Brooklyn Supply Chain Solutions Ltd

Brooklyn Solutions

Brooklyn Solutions unifies and digitises the practice of managing third-parties for all relevant roles across your organisation. It provides a flexible,
process-based approach providing a single shared interface for front-line teams, key stakeholders, suppliers and customers to minimise risk and maximise business value.

Features

• Digital Framework unifying contract performance, risk, relationship and compliance
• Custom Processes driving coordinated supplier governance activities and actions
• Third Party Risk Management(TPRM),Due Diligence Questionnaire (DDQ) Capability
• Balanced Scorecard automatically providing performance trends and context
• Out-of-the-box and Configurable Contract Policy and Regulatory Compliance Framework
• API Interconnectivity for Internal and External Data Sources
• Contract Repository providing Obligation Management tracking and reporting
• Smart On-boarding Engine providing Contract on-boarding/Obligation/Metadata Extraction
• Track all metrics against your suppliers and relationship managers inc.SLAs
• Real-time reporting and self-service custom dashboards

Benefits

• Create, roll out, govern a supplier-management Policy
• Very user-friendly and easy to build and use immediately
• Automate and track internal and external adherence to that Policy
• 75% admin reduction per SRM: Interactions, tracking, minuting, meeting, auditing
• 3x increased SRM coverage in 6 months.
• 10x increased governance and consistency.
• Powerful guidance regarding risk mitigation and contract controls.
• Integration with Internal and External Systems of Record
• Demonstrable risk mitigation and audit trails subject to supplier relations.
• Drive innovation and measure results via a guided approach.

£25,000 an instance

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at cwoodford@brooklynsolutions.ai. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

608079968147327

Contact

Colin Woodford
+44 (0) 7809 838 839
cwoodford@brooklynsolutions.ai

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: None beyond service must be delivered through modern, common browsers running Javascript
• System requirements: Service must be delivered through modern, common browsers running Javascript

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within two hours during GMT business hours, otherwise next business day
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Brookly Solutions offers 3 levels of support Online Support, Business Support and Premium Support; ○ Account Managers and Customer Success included in all subscriptions; ○ T&E is available for specialised support, configuration, or build needs.; ○ Cloud support engineers are available on T&E basis, availability permitting, and for support purposes.; ○ Prices and availability can be provided on inquiry ; ; Brooklyn Solutions’s Customer Support Team is committed to your success. All Brooklyn Solution's subscriptions include a level of support that provides easy access to our highly skilled technical resources for fast answers and technical assistance. ; ; For those with more demanding support requirements, we also offer premium support services that include access to named support professionals, accelerated service-level response targets, and sessions for proactive mentoring and business reviews. ; ; No matter how complex your support needs may be, Brooklyn Solutions is at the ready to provide the technical and operational expertise needed to help you get peak performance and optimal value from your Brooklyn solution.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Brooklyn Solutions provide onsite training and online user documentation.; ; Brooklyn Solutions provides User Guides and Best Practice Training Sessions with the Brooklyn academy and based on user requirements.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Several methods exists. User interaction with all history is all available for download. Summary reports, all downloadable. Meeting minutes and risk register and action register, all available. In general, the user would pull data as desired.
• End-of-contract process: ○ Return of all customer data as requested by the customer, if any in possession outside of the application. ; ; ○ Brooklyn Solutions resources can provide extracts of all data in standard formats and pull data at T&M rates

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: The API allows for several types of data exchange.; ; ○ Data input for refreshing data tables. Here the application expects tabular data of fixed type. Data exchange via modern web methods including JSON, web services, SOAP, etc. ; ; ○ Data upload of documents. Any generic document can be posted, like a file share. The post expects meta data of certain fields to specify the location of the document in the application.; ; ○ Email ingestion. Users get two unique email address, and posting of data and content can happen that way. Users can upload documents via email, and they can upload Management Information (MI) which gets parsed and actioned.; ; ○ Direct email link. Users can upload links to any URL and connect to desired systems that way, in-text fields, as a lightweight alternative to full API integration
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Brooklyn is highly customizable at several points. Major areas include: ; ○ Creation and maintenance of a vendor review policy; ○ Policy and framework for segmenting vendors; ○ Filtering relevant views of suppliers and all attached parties and obligations; ; Brooklyn provides a user friendly interface to configure the risk model to the users existing risk policy and model. As part of the risk model, Brooklyn allows the user to set risk labels e.g. operational, evaluation parameters, impact & probability, response strategy and mitigation steps as well as set-up monitor controls such as KCIs and KRIs. The model acts as the organisational standard for all the teams managing contract relationships on the front-line. This allows risks to be captured and evaluated consistently across the organisation.

