FRAMA (UK) LIMITED

Frama Rsign for Local Government

Frama Rsign is a secure encrypted service designed to accelerate workflows for contract and document signing for GDPR compliance.

Features

• Contract management for multiple documents
• Simple, intuitive webapp to view all contracts awaiting signature
• Device agnostic - login anywhere anytime on any device
• Easy optimisation, automation and management of important contracts
• End-to-end encryption without intermediate data storage
• API available for CRM/CMS integration for automated workflows
• Document creation through a simple drag-and-drop interface
• Store multiple templates for easy retrieval and share with team
• Automatic forwarding of documents in case of staff absence
• Notifications for document signed or pending

Benefits

• Contract management interface for time and money savings
• Effortless transition to paperless office
• First contract to arrive is usually the first signed
• Compliance with GDPR and other regulatory obligations
• File sharing with wider team for additional document control
• Never miss a deadline again
• Define contract workflows throughout your workplace
• No portals, downloads or passwords needed for the signer

£500 to £500,000 a transaction

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at richard.west@frama.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

562156364760650

Contact

Richard West
01992451125
richard.west@frama.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: No contraints
• System requirements: Internet connection

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 2 hours, 9am to 5:30pm Monday to Friday (excluding UK Bank Holidays)
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Web chat is accessible through the Frama website. Users can web-chat directly to our service desk. If issue cannot be resolved via web-chat, escalation matrix is in effect.
• Web chat accessibility testing: Not applicable.
• Onsite support: No
• Support levels: For every contract, Frama provide an account manager who is the first point-of-call for all service enquiries or issues.; All incidents are evaluated against a 3-tier service escalation, rated:; Low: minimal impact on service; delay in messaging of less than 2 hours; Medium: some features or services unavailable but core functionality intact and messages being sent and received; High: impact on business; total failure of core functionality; Service provided is triaged against tiered impact levels. Escalation matrix and contacts is distributed to client upon commencement of contract.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Frama Rsign is designed to be user-intuitive with minimal training required. On-site or on-line training can be provided (additional costs may apply) on demand. User documentation is provided upon acceptance of contract.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats: Any upon request
• End-of-contract data extraction: Not applicable - no data is stored at any time.
• End-of-contract process: Once contract is expired, access to web portal is removed. No further action is required.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Users can access the web portal via a log in. The interface allows for all control, document creation and management, and admin control.
• Accessibility standards: None or don’t know
• Description of accessibility: Users can access the portal through any connected device. There are no restrictions on accessibility.
• Accessibility testing: None
• API: Yes
• What users can and can't do using the API: API services are available to connect Frama Rsign to existing CRM / CMS systems for improved document and workflow management. API creation is upon request, please contact us for details.
• API documentation: Yes
• API documentation formats:
  • PDF
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The Frama Rsign portal allows the user to configure workflows and documents specifically to their own business requirements. Users can customise to their individual workflows through notifications. All customisation is performed on a permissions-based basis. All services can be branded.

Scaling

• Independence of resources: The service scales with the system load. There is a further high performance environment in the case of any redundancy.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics are provided via the portal for users with the correct permissions.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Rpost

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can only export their own transaction data. This is done via .csv file. Data being declared as private cannot be exported.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Frama Rsign guarantees 99.9% availability for 24x7 service operation without severity level 1 disruption, excluding scheduled maintenance windows.
• Approach to resilience: Available on request.
• Outage reporting: Available on request - SLAs created per contract.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Features are accessible via permissions. Permissions are set upon acceptance of contract (onboarding)
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: EY CertifyPoint
• ISO/IEC 27001 accreditation date: 05/11/2019
• What the ISO/IEC 27001 doesn’t cover: Nothing.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: CSA CCM version 3.0
• Information security policies and processes: All security events are processed on a 3-tier basis. If initial problem cannot be resolved within 2 hours (changeable depending on individual SLA) then escalation matrix is in effect.; All security policies are available on the Frama.co.uk website.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Not applicable.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: Not applicable.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Not applicable.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: For any incident causing a disruption in the service, a pre-defined escalation service matrix is in force.; Any user that discovers any issue with the solution can contact our service desk via email or phone as per contract. In the event of any incident causing a disruption or delay to the service, customers are informed via email with regular updates. For any incident escalated to medium or high status, incident reports are sent every 1-2 hours with updates, along with full incident report when issue to resolved.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Frama Rsign serves to influence staff, suppliers, and customers in supporting environmental protection and improvement by encouraging the the adoption of a paperless working environment. By ensuring all document control is performed through an online interface, with templates and changes recorded, Frama Rsign eliminates the need for printing and storage of contract or identifiable pages.
• Covid-19 recovery:

  Covid-19 recovery

  Frama Rsign supports organisations and businesses to manage and recover from the impacts of Covid-19 by providing enhanced security to adopted new ways of working. With the need for social distancing and remote working now prevalent within the UK workforce, Frama Rsign helps organisations remain GDPR compliant even when working across unsecured networks. By allowing organisations and businesses to send encrypted documents for e-signature, Frama Rsign protects the organisation from the security concerns of a remote workforce.
• Tackling economic inequality:

  Tackling economic inequality

  Frama Rsign supports the development of scalable and future-proofed new methods to modernise delivery and increase productivity by improving the workflow of e-signature documents. The Frama Rsign intuitive interface accelerates the process of document signing across a large supply chain allowing for simpler management.; In addition, Frama Rsign allows an organisation to manage cyber-security risks in their supply chain by ensuring all disseminated documents are encrypted across the entire supply chain. The simple e-signature process ensures compliance against GDPR and other obligatory regulations and significantly reduces risk of fraud and document interference.

Pricing

• Price: £500 to £500,000 a transaction
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Free trial service is available with all features enabled, and no obligations. Please contact us for details.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at richard.west@frama.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.