediate, response is within 30 minutes and resolution within 8 hours.
2. Standard Incident: these are handled during office days and hours (8am to 6pm), receipt is within 60 minutes, response is within 4 hours and resolution within 2 working days.
3. Minor Incident: these are handled during office hours, receipt is within 4 hours, response is within 8 hours and resolution within 3 working days & prioritised.

As part of our G-Cloud service, we provide an uptime of 99.99% for all the websites you publish from Contensis. Any issue that affects this is a "Critical" and is dealt with on a 24/7/365 basis.

Support is provided within the SAAS cost. We provide support to the same high standard for each of the licence levels.

We allocate an engineer to each issue and they stay with it until resolution.
Support available to third parties

Onboarding and offboarding

Getting started
Once a call-off contract has been agreed, we will undertake all the work to provision the CMS within 48 hours. The key users will be given access to the system and to the help desk.

Zengenti will then support you in whatever way you require to get you up and running.

For example, you may have in-house development resources already. We can train your people to implement designs as templates and build and launch websites. Training can be at your premises or ours. We also offer remote training and all formats are supported by full documentation. The core documentation is public - see

Zengenti also offers a full UX-led website design and build service.

Once completed, we will handover the site in a dedicated session so your users fully understand how to take it forward.

Further details of all our services can be seen in our Cloud Services entry on the Digital Marketplace.
Service documentation
Documentation formats
End-of-contract data extraction
We provide a standard export of all data from the CMS on request.
End-of-contract process
The standard export is provided at no cost. We can provide clients who are off-boarding with bespoke exports if required, although this would be chargeable.

Using the service

Web browser interface
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
Published websites are designed to operate on any mobile device.
Service interface
User support accessibility
Description of service interface
Users can access the service dashboard. This provides redirects, reverse proxies and site configuration. Redirects can be uploaded in bulk via CSV.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
We perform manual testing of all user interfaces using JAWS, NVDA and VoiceOver.
What users can and can't do using the API
Anything that’s possible to build on the web is possible to build with Contensis. We keep our CMS up to date with the technology you use, and as a result, Contensis is a language-agnostic CMS. Our APIs are easy to access, and we provide developers with tools (including desktop-based tools) to code against Contensis. Through training, tools and tutorials, we actively help developers build the best digital services the web can offer.
Contensis comes with an extensive but flexible Delivery API to help you create websites with your preferred language or framework. We provide API methods for navigation and routing, image optimisation and search. You can easily create complex navigation – menus, breadcrumbs – with a simple API. Node methods in our Delivery API route any URL requests to the correct entry. So, you can build and ship new features, faster.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
The Contensis service is an entirely browser-based Web CMS. It enables you to build, publish and manage multiple websites of every variety. Anything you can achieve on the web with HTML can also be done in Contensis.

In a few days, users with HTML and CSS skills can learn to build websites based on templates and structured content types.

All aspects of the website can then be managed. This includes creation or amendment of pages, upload of content, media and documents, metadata and site structure control. In fact, anything that can be done in a manually built website can be managed more easily in Contensis.

Users can publish and unpublish content, can undertake content governance and reporting, and manage metadata.

Multiple websites can be supported in a Contensis instance, with unlimited microsites and URLs.

Subject to their permissions, any user can work in the CMS.


Independence of resources
Each client has a separate infrastructure which is scaled to handle their own specific peaks in demand. The level of demand and hence resource would be discussed and agreed with you at the outset.


Service usage metrics
Metrics types
We provide uptime reports, and reports on service desk performance.

Users have a dashboard available that summarises the current state of the service.
Reporting types
  • Real-time dashboards
  • Regular reports


Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
We provide a complete export of all content held in the CMS. This would be used primarily for migration to another CMS.

Contensis has an advanced CMS search in the interface. It supports building up Boolean search phrases for searching and filtering by;
· Content type
· Content language
· Author
· File size
· Expiry date
· Review date
· Date created
· Date modified
· Date first published
· Date last published
· Filename
· Tags
· Title
· Synchronised content
· Last workflow
· Status
· Metadata
All items can be exported as a CSV.
Data export formats
  • CSV
  • Other
Other data export formats
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Our G-Cloud services have an uptime of 99.99% for the published websites, measured on a monthly basis. This includes planned maintenance.

