InsightsDriven.io Ltd

AI Automation - ConnectingYouNow + AI Project Risk Assessment - FireBreak

ConnectingYouNow (CYN): AI-powered platform streamlining public sector service access, Employee IT issue resolution, and escalations. WCAG 2.1 compliant, driving efficiency and cost savings.

FireBreak.ai an AI-powered Project Risk Intelligence Platform that helps government organisations detect, manage and prevent project risks before they escalate. Reducing Financial Waste through Increased Transparency.

Features

• Search based on natural language conversation
• 2-way conversations in both text and spoken word
• Accessibility settings built in
• Source information from multiple sources in multiple format
• Analytics showing usage and comparisons of queries and available content
• Geographic analytics comparing search and answer locations
• Works alongside existing websites
• Guardrails to protect vulnerable users
• FireBreak is a trained Scrum and Prince2 co-pilot
• FireBreak AI understands Excel, Word, Jira, etc content

Benefits

• Inequality is addressed; Citizens find what they need more quickly
• 50% improvement in search accuracy over standard keyword search
• Identification of gaps and overlaps in existing service offerings
• Digital barriers removed: Accessibility is built in - WCAG certified
• Identification of content inconsistencies for improved content quality and relevance
• Simple implementation and on-going maintenance
• FireBreak AI: Real-time risk management
• FireBreak AI: Improved decision-making and outcomes
• FireBreak AI: Optimised resource usage
• FireBreak AI: Enhanced reporting and compliance

£2 to £3 a transaction

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Jora.Gill@insightsdriven.io. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

576327673054847

Contact

Jora Gill
07814461141
Jora.Gill@insightsdriven.io

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: It can be used as an extension to any responsive web site.
• Cloud deployment model: Public cloud
• Service constraints: No, the service supports any responsive website.
• System requirements:
  • Read access to trusted source documents / service descriptions
  • Change to buyer's content security policy
  • Change to buyer's permissions policy

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Questions will be acknowledged within 15 minutes.; They will be responded to within 4 working hours.; Working hours are 09:00 - 17:00 Monday - Friday, excluding bank holidays.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: No
• Web chat support: No
• Onsite support: No
• Support levels: All customers are provided with the same level of support and all will be allocated an account manager.; Severity 1 issues will be resolved in 4 hours of notification.; Severity 2 issues will be resolved within 8 hours of notification.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The CYN user experience has been designed and tested to be as simple as possible with no need for user training once the service has been implemented.
• Service documentation: No
• End-of-contract data extraction: Buyer's data is extracted by the service team if required as part of the off-boarding process.
• End-of-contract process: The standard contract runs for 12 months and auto-renews.; If a contract is ends then the buyer will be contacted by their Account Manager who will arrange for a smooth termination of the service and provision of any customer data.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile version uses whole screen interface where the desktop uses a side panel. When reference documents are opened on a mobile they open in a new browser window as opposed to the left panel.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: Yes
• Description of customisation: The following can be customised by CYN implementation team in collaboration with the buyer: Colour schemes, AI personality, guardrail actions, human intervention routing, PDF output formatting, Analytics dashboard.; The initiation point and experience can be customised by the buyer's technical team in collaboration with the CYN implementation team.

Scaling

• Independence of resources: Each buyer has their own implementation of CYN, installed on buyer specific environment. Each environment scales independently as required by the loads that environment is experiencing.

Analytics

• Service usage metrics: Yes
• Metrics types: CYN provides usage (conversation) metrics as well as categorised views of searches performed and geographic representation where searches are carried out.; CYN also provides details of users' feedback on the usefulness of recommendations.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: ISO/IEC 27017 (Cloud Security)
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can export their current conversation (session) data into a PDF document which they can store locally.; Once a session ends that data is no longer available to any user online.
• Data export formats: Other
• Other data export formats: PDF
• Data import formats: Other
• Other data import formats: None

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We have a target availability of 99.9%.; For each period of downtime lasting longer than one hour, InsightsDriven will credit Buyer 5% of Service fees for each period of 60 or more consecutive minutes of downtime; provided that no more than one such credit will accrue per day
• Approach to resilience: All services utilise 3 nodes, each node in a separate availability zone (data centre).; All data is replicated across the 3 nodes to provide resilience.; All services have been designed to retry multiple times on failure before terminating gracefully.
• Outage reporting: Email alerts and in the public dashboard of the service management tool.

Identity and authentication

• User authentication needed: No
• Access restrictions in management interfaces and support channels: Users need to authenticate to raise and review support requests or incidents - using username and password.; Management interfaces are authenticated using username / password with 2FA as defined by the underlying cloud service providers IAM tooling.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We build in security from the start, each team has a security champion that ensures that all designs include security considerations.; All designs are reviewed with the CTO before implementation.; Vulnerability testing is built into the development process - critical and high level breaches break the build, stopping the deployment.
• Information security policies and processes: Information is controlled on a least permission basis. Only support team members have access to production environments and data. Data is not copied to lower environments.; Product managers are responsible for the information security of their products.; Product managers report to the CTO who is ultimately responsible for the security of all company products.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Source code is managed in GitHub using short-lived feature branches.; Merged source code is built, using a CI pipeline. Created artefacts are versioned and stored in an artefact repository.; Artefacts are combined into containerised Docker images which are then deployed into environments using a CD pipeline.; The CI pipeline includes Static Code analysis. The CD pipeline includes Dynamic code analysis.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Vulnerabilities are checked in the CI pipeline before code is merged back into the main code base.; Supplier patches are checked daily. Critical and High rated patches force services to be rebuilt and to enter the test cycle.; We use Trivy to alert and scan for vulnerabilities.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Each part of the system is reporting metrics about its status, uptime, number of events and many more parameters. System policies are configured to track some of them and check whether they are in their expected ranges, if not they will raise alerts and create automatic incident tracking. Notifications are also sent on a selected set of alerting channels (Slack and email). For system condition serviceability there are dashboards prepared which are presenting current and historical behaviour of the system and its load.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Users report incidents into our Jira service management system.; The triage process identifies duplicates and checks if the issue has already been rectified (manually or automatically).; A priority - 1-5 is assigned to the ticket and it is managed appropriately.; Priority 1 tickets are dealt with by a team swarm and the CTO is included.; Users are informed of updates and changed of ticket status.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  CYN was designed and to improve the access to public services for people who are digitally excluded, people with disabilities and non-digital natives. It's use of natural language, the ability to speak or type and its variety of accessibility settings along with its extremely simple interface ensure that it works well for as many people as possible, breaking down digital barriers.

Pricing

• Price: £2 to £3 a transaction
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Jora.Gill@insightsdriven.io. Tell them what format you need. It will help if you say what assistive technology you use.