Riskaware Ltd.
CrystalCast
CrystalCast is a disease forecasting tool that combines multiple epidemiological models to predict outbreaks and anticipate impacts on
the population. The software provides statistical outputs relating to “what-if” scenarios, allowing key stakeholders to weigh up uncertain conditions and parameters before taking appropriate action.
Features
- Underpinned by Dstl's uncertainty combination algorithms
- Models outbreaks of different diseases and scenarios
- Accounts for disease type, outbreak location, population demographics
- Models interventions such as movement restrictions, medication and vaccinations
- Enables compare and contrast of disease model uncertainty
- Visualises population effects in patches or frequency trees
- Wide range of other statistical visualisations
Benefits
- Flexible and cost-effective subscriptions to fit specific user needs
- Flexible framework adaptable to different user needs
- Secure cloud hosting and local installation options
- Utilises Dstl uncertainty combination algorithms
- User focused web based user interface
- Powerful data visualisation dashboard
- Upload externally generated disease model output for combination and visualisation
Pricing
£5,000 to £100,000 a unit a year
- Free trial available
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at opportunities@riskaware.co.uk.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 14
Service ID
5 5 3 8 2 8 9 5 6 3 1 2 2 9 3
Contact
Riskaware Ltd.
Simon Agass, Business Development Director
Telephone: 0117 9291058
Email: opportunities@riskaware.co.uk
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
- The software does not currently fully support secure user authentication.
- System requirements
-
- Docker deployment for 5 services
- Minimum 8GB per service
- Minimum 4 vCPU per service
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Email support. Response time Next working day
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- No
- Support levels
- Support levels are offered in alignment with customer needs. Technical support is provided by the Riskaware team.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- CrystalCasts's user manual is provided within the platform in pdf format, as well as tool tips within the user interface. Additionally, one-to-one training can be provided on request.
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- Data extraction can be arranged on request.
- End-of-contract process
- At the end of a contract, a users' account will be removed and they will no longer have access to the system.
Using the service
- Web browser interface
- Yes
- Supported browsers
- Chrome
- Application to install
- No
- Designed for use on mobile devices
- No
- Service interface
- No
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- API
- No
- Customisation available
- Yes
- Description of customisation
- Our service is customised by the Riskaware team to suit users' operational and language needs. Features can be added according to user requirements.
Scaling
- Independence of resources
- Each customer would have their own deployment container with it's own dedicated resources.
Analytics
- Service usage metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Other
- Other data at rest protection approach
- Data is hosted on Riskaware premises. Riskaware are a certified Cyber Essentials Plus accredited organisation.
- Data sanitisation process
- No
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- Data can be exported for users on request.
- Data export formats
- CSV
- Data import formats
-
- CSV
- Other
- Other data import formats
- Excel spreadsheet
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
- To be agreed via Service Level Agreement.
- Approach to resilience
- The system currently requires further development for resillience.
- Outage reporting
- There is currently no support for reporting outages but an appropriate system can be agreed for development at the start of the contract.
Identity and authentication
- User authentication needed
- No
- Access restrictions in management interfaces and support channels
- The bespoke nature of the service means that customers can request management and support services via email and therefore do not have direct access to such interfaces.
- Access restriction testing frequency
- At least once a year
- Management access authentication
- Other
- Description of management access authentication
- Management access to the service requires access to the hosting environment, which is only available to Riskaware staff. Users can request changes via support email.
Audit information for users
- Access to user activity audit information
- No audit information available
- Access to supplier activity audit information
- No audit information available
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
-
- Cyber Essentials Plus
- ISO 9001:2015 TickITplus
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
- Cyber Essentials Plus
- Information security policies and processes
- Riskaware has in place the ISO 9001:2015 TickITplus standards and is working towards obtaining ISO 27001.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- Riskaware is a certified ISO 9001:2015 TickITplus company. All of its products and processes conform to these standards. In order to ensure these QA processes are adhered to, RiskAware uses issue-tracking tools, such as Jira, which is used to track work against requirements and to ensure high standards of work through peer review.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
-
Riskaware is an accredited Cyber Essentials Plus company. All of it's systems and online products have been judged by assessor to be secure. The process of obtaining this accreditation, involves tracking, monitoring and mitigating vulnerabilities by Riskaware's in house ICT Team.
Additionally, the ICT team proactively monitor threats. Patches are deployed almost immediately and most of our systems are configured to automatically update. Threat information is collated from industry leading experts by the ICT team. - Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- Riskaware's ICT team regularly monitor new and emerging threats via government and leading industry security sites & produce a monthly report for internal awareness
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- Users can report incidents via email to the Riskaware development team. All incidents will be responded to within 24 hours, with progress tracked internally using our development management software, Jira. Our incident tracking processes adhere to the ISO 9001:2015 TickITplus standards.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
Covid-19 recoveryCovid-19 recovery
CrystalCast provides advanced disease modelling and visual insights and was used extensively by the UKHSA during the Covid Pandemic to inform decision making. The mode is still in use by UKHSA with the aim of preparedness for future pandemics
Pricing
- Price
- £5,000 to £100,000 a unit a year
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- Free trial available on request as part of negotiations.
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at opportunities@riskaware.co.uk.
Tell them what format you need. It will help if you say what assistive technology you use.