CACI UK Ltd

Acorn Datasets, Paycheck Family, StreetValue and other CACI Datasets

CACI datasets accessible via cloud-based secure delivery portal, API, hosted data visualisation tools, hosted or cloud GIS platform; Acorn, Household Acorn, Wellbeing Acorn, Paycheck, Paycheck Disposable, Paycheck Equivalised, Paycheck Lifestage and Streetvalue. With this data, users can code and profile data to understand customers, residents, service users and wider community.

Features

• Household Acorn available at household level
• Access via secure delivery portal, API, visualisation tools or GIS
• Acorn portal provides resources to understand segment in detail
• Knowledge Sheets, Desktop and Cloud Profiler tool
• Household Acorn includes links to NLPG URPNs and UDPRNs
• Unique health and wellbeing segmentation, Wellbeing Acorn
• Allocated Account Manager
• Activation, Onboarding and Training support included
• Access to helpdesk and expert technical support

Benefits

• Increased understanding of evolving communities to evidence decision-making
• Consistent view of residents' demographic, lifestyle, behavioural & health characteristics
• Detailed local insights to better understand needs of the community
• Prioritise resources and delivery of services to achieve efficiency savings
• An understanding of the health and wellbeing of residents
• Assess wider determinants of health & support population health management
• Detailed understanding of digital connectivity and online/offline behaviours
• Support effective engagement which reflects channel, contact and marketing preferences
• Understanding gross household, disposable, equivalised & lifestage incomes and houseprice
• Publicly publishing and sharing permissions included

£17,000 to £176,250 a licence

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at digital.marketplace@caci.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

580583110274858

Contact

CACI Digital Marketplace Sales Team
0207 602 6000
digital.marketplace@caci.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: N/A
• System requirements: Access to a web browser connected to the internet.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: CACI responds to questions on average within one hour, or less, from receipt during office hours. Resolution, if not achieved immediately when responding, is typically within 24-48 hours depending on the complexity of the enquiry. Enquiries logged outside of office hours will be quickly addressed on the next working day.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: CACI provides Activation, Onboarding and Training support as standard for all data customers. For the duration of the license term CACI provides 1 x two hour activation session per annum. ; ; Initially, from contract start, support is provided in the form of an activation session to ensure all users understand what is being delivered, examples of application of use and training to use relevant accompanying software. Depending on the location and number of users that require training, this can be held virtually (e.g. on Teams), at CACI’s Head Office, in London, or onsite. Sessions are designed to be interactive and are conducted by one of CACI’s experienced consultants. Subsequent activation sessions throughout the licence term will review how the users are utilising CACI data to maximise the value delivered. ; ; Data users will have access to a single point of contact for all enquiries. An Account Manager will field all general or technical enquiries, and depending on the nature of the enquiry, will either resolve directly, pass to the helpdesk or escalate to CACI’s technical team of experts. Customers can make contact via telephone or email.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: To ensure users maximise the value of the licenced datasets, CACI includes activation, onboarding and training as standard. Depending on the number of users and location of those who require training this can be held virtually online (e.g. via Teams), at CACI’s Head Office, in London, or onsite. ; ; To embed the required knowledge for users to effectively use the licenced datasets training is designed to be interactive and conducted by one of CACI’s experienced consultants, with in-depth knowledge of the solution. Training will last for approximately 2 hours. User Guides will be supplied, and can either be provided before or after the training. ; ; Follow-on support is available for the life of the licence term - two hours per annum for the duration of the licence term, and can be used to review how the users are utilising the data or to train new users.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • Microsoft Word
  • Microsoft Excel
  • Microsoft Powerpoint
• End-of-contract data extraction: Not Applicable
• End-of-contract process: Should a customer choose not to renew their license, it is a requirement for the customer to serve notice (in writing or via email) 90 days before the end of the agreement. As the end of the agreement approaches CACI will issue a Termination Letter for the customer to sign and return formalising the end of the agreement. ; ; The customer will be required to delete / destroy all deliverables except those permitted in accordance with CACI's publishing and sharing terms and conditions at the end of the last day of the agreement.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AAA
• API: Yes
• What users can and can't do using the API: CACI’s API provides a secure interface, with real-time access to CACI's data products. It allows you to retrieve in real-time, relevant information about your customers or service users and create a fully personalised customer experience. The API allows your applications to perform real-time matching and return back data for single or batch API requests.; CACI’s API follows the REST conventions, offering responses in JSON format. Click the link for further information: https://docs.api.caci.co.uk/#introduction. Buyers can get started making requests, after successful authentication. ; To authenticate buyers will need first to register with CACI and request API keys. The set-up process and any requests for changes must be conducted in liaison with CACI’s Technical Team. ; Usage limitations are based on a combination of CACI’s own terms of use as well as the buyers’ requirements, the limitations will be outlined in the Call-Off contract based on these terms and requirements.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users can either select all or some of the following datasets:; ; - CACI's consumer segmentations - Acorn and Household Acorn; - CACI's health and wellbeing segmentation - Wellbeing Acorn; - CACI's gross household income - Paycheck ; - CACI's gross household income - Paycheck Equivalised; - CACI's gross household income - Paycheck Lifestage; - CACI's disposable income - Paycheck Disposable Income; - CACI's houseprice dataset - StreetValue; - CACI's environmental, social and corporate governance (ESG) propensity scores - ESG Score; - CACI's single factual view of the UK property market - Address Spine; ; Upon receipt of the signed contract amendment CACI will arrange delivery of the data via the chosen delivery option. Delivery times vary depending on the data selected and the chosen delivery option. Customers cannot customise their service themselves.