Scaling

• Independence of resources: ○ Amazon Web Services (AWS), London Data Center, hosts the application. The application is architected and stress-tested to support very high usage. ; ○ The application is entirely serverless, leveraging AWS Lambda capability, in a very secure virtual private cloud (VPC) container architecture.; ○ More details available on request.

Analytics

• Service usage metrics: Yes
• Metrics types: ● User metrics as captured by Amazon Web Services, Pinpoint service.; ● Event-based logging, where events are tagged and captured in an action log for reporting purposes
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Manual search and download or via Modern web methods all supported via API engine
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Documents posted are retrievable in original format
  • PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats: Virtually any

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: The overall Brooklyn Solutions' Service Level Agreement (“SLA”) is a policy governing the use of Brooklyn at a platform level that includes all necessary underpinning components and microservices with their own discrete SLA and applies separately to each Brooklyn instance. We ('The Supplier') will use commercially reasonable efforts to make the Brooklyn platforms available with a Monthly Uptime Percentage, of at least 99.9%.
• Approach to resilience: ○ This is available upon request; ○ Refer to AWS public documentation which is extensively available on this topic
• Outage reporting: ○ Customer Success Manager (CSM) proactively makes the customer aware; ○ CSM made aware through internal alerting services

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: This is specified in detail in GDPR obligation list and actions. A named list contains all persons with any access to customer information. Only most senior support is on that list. Environments for support are seeded with test data for purposes of handling support issues by individuals not named on that list.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • Amazon Web Services (AWS) certifications
  • ISO27001
  • Cyber Essentials

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Brooklyn Solutions has ISO 27001 certification. ; ● Company CISO is a deep expert in this field and is leading the certification journey internally
• Information security policies and processes: ○ Combination of CTO-lead processes for technical components related to the application, and these follow the AWS “shared responsibility” security model, posted online by AWS. Also the CISO-led processes for all business controls, for which ISO27001 is the standard.; ○ More information available on request

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: ○ The cloud hosting and Platform as a Service (PaaS) is entirely managed by AWS.; ○ The application level and business level components and services are change-managed through an internal proprietary approach that combines best practices of Agile and Kanban methods and application of in-house CISO-sponsored processes and methods.; ○ Third party penetration testing includes access to source code and all records
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: This is proprietary. The information is available upon request.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: This is proprietary. The information is available upon request. ; ; Incidents get immediate response and notifications are done in compliance with GDPR and other relevant legal frameworks.
• Incident management type: Supplier-defined controls
• Incident management approach: ○ A pre-defined process exists. Users report incidents via phone, email, or online submission.; ○ Incident reports available upon request or provided on discretion of the CSM.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Tackling economic inequality

  Tackling economic inequality

  Brooklyn enables organisation to digitise the resilience and capacity of their supply chains.; ; With rich survey and workflow functionality Brooklyn provides the ability to collaborate and partner with new businesses, entrepreneurs, SMEs and mutuals with increased efficiency and reduced risk.; ; Brooklyn's third-party risk management helps identify and managed risks in the supply chain including cyber security risks. ; ; Brooklyn's sustainability module provides a balanced scorecard of supplier performance to ESG standards including Net Zero targets.

Pricing

• Price: £25,000 an instance
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Experience days for a custom demonstration and an opportunity for hands on exercises

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at cwoodford@brooklynsolutions.ai. Tell them what format you need. It will help if you say what assistive technology you use.