Service credits are calculated on the basis of the difference between actual and SLA availability:

service credits = (100 - a) x b
a = the actual percentage availability of the Platform during the relevant calendar month; and
b = the Charges payable in respect of access to the Platform during the relevant calendar month (exclusive of VAT and other taxes).
Approach to resilience
The service operates from multiple Tier-3 datacentres in separate geographical regions.
Each datacentre has separate electricity substations. Dual power cables run to each item of equipment. There are also back-up generators.
All infrastructure is virtualised. An individual logical server, e.g. a CMS server, has an average of 3 physical servers underlying it.
All equipment is monitored, and can be host swapped and remotely managed.
All key services are duplicated, including firewalls, routers and internet connections.
Outage reporting
Since we meet or exceed the 99.99% uptime, outages of the Contensis cloud service are rare. If they do occur, they typically involve a single client.

Issues raised by the client will be via the Helpdesk, so all client staff with access will be aware of it and can follow progress to resolution. If we become aware of the outage outside the client's normal working hours, we will pro-actively raise a ticket on your behalf, and if appropriate, report the issue by email.

We can also phone if you have provided an out-of-hours contact. We will engage with your incident management process where appropriate.

If an issue affected multiple clients, we will issue a group email explaining what occurred, what action we have taken to resolve it and how we plan to prevent it in future.

Identity and authentication

User authentication needed
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Anyone wanting to self-register on the help desk or cloud dashboard requires a valid client email address. Once registered, it can only be accessed by registered users who authenticate.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
29th June 2021
What the ISO/IEC 27001 doesn’t cover
All relevant areas of our operation are comprehensively covered in the certification scope.

We are happy to provide potential G-Cloud clients with a copy of the Statement of Applicability.
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
All staff receive a set of standard training sessions at the point they are recruited, and this includes secure work practices. These are reinforced through ongoing appraisal and supervision processes and are included in the Staff Handbook.

As an ISO 27001 registered company, our data handling process is scrutinised on a regular basis as part of internal and external quality audits.

As a company we are registered with the Data Protection Registrar.

Where an issue requires escalation, we have a set of identified processes, including phone numbers, so that you can talk directly and express the level of urgency or business challenge. The levels are:-
After 1 hour Head of Support
After 2 hours Chief Product Officer
3 hours+ Chief Executive Officer
One of the key advantages of working with Zengenti Ltd, is that we keep the barriers to communication as low as possible - commensurate with delivering services efficiently to our whole client base. This means that when you need to speak to someone with the necessary technical skill and the authority to decide a course of action, you can.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Our infrastructure is managed through a configuration management system. As a result, all changes to configuration of customer environments is auditable. Changes are first tested in staging environments, before being rolled into production.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We assess potential threats through proactive monitoring of logs and security advisories from major partners/suppliers in the security sector.

We can deploy patches in minutes, but we would assess the risk posed by the particular vulnerability and decide the most appropriate schedule. Typically patches are applied monthly.

We recently had an opportunity to prove the resilience of our processes, when our engineers discovered a vulnerability. Within 48 hours, we had put fixes in place to eliminate any potential risk and told all our clients about the process. We also upgraded all our hosted clients.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
We have monitoring systems in place that will detect unexpected network traffic and behaviour on servers. There are a range of different solutions depending on the device, for example, on a Linux server we will be automatically notified if there's a change in user account details.

If we find a potential compromise, our incident management process would be triggered.

From that point, the speed of response would be agreed between the engineers and the incident manager.
Incident management type
Supplier-defined controls
Incident management approach
The majority of incidents are handled through the help desk. This streamlines incident management, tracking and resolution. Supportive questions help us gather essential information. Users rate the severity via impact on their business processes. For critical incidents, on-duty incident managers assess the situation and any affected customer(s) and create a communication list for the incident. All communication is available within the help desk portal.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Connected networks
NHS Network (N3)

Social Value

Fighting climate change

Fighting climate change

Zengenti has invested in wood chip/pellets from sustainable sources to run our heating and hot water systems. Our biomass boiler helps to reduce energy loss during energy generation and distribution and the heating and hot water for our headquarters are completely supplied via this method. All the electricity that we consume as a company is 100% renewable. Both our Interxion and Equinix data centres all run using 100% renewable energy. We use EON to supply the electricity for our headquarters, which is also 100% renewable. We are also currently planning the installation of a solar panel array in the grounds of our headquarters to further reduce the need for electricity from the grid. Our staff continue to mainly work from home, which reduces the need to commute into the office, greatly reducing CO2 emissions and any unnecessary travel. The majority of our staff now typically come into the office a few days a month rather than almost every day.
Covid-19 recovery

