CUTNALL GREEN CONSULTING LTD

Cloud Spend Analysis Service

We provide cutting edge Spend Analysis software combined with practical hands-on support enabling customers to understand their spend at a granular level.
We use machine learning and AI to cleanse, enrich and categorise all non pay expenditure. This "single view of the truth" will facilitate driving operational efficiencies at pace.

Features

• 1. Access to real practical experience with “hands on support”
• Focus on “Learn by doing” to share knowledge
• Real time, cloud based spend analysis service
• Data cleansed at a SKU level
• Side by side, item by item benchmarking
• Ability to manipulate and visualise data in real time
• Comprehensive reporting and linking data to financial reporting
• Data classified to eClass or other recognised classification systems
• Secure architecture and structure designed to protect data
• Fully automated and repeatable processes

Benefits

• Access to experienced “hands on support”
• Transfer of knowledge via “learn by doing”
• Opportunity to aggregate spend across multiple organisations
• Opportunity to deliver benefits at pace
• Obtain best value for money in real time
• Efficiently exchange information and define requirements
• Linking spend data to budgets to improve transparency
• Support the rollout of category management
• Removing non value added activities undertaken by procurement
• Execute informed sourcing and supplier decisions

£1,500 a licence a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at robcarter@cgconsultingltd.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

556932481319063

Contact

Robert Carter
07866 436815
robcarter@cgconsultingltd.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: We can interact with existing eSourcing and Dynamic Purchasing Systems
• Cloud deployment model: Private cloud
• Service constraints: We do not have real time electronic messaging
• System requirements: Internet Access

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We respond to calls and emails within a business day
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: The support we provide depends on the client need and the service chosen. In all cases the Spend Analysis service is a cloud based software as a service solution. At inception, we will pull together data from multiple sources such as Accounts Payable, Purchasing, NHS SC etc. Data will be cleansed and enriched using machine learning and harmonised product descriptions, part numbers etc. In addition, each item will be classified using eClass or UNSPSC, so that it is possible to aggregate the view of data across a category for an organisation or region. Data will be refreshed regularly eg Monthly, providing an up to date view of spend whilst retaining historical data to allow interrogation of trends. ; The platform has a data visualisation facility, allowing “self service” interrogation of data. All data is exportable, allowing further analysis to be undertaken. ; ; In addition, we can provide additional tailored support for clients. This can take different forms such as Interrogating consumption trends for a given category or Identifying for finance how spend should be correctly linked to budgets to allow for more effective budget planning.; ; This will be support will be defined and agreed in conjunction with each client.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide one to one online and in person training on using the software platform for users. The training pack is scripted and thoroughly documented in order to maintain consistency and transparency. We always provide additional training if necessary.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
  • Other
• Other documentation formats:
  • Excel
  • Hard copy
• End-of-contract data extraction: As part of our process we share all information particular to the buyer at every stage during any given procurement project in which we participate. Our client can also access their data and extract it anytime from the portal upon completion of the contract.
• End-of-contract process: Customers commit to the service based on a specific number of users and for an agreed term eg 2 years. Once they give us notice that they are not going to use the platform, we start the off boarding process. This would consist of switching off existing user permissions. In the standard service there is no additional cost to users at the end of the contract. If clients have specified unique customised elements then this would be subject to further discussion.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: We provide an easy to use, intuitive user interface that we train each user on. This ensures that both buyers and sellers are able to get the most of the spend analysis platform. The platform has a data visualisation facility allowing users to interrogate data using any of the available features of cleansed data in order to present data in an more insightful format. Data is exportable in a format such as Excel to allow further desk top analysis to be undertaken.
• Accessibility standards: None or don’t know
• Description of accessibility: The platform access is based on permission levels, so depending on the users function, they will see different information and be able to perform different functions.
• Accessibility testing: We haven't undertaken any interface testing
• API: No
• Customisation available: Yes
• Description of customisation: The presentation of data is highly customisable using the data visualisation capability of the service. There are a set of standard reports that users can choose to use but any element of the cleansed data can be interrogated using the data attributes. This provides a similar functionality to Excel but on a greater scale. Data will be refreshed on an agreed basis eg Monthly allowing users to interrogate trends in data over time.

Scaling

• Independence of resources: We take particular care and meticulously schedule events so that processing resources on our services on our servers as CPU and memory are not over extended. In addition, we use internal monitoring and reporting processes to manage and plan server capacity

Analytics

• Service usage metrics: Yes
• Metrics types: We provide information on number of events, amounts and quantities of goods and services auctioned, savings against baseline and sourcing information
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Users export their data from our platform by logging in with their unique username and password. They then can export their data in various formats.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats: Excel
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats: Excel

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Our aim is 99.9% availability
• Approach to resilience: Our equipment that holds our software is housed in data centres with n+1 levels of resilience
• Outage reporting: The preferred method of outage reporting is usage of email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Management interfaces are only accessible by authorised users, authenticated by username and password. Sensitive factors are restricted to authorised networks.
• Access restriction testing frequency: Less than once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Our approach to security governance is to use the best practise for the industry
• Information security policies and processes: The company follows best practise information security policies and processes for the industry. It is the establish policy of Cutnall Green Consulting Ltd to operate within the requirements of a documented information Security Policy statement as a means to comply with all statutory, regulatory and contractual requirements, and to protect the interest, property and information of the company and if it clients and employees against threats or loss. In pursuance of this policy its stated requirements have been implemented together with the specified requirements of the company's associated information security and computer systems access management. The purpose of this Information Security Policy statement is to describe how security is implemented, to give guidance to our employees whose actions can affect the confidentiality and integrity of the business, it product and services and to illustrate the overall commitment to security issues within our company. The Information Security Policy is maintained by audit and review in order to provide effective assurance that all aspects of company, employee and customer specified security requirements are being implemented

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Servers are set to automatically install security patches nightly. Any changes to services are vetted for security impact at the planning and implementation stages.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Security managers monitor and evaluate security bulletins for application components. If possible the component is updated and if an update is not immediately available, a patch or mitigation is applied within 72 hours
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Logging is used to identify potential compromises. When discovered, compromises are responded to with 24 hours
• Incident management type: Supplier-defined controls
• Incident management approach: We maintain a security point of contact. Any security related matters are forwarded to the security POC. Incident reports are emailed to the affected customers

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Tackling economic inequality

  Tackling economic inequality

  As a micro entity ourselves, we are keen to create opportunities to help small organisations to grow. So we are promoting the development of Machine Learning & Artificial Intelligence in Spend Analytics for the Health Service using a network of small specialist tech companies. This will enable us to consider taking on apprentices, increasing our own capability and capacity. The technology we are proposing to develop will be disruptive, creating new systems to identify opportunities to leverage spend across multiple healthcare organisations delivering real value to our customers

Pricing

• Price: £1,500 a licence a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at robcarter@cgconsultingltd.com. Tell them what format you need. It will help if you say what assistive technology you use.