EXACOM SYSTEMS LTD

Section 106 / Section 75 Administrator Module and associated Project Module

A complete software solution for the management and monitoring of S106 planning obligation legal agreements and the delivery of infrastructure obligations with a full audit trail

Features

• S106 monitoring and management
• S106 allocation and spending
• S106 receipts
• S106 reporting
• S106 document templates
• Integrated document management system
• Live S106 dashboard
• Import and export with other supported systems (ie planning software)
• Infrastructure Funding Statement - template autofill

Benefits

• Full lifecycle support
• Web based software
• Data encrypted at rest and in transit
• Updated in accordance with changes to legislation
• S106 monitoring down to individual covenant level
• Auto fill template library, including demands notices and letters
• Workflow management, staging and programmable alerts
• Unlimited users through corporate desktop log in
• Granular access for individuals and groups
• Activity and event log diary

£7,500 to £19,500 a licence a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at admin@exacom.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

565106037110921

Contact

Geoff Kirby
02081234253
admin@exacom.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Local Authority Planning and Finance Systems; Exacom Public Facing Module ; Exacom BNG Module
• Cloud deployment model: Private cloud
• Service constraints: Planned maintenance occurs outside of normal working hours (usually on Sundays).
• System requirements:
  • Modern Browser
  • Access via Authority Network using corporate IP(s)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within three hours during business hours.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Full support included with software package. ; HIGH PRIORITY: Within 1 working hour of call being logged.; MEDIUM PRIORITY: Within 4 working hours of call being logged.; NORMAL PRIORTY: Within 8 working hours of call being logged.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: User training is provided online via MS Teams and a training video library
• Service documentation: Yes
• Documentation formats:
  • HTML
  • Other
• Other documentation formats: Video
• End-of-contract data extraction: By arrangement with Exacom. Typical data standard: CSV.
• End-of-contract process: Notice given by either party, and arrangements made for secure data transfer, followed by industry standard cleanse of data.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: A lot of the tabular based data would require a fair amount of scrolling
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: No

Scaling

• Independence of resources: We ensure that our server specification always far exceeds our clients' requirements, therefore no system limitations will occur due to demand / usage

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: CSV, encrypted file transfer.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99% uptime Monday to Friday Excluding Bank Holidays
• Approach to resilience: Available on request.
• Outage reporting: Email Alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: IP address limitation via firewall, username and passwords and group membership constraints.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Our Data Centre service provider is ISO/IEC 27001 accredited
• Information security policies and processes: Exacom works in full compliance with its adopted corporate IT and Security Policies and Protocols, which are regularly reviewed by the Operations Manager and signed off at Director level. Full staff training is provided on information security, with regular refresher sessions.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Exacom users have a Test and Live version of the software. Any upgrades are applied to Test for the client to approve, prior to the upgrade being applied to their live system.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Regular penetration test and all servers are protected by industry standard virus and vulnerability software.; ; Servers are patched on a monthly basis for regular updates.; ; Any vulnerability patches are applied as they are made available.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: If we become aware of any problems via our virus or vulnerability software, we respond accordingly and asap.
• Incident management type: Supplier-defined controls
• Incident management approach: Our Support inboxes are monitored during support hours, and incidents are responded to in line with their priority.; Servers are supported 24/7 with alerts being sent in relation to any service failure.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity

  Fighting climate change

  The annual self assessment of our environmental footprint has shown that our carbon expenditure is very low due to the online nature of our services, and the adoption of other in house practices which support green objectives such as paper free working, sustainable staff travel, energy efficiency through solar panels at the office etc. In addition, our data centre ANS was the first 100% carbon neutral hosting company in the UK.

  Equal opportunity

  Exacom is an equal opportunity employer and supplier, and has various adopted policies including an Equal Opportunities Policy and a Modern Slavery Statement, all of which are reviewed regularly.

Pricing

• Price: £7,500 to £19,500 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at admin@exacom.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.