Covid-19 recovery

As a company our staff continue to mainly work remotely with around 5-10% of the team working from our offices at any one time. We have updated our office spaces to ensure that effective social distancing is in place when people do work from the office, including in all our communal areas. We have also created more communal areas and casual meeting spaces. Supporting our teams to continue to work remotely has greatly reduced travel and has reduced the demand on health services, as our teams are far less likely to come into contact with others who may have had COVID-19. We continue to ensure our teams are given the flexibility that they need to help others who might be shielding or who are at high risk from COVID-19. We have offered those who do need to work from the office paid leave if they need to stay away from the office due to illness, which is also helping to reduce the risk of others who are working from the office. Throughout the pandemic and beyond we have always tried to help our team with their mental health. We have a regular section in our weekly staff newsletter on mental health, and we also have trained mental health staff who are available in the event that someone needs some initial help. We have embraced opportunities to get our teams together, subject to COVID-19 restrictions, and where we have been able to do so in a safe manner, such as outdoor walks for example. These activities have all been aimed at helping people to get together and encourage people to talk and share experiences.
Tackling economic inequality

Tackling economic inequality

As a company we have created many training and development opportunities for young people. This starts with us supporting work experience and school away days, and often ends with people from the local community joining our team, where we train them from the ground up in the latest technologies. Whilst the area we are based in is not a deprived area, we are one of very few technology companies in the area, and we have given lots of opportunities to local people, which has helped to develop and diversify the local economy, which otherwise is very agricultural. We also sponsor charities and initiatives in our community, including paying for children to attend a circus event that they might otherwise not get the opportunity to go to. We also sponsor The Green Festival, Ludlow. This is an event which celebrates everything “green”. We support a local technology group who meet up monthly and invite guest speakers to share knowledge and expertise. In addition, we support “Local to Ludlow” suppliers where we can. In terms of our own supply chain, this is very small and focuses almost entirely on three or four companies who provide our infrastructure services. Outside of these companies, who need scale to provide their services, we do largely use SMEs to deliver our other business requirements. This includes air conditioning engineers for our data centre through to local sole traders helping us deliver lunch for our teams. Working with business startups is something that we have always been willing and excited to do, ensuring that any risks are low enough not to impact any of our existing customers if something goes wrong.
Equal opportunity

Equal opportunity

Zengenti is an equal opportunities employer and has an equal opportunity policy. The aim of this policy is to ensure that no job applicant or employee receives less favourable treatment on the grounds of gender, race, disability, colour, nationality, ethnic or national origin, marital status, sexuality, dependants responsibility, religion, trade union activity and age (up to 65). Selection criteria and procedures will be kept under review to ensure that individuals are selected, promoted and treated on the basis of their relevant merits and abilities. All employees will be given equal opportunity within the company’s service and will be encouraged to progress within the organisation. To ensure that direct or indirect discrimination is not occurring, recruitment and other employment decisions will be regularly monitored in conjunction with ethnic records of job applicants and existing employees. The company is committed to a programme of action to make this policy fully effective.


We hold regular events as a team to raise money for charity. Previous events have included bake sales, organised treks, and a week of activities to support Mental Health Awareness Week which included yoga classes and running/cycling challenges. We have trained a number of our staff under the MIND courses on mental health awareness and first response, with an aim to help us to spot any first signs and issues and offer any help to our teams. We have a section in our weekly staff newsletter on mental health and all our teams get involved in order to produce this, helping to raise general awareness as well as delivering advice and suggestions aimed at helping anyone who might be struggling with their mental health. In terms of practical aspects, prior to the COVID-19 pandemic when we were all working in the office, we ensured that we made special changes to help certain team members, who struggled with certain physical issues such as noisy spaces, and we continue to ensure we offer support in how people work wherever possible. We are planning in the future to support local primary schools with their mental health activities too, by providing access to activities such as yoga and meditation.


£334 to £2,854 an instance a month
Discount for educational organisations
Free trial available
Description of free trial
We provide a "sandpit" version of the actual Contensis system with all functionality included. User numbers are limited by negotiation. Typically, we would expect the trial version to be available for no more than 3 months.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.