Scaling

• Independence of resources: CACI operates internal processes to ensure resources are matched to meet demand.; ; Services are provided from systems and platforms that are highly resilient, scalable and able to adapt to all levels of demand.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Other
• Other data at rest protection approach: On-premise hosted systems are protected in a segregated environment with industry leading firewalls and WAF, in a UK data centre; daily encrypted backups stored off-site. A Data Loss Prevention (DLP) solution monitors endpoints, identifies attempts to download/move personal data, and alerts to any event.; ; APIs are delivered from a secure, highly resilient AWS environment, protected from unauthorised network access by AWS Web Application Firewall and monitoring services. Automation detects anomalies, suspicious activity, and security incidents, using Amazon GuardDuty, Config and host-based endpoint protection.; ; Data is encrypted at rest using AES-256.; ; CACI has an enterprise level Data Loss Prevention (DLP) solution.
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can downloaded and/or exported as flat files such as .xls or .csv or accessed via API.
• Data export formats:
  • CSV
  • Other
• Other data export formats: XLS
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • General
  • Fixed width text file
  • Delimited text file
  • SPSS
  • SAS
  • RESTful web service that use JSON media type
  • Parquet
  • Feather
  • Excel
  • API

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: System availability is over 99%. Where customers require a Service Level Agreement (SLA) and respective Key Performance Indicators (KPIs), these are discussed and agreed at contract signature to align service availability and performance to the customers needs. ; ; Anticipated downtime for upgrades is agreed in advance with customers to avoid any impact during busy periods. This proactive approach enables communications to be sent to the user base prior to the release of upgrades or patches.
• Approach to resilience: All CACI hosted solutions are highly resilient and hosted within a Tier-3 data centre data providing a very high degree of redundancy including: ; Multiple independent network fibre rings provide redundancy in connectivity ; N+1 Close Control Unit air conditioning provides redundancy in internal environment management Multiple, disparate 20Mva power feeds from a local power station vastly reduce the likelihood of a power interruption ; In the unlikely event of a power interruption, N+N Uninterruptable Power Supply (UPS) systems, combined with three backup diesel generators that are kept warm and able to take up the load from the UPS within five minutes, provide a great degree of redundancy to the power supply.; The solution utilises HP blade server architecture with redundant blades, power, and networks. ; CACI’s enterprise storage solution is architected to eliminate any single point of failure in the system. To mitigate single points of failure at the hardware layer, the system is designed with redundant components, including redundant power domains.; ; APIs are replicated to provide extremely high levels of resilience and automatic failover in the event of a continuity related event.; ; CACI use highly resilient cloud-based collaboration tools such as Outlook, SharePoint, and Teams to provide support to our services
• Outage reporting: In the unlikely event of service outage an email alert would be sent to the user(s).

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Administrative support and infrastructure management is restricted to internal machines or corporate VPN connections only and such traffic is always encrypted. ; The direct remote administration of systems and devices from outside of our secure corporate network is not permitted.; ; Access to, and use of, audit tools is segmented and restricted to prevent compromise and misuse of log data. Strict access control, segregation of duties, and other policies define which consultants have access to our customer hosting environments.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Description of management access authentication: Multi-factor authentication is required for administrate access or restricted to internal machines. ; Only a small number of consultants are provided with special access privileged, these are subject to a technical competency assessment and are in accordance with our privileged access rights and segregation of duties policies.; Administrators have each been assigned a separate account for privileged account activities. ; Comprehensive security monitoring on all key configuration, user, and administrator. Daily peer reviews are conducted on Change Auditor Software alerts and all anomalies are investigated.

