Whitespace Work software

Whitespace Resident Portal

Located on the Council’s website, residents can log into the Council branded portal to see their waste collection details; when their bins are due to be collected, live status update of the collection crew’s progress and the ability to report their missed bins.

Features

• Calendar shows when the next waste collection is due
• Book and pay for ad hoc services
• Residents can report issues like graffiti directly to the council
• Residents can send feedback directly to the council
• Information collected can be fed into the CRM system
• Can be fully branded

Benefits

• Fewer customer queries
• Reduced missed bin collections
• Accurately reports issues
• Automates raising tasks
• Integrate other service areas
• Information publish instantly

£15,000 to £24,500 an instance

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Rhiain.Dixon@whitespacews.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

563363040981554

Contact

Rhiain Dixon
01483231663
Rhiain.Dixon@whitespacews.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Please contact Whitespace for more details.
• System requirements: Web browser, Edge and Chrome

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Service support hours Monday to Friday 07:30 and 17:30, excluding national holidays. ; Out of hours critical technical support line 05:00 to 09:00 weekdays and weekends (excluding Christmas day, Boxing Day and new year). ; P1 - Major impact ; Acknowledge: 15 minutes; Temporary workaround: 8 hours; Permanent fix: 5 business days; P2 - High impact ; Acknowledge: 1 hour; Temporary workaround: 24 hours; Permanent fix: 30 business days; P3 - Medium impact ; Acknowledge: 24 hours; Temporary workaround: Reasonable and agreed ; Permanent fix: Reasonable and agreed ; P4 - Low impact; Acknowledge: 5 days; Temporary workaround: Reasonable and agreed ; Permanent fix: Reasonable and agreed
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Account Manager is available between 9am and 5.30pm. Whitespace Service support hours are Monday to Friday between 07:30 and 17:30 UK time, excluding national holidays. ; In addition, we have set up an out of hours critical technical support line. This is available from 05:00 to 09:00 weekdays and weekends (excluding Christmas day, Boxing Day and new year’s). The introduction of the out of hours technical support line from 5am, ensures that we have someone on standby when the crews are turning up and leaving the depot.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: A project kick off is arranged to discuss high level approach and plan for deployment. Workshops are then arranged to go into detail about the processes required for managing the operation (both operational and technical). A Project Initiation Document and Confirmation of Requirements are then drawn up for mutual agreement prior to system build and on-site training. Full user documentation is provided via our service desk including a WIKI which incorporates video content to help users in the day to day use of the system. Furthermore, we provide a client manager post live to handle queries outside of the service desk.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: At the End or the expiration of the Call-Off Contract, the data will be supplied back to the buyer in the ‘Data Extract Layer’ (DEL) format used by Whitespace Work Software Ltd to import and export data to its Analytics system. The DEL is a csv file. If the customer would like the data returned in another format, this can be provided for an additional charge.
• End-of-contract process: The price paid will include all necessary rights to access and use the system during the contract term. When the term ends, and assuming there is no continuation, the system will be turned off and access will be lost. Towards the end of the contract, Whitespace will make contact with the customer to discuss options.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: The Whitespace API is a full service/functionality API. There are no limitations around core functionality.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The customer logo that is displayed on the webpage. The menu options are based on user role permissions. The WORD templates that are generated by the system. The mobile templates that mobile / in-cab users view on their device (app). The data sources used by the system are fully customisable by the user i.e. Round Name, Round Schedules, Walk Orders, Worksheet Types, Worksheet customised data, Service Items, Services, Charges, Contracts and more.

Scaling

• Independence of resources: Whitespace is a single tenancy solution. Each customer has their own environment.

Analytics

• Service usage metrics: Yes
• Metrics types: A range of service usage metrics are provided. For example, how many worksheets are open, in progress or complete on a given day/week etc. What is the round progress of vehicles out on service delivery etc.
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can perform searches and export data to Excel, CSV or XML at any time. Job specific data can also be exported via emails which can include a customised PDF output. In addition, an automated process can generate a CSV or TXT log file every time a transaction is made. This file or multiple files will be available to download from the document store or a scheduled process can be setup to SFTP to other locations. All data is available to other 3rd party systems via the API.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • PDF
  • TXT
  • Email
• Data import formats:
  • CSV
  • Other
• Other data import formats: TXT

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
• Other protection within supplier network: Private backbone behind Packet and Application level firewalls and MPLS link for cross DC communications. VPN connections used for support/maintenance activities and available for Customers upon request.

Availability and resilience

• Guaranteed availability: Monday to Friday 09:00 to 17:30 - 99.8% up time 17:31 to 08:59 - 99.6% up time Weekends 99.5% up time. Please note up time figures do not include planned outages.
• Approach to resilience: Dual data centres, with automated DNS fail over. Additional details available on request. Increased availability solutions available, please contact Whitespace Work Software for more details.
• Outage reporting: Customer's are contacted directly by a member of the company. Email alerts can be setup upon request from Whitespace monitoring tools

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Whitespace Support only access the solution via VPN using named accounts to logon. During the setup phase, Whitespace consultants use named accounts which can be restricted after the project has been completed. Whitespace includes role based user security.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International
• ISO/IEC 27001 accreditation date: 06/09/2017
• What the ISO/IEC 27001 doesn’t cover: All Customer information is included within the Whitespace ISO27001 scope.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: SecureTrust
• PCI DSS accreditation date: 17/01/2022
• What the PCI DSS doesn’t cover: Collection or processing of payment card data.
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO 27001; Cyber Essentials; PCI DSS

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Solutions are baselined, with each upgrade/change to the baseline tested and tracked. All changes are risk assessed and security tested prior to release. Changes are three stage tested (Unit, Dev and UAT) before release, with test cases drawn from functional/non-functional requirements. In addition changes are regression tested.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Whitespace is ISO27001 Certified. Whitespace subscribe to threat intelligence feeds from NCSC and CiSP. Threats are risk assessed in accordance with our Risk Management procedure, which includes time objectives for patch deployment according to severity. Performance against objectives is measured and reported in our externally audited ISO27001 Measures and Metrics procedure.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: The Whitespace solution is multi-point monitored, with security vulnerabilities reported to the Whitespace Service Desk and to Whitespace's hosting partner. Vulnerabilities are risk assessed and a corrective plan is created in line with Whitespace's ISMS.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Whitespace follow a defined incident management process, in line with its ISMS. Affected customers are notified and remain updated during the incident. Notifications are sent via the Service Desk and via email. Once resolved, incidents reports are available on request.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  After 3 years of auditing and taking steps to reduce our carbon footprint Whitespace have now achieved the status of being Carbon Neutral. The Senior Management Team are committed to maintaining this status.
• Covid-19 recovery:

  Covid-19 recovery

  N/A
• Tackling economic inequality:

  Tackling economic inequality

  VCSEs/MSMEs/SMEs like ours form the backbone of the UK economy, supporting local communities to grow and be prosperous. We are committed to supporting SMEs through our supply chain, creating and supporting sustainable jobs in the communities we serve and increasing our positive impact on disadvantaged groups and the natural environment. Understanding the value of such organisations we are providing expert business advice to them on various topics.
• Equal opportunity:

  Equal opportunity

  Software Management industry has been active towards Equality, Diversity and Inclusion. For us, it is one of the top agendas. We have planned equality and diversity training courses for staff and our supply chain through online sessions at all levels.
• Wellbeing:

  Wellbeing

  We have a comprehensive Wellbeing programme in place for our staff members.

Pricing

• Price: £15,000 to £24,500 an instance
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Rhiain.Dixon@whitespacews.com. Tell them what format you need. It will help if you say what assistive technology you use.