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: Original Registration Date:11th April 2006 – last re-certification date was on the 6th July 2021 .
• What the ISO/IEC 27001 doesn’t cover: Our ISO 27001 certification covers all CACI services, offices, and data centres.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ICO under the Network and Information Systems (NIS) Directive.
  • Data Seal - DS27001

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: CACI also holds :; Cyber Essentials Plus; The Data and Marketing Association's Data Seal certifications.; ; We are registered with the ICO under the Network and Information Systems (NIS) Directive.; ; CACI holds ISO/IEC standards in:; - ISO9001:2015 Quality Management Systems ; - ISO/IEC 20000-1 Service Management System; - ISO/IEC 14001 Environmental management.
• Information security policies and processes: CACI have instituted an extensive system of robust security practices to ensure data security. ; ; We have implemented an Information Security Management System (ISMS) containing a set of policies and procedures for systematically managing sensitive data, systems and processes.; ; Our ISMS uses the ISO27001 standard as a baseline. ; ; CACI’s Information security objectives are defined at board level and managed day to day by the Security team (all qualified ISO27001 lead auditors.) They report to the Chief Information Security Officer, who holds overall responsibility for information security. ; ; Regular internal and external audits, and a large number of KPI metrics, are used to monitor and demonstrate compliance to, and the continued effectiveness of, CACI’s ISMS.; ; Internal audits are conducted by qualified ISO27001 Lead Auditors. External audits, required to maintain our ISO27001 certification, are conducted by BSI. Sampling exercises are conducted during all internal and external audits.; ; KPI results are reported back to board level.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: A documented change management system forms part of our ISMS. All major and significant changes are peer reviewed and must be approved by the change advisory board (CAB) which delivers support to a change management team by approving requested changes and assisting in the assessment and prioritisation of changes.; ; All changes are subject to our Change Control Policy. Where there is the possibility of an impact to user activity, the appropriate stakeholders are notified for feedback.; ; The change must then be forwarded to Change managers for CAB approval, who may append plans when appropriate.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: CACI has a comprehensive vulnerability management program that includes conducting weekly vulnerability scans on critical systems and applications. ; New patches are promptly risk assessed and prioritised based on the severity of the vulnerability and the threat intelligence available.; Where an Emergency patch poses an imminent threat to the network it is installed without undue delay. ; All other Windows patches are installed within 14 days of receipt. ; Our system administrators subscribe to alerts and publications to ensure new are emerging threats are countered promptly and effectively and that new Technologies and security best practices are assessed and adopted where appropriate.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: CACI use Checkpoint firewalls with IPS blade installed with. IPS subscriptions.; ; Active Directory event logging is configured on Windows system, and configured to capture appropriate events to prevent security incidents/ malpractices.; ; OpenNMS Meridian and checkmk utilised for network monitoring.; ; Zabbix and HPE OneView used for server monitoring.; ; Checkpoint SmartCenter and HPE OneView used to monitor systems and alert administrators of security/capacity/resource problems.; ; Quest Change Auditor monitors all configuration/user/administrator changes. Daily reviews are conducted.; ; Antivirus logs centrally processed and alerts sent.; ; O365 vlogs collated into Microsoft Cloud App Security. Alerts are reviewed.; ; Windows server event logs are shipped to logging server.
• Incident management type: Supplier-defined controls
• Incident management approach: All employees are required to report any real, perceived, or potential security incidents that may affect the confidentiality, integrity, or availability of data. ; All Security Incidents are recorded in-line with our Security Incident Policy and Response Procedure, for each incident a root cause analysis is conducted, a corrective action undertaken, and a preventative action will be implemented to prevent or reduce the probability of the incident reoccurring in the future.; CACI’s cyber security management programme includes cyber incident response plans, advanced technical controls, operation resilience and business continuity management to minimise the impact of a cyber-security attack or incident

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  As a supplier primarily of professional IT services, CACI’s environmental impact is minimal. However, we are constantly looking at how we can operate more efficiently in our fight towards climate change. We are working towards a Net Zero Carbon business model through our delivery to our customers as promoting this to our supply chain. ; This commitment is demonstrated by our achievement of ISO14001 accreditation, which we have held for nine years. To attain this standard, we ensure our Environment Management System (EMS) met the following requirements:; -Awareness of environmental impact through procedures and controls; -Acceptance of responsibility through environmental management systems; -Reducing harmful impacts via environmental policies; -Displaying community responsibility via staff training and awareness; ; We are fully committed to working towards a circular economy approach and where practically possible CACI select the most sustainable means to operate its facilities We remain aware of any and all opportunities to share, lease, reuse, repair, refurbish and recycle existing materials and products. That includes using recycled paper, enforcing double sided printing, and using Energy Star devices. Our recycling policy includes energy/water consumption, waste materials and paper use.; CACI has an agreed Carbon Reduction Plan (CRP) which is in implementation and is published on our website. This includes a set of carbon reduction targets up until 2040, with a baseline period set from July 2020 to June 2021.

  Tackling economic inequality

  CACI is dedicated to creating employment opportunities, working with local suppliers and hiring local people. We adjust our recruitment and training processes to focus on attributes rather than qualifications, which could exclude those from a disadvantaged background or deprived areas. Inclusivity and accessibility are encouraged via unconscious bias education and positive and inclusive designs, accessible capabilities, and inclusivity in gathering requirements for digital services. For example, we work closely with the National Autistic Society and Autism at Work to create an inclusive recruitment process, actively supporting neurodiverse candidates to flourish.; CACI works with a number of outreach organisations to develop and attract individuals from minority groups into the cyber security sector, including CyberFirst. A number of our employees volunteer as Ambassadors to this NCSC led government outreach programme. This is a reflection of our belief in the programme’s mission, to develop a sustainable and diverse talent pipeline into the cyber security industry. The majority of the programme’s focus is on students in UK schools, to improve issues with massive student dropout from IT education.; CACI has pledged to promote equality of opportunity within our supply chain, and work with a diverse range, including specialist Small and Medium Enterprise (SME)s. Our network is diverse and wide ranging in terms of skill set, age of business, make up of employees, geographical location, and therefore varying business cultures and diversity of individuals.; We are focussed on creating opportunities from the following groups who experience barriers to employment :; -Long term unemployed; -Armed forces veterans; -Mothers returning to work; -Care leavers

  Equal opportunity

  CACI’s Equal Opportunities policy formalises our approach to not discriminate against any employee on the basis of sex or sexual orientation, marital or civil partner status, gender reassignment, race, religion or belief, colour, nationality, ethnic or national origin, disability or age, pregnancy or maternity or other characteristics defined in anti-discrimination legislation (Protected Characteristics), or trade union membership or the fact that they are a part-time worker or a fixed-term employee. Our employees and applicants for employment with CACI are not disadvantaged by any policies or conditions of service which cannot be justified as necessary for operational purposes. ; CACI is dedicated to ensuring our work environment, operational delivery and recruitment processes accommodate people with disabilities. Adjustments are made to ensure that those with disabilities are included and supported in our workplaces. ; Our Workplace Adjustment Passport (WAP) enables employees to declare a disability, workplace adjustments are driven at company level. ; CACI has signed up to the Disability Confident Scheme, formalising our commitment to play a lead role in changing attitudes for the better. We aim to successfully employ and retain disabled people and/or those with health conditions. When designing internal training or selecting an external partner, staff are consulted to capture any specialist needs to tailor sessions, including location, means of delivery and materials. This ensures all staff can develop in a comfortable and accessible environment. ; CACI also works closely with the National Autistic Society to create an inclusive recruitment process, partnering with their Autism at Work programme; actively supporting neurodiverse candidates to flourish.; CACI have funded the creation of a number of staff networks, where employees with protected characteristics have time and resources to share ideas and support in a safe private environment. CACI have also offered specific training and talks from speakers related to these characteristics.

  Wellbeing

  CACI has a range of comprehensive support initiatives that have been implemented to aid the health and wellbeing of our workforce (including contractors). Below is a comprehensive list, with specific reference to the six standards of Mental Health at Work commitment.; Promotion of an Open Culture around Mental Health:; -Team of 18 Mental Health First Aiders; -Conduct regular drop-in sessions for all staff, delivered by a Mental Health First Aider Team, focus on a particular element of Mental Health; ; Prioritising Mental Health in the Workplace by developing and delivering a systematic programme of activity:; -Regular check-ins for staff and our contractor workforce; -Annual Staff Satisfaction Survey, which includes a section on Health & Wellbeing; -Free 24/7 professional counselling ; -Private healthcare and health and wellbeing plan (extendable to family members/dependents); -Employee Assistance Programme; -Discounted gym memberships; -Physiotherapy; -Medical services; -Mental Health First Aider programme; -Stress assessments; ; Proactively ensure work design and organisational culture to drive positive mental health outcomes; -Comprehensive property and facilities management, ensuring modern, comfortable and state of the art technology for all employees; -Distributed Working Programme, allowing employees and contractors to structure their working week in a way that suits their preference and personal commitments whilst delivering against their work accountabilities; -Open and honest communications at all levels throughout the organisation; ; Increased organisational confidence and capability:; -Dedicated area of our company intranet for mental health and wellbeing, including various supporting resources and colleagues; -Line Managers and Career Coaches trained in aspects of mental health; ; Provide mental health tools and support:; -Formal Mental Health First Aid Programme including a team of MHFAs; Increase transparency and accountability through internal and external reporting: ; -Publish the results of our annual staff satisfaction survey to all staff. Includes Mental Health and Wellbeing, actions taken and areas for improvement

Pricing

• Price: £17,000 to £176,250 a licence
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: CACI datasets can be tested free subject to an Evaluation Agreement for up to 10 days. This arrangement allows internal evaluation, however does not permit it to be used for commercial day to day activities.
• Link to free trial: A link to free trial can be made available once a signed Evaluation Agreement has been received.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at digital.marketplace@caci.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.