AXIOM UTILITIES LTD

Axiom Kinetic - Enhanced Utility Bureau Service

The aim of Axiom's Enhanced Bureau Service is to put in place a comprehensive and proactive cloud-based solution to utility management, and give access to utility data in real-time.

Axiom expands the "usual" role of the utility-bureau so that data capture, processing and validation integrate with improved reporting across cost-consumption-carbon.

Features

• Automate resource-intensive bill processing to payment workflows with RPA technology.
• Built‑in utility data completeness checks, QA, and invoice control measures.
• Automatic invoice collection, direct from the retailer into the platform.
• Immediately accessible client portal with reporting history and audit-grade data.
• Comprehensive accruals & budgeting automation to drive accuracy/plan better.
• Automated tariff reviews and analytics providing savings opportunities.
• A fully-digitized procurement platform, with unmatched savings capabilities.
• Proactive, dependable data management via instant-parsing, validation and storage.

Benefits

• A single digital platform across all functions (accruals/payment/budgets/reporting/sustainability).
• Effortlessly digitise your manual Utility Bill Lifecycle Management.
• Increased speed and accuracy of utility bill management.
• Decrease risk by eliminating mistakes caused by manual UBM processes.
• Reduce the FTE's required to manage the category/improve savings.
• Access to validated data, that stakeholders can trust is accurate.
• Anytime access to historical utility data to easily create/revise budgets

£1.95 to £9.95 a unit

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jonathan@axiomutilities.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

608201941192476

Contact

Jonathan Akers
07989563336
jonathan@axiomutilities.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements: Our portal is entirely viewed and hosted on the web.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Monday - Friday 9-5pm - within 4 hours of e-mail ticket being raised
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Each customer is given a named account manager, through which all queries regarding either cloud support or technical energy support will be directed.; ; All queries will be acknowledged immediately and a ticket issued. ; ; For those not paying for enhanced support, tickets will be dealt with within a 2 working day period.; ; For enhanced support customers (cost 50p/utility meter/month) the SLA for support is for all queries to be dealt within 1 working day from submission
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: During the mobilisation period Axiom arranges for the collation of copy bills for all supplies backdated to cover one year’s historic data (pdf bills and consumption data AMR & HH). This will include the required access to supplier billing portals and the incumbent water supplier where Axiom will; collect invoices from on a weekly ongoing basis. Historic invoices can be imported spanning more than 1 year and Axiom can also import data from incumbent energy-management software products to ensure complete history within Axiom's system.; ; In-order to meet administrative requirements a mobilisation meeting will include the provision of login details to the portal for all users and confirmation of their participation i.e. finance team, energy team, payment file recipients etc, followed by fortnightly meetings to update on progress and meet our three stages of mobilisation. A schedule of monthly meetings will be agreed along with the issuing of our telephone helpdesk number that will be available throughout the service. ; ; Axiom will mobilise the service in three key phases: -; 1. Set-up Phase - gathering, validating, and importing data; 2. Bureau Shadow Phase - providing full-service shadowing incumbent bureau (if applicable); 3. Commencement of Full Service – following cessation of incumbent provider
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: At the end of the contract all user accounts will be deactivated within 4 hours and deleted within 48 hours.; ; When the contract ends we will provide the data to clients in an excel format if requested during the first 30 days from the termination of the contract free of charge.; ; At the end of the 30 days the data will be archived for a 12 month period; if the data is requested during that period there will be a charge for data recovery.; ; At the end of the 12 months the client data will be deleted.
• End-of-contract process: When the contract ends we will provide the data to clients in an excel format if requested during the first 30 days from the termination of the contract free of charge.; ; At the end of the 30 days the data will be archived for a 12 month period; if the data is requested during that period there will be a charge for data recovery.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Desktop web interface has been optimised for mobile use
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: At the moment our approach to using the API has been on a client specific basis and as such we have not placed any limitations on what a client can do.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users can customise the visualisation of the energy data.; ; All reporting functions can be customised so that each user see the reports pertinent to them.

Scaling

• Independence of resources: Axiom monitors resource usage across its infrastructure to manage capacity and to provide alerts on servers which will be investigated by SRE. When assessing the use or development of new systems, capacity management is considered at the design stage and is incorporated in the build specification.; ; Our platform is hosted in AWS. Utilising multiple auto-scaling web servers behind a load balancer. The web servers connect to AWS Aurora database with Multiple Availability Zone replica sets to maintain high availability and resiliency. We also utilise AWS S3 for file hosting

Analytics

• Service usage metrics: Yes
• Metrics types: End user usage stats are provided in real time and can include the following;; Time spent on portal; areas visited; export logs; query logs
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Bill Identity PLC

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can export their data by selecting the data files they want and clicking export. Small files will download straight from the app. Large files will be emailed directly to the requesting customer in their chosen format.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats: PDF
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • PDF
  • EDI

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Our service is hosted on AWS, and as such, guaranteed uptime is 99.99%.; ; Where we do not meet that availability we will offer clients a 25% credit on the daily charge
• Approach to resilience: This information is available upon request.
• Outage reporting: Email alerts and through API

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Access rights to the network are controlled by role using group policy in order to prevent unauthorised access to information held in application systems. Systems and applications which are used by Axiom are documented to show which systems are required by each user and their required level of access. User accounts are administered by our IT team and are set up using a least-privileged account for day-to-day operations.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 24/04/2020
• What the ISO/IEC 27001 doesn’t cover: Covers everything
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: ISO22301 Security and Resilience

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: FURTHER INPUT NEEDED

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Technical reviews of business-critical applications take place when there are large-scale changes to related operating platforms. We determine business-critical as any system/application enabling us to deliver services to customers. These systems may have dependencies also categorised as business-critical. ; ; Operating platform updates occur monthly with development and testing systems being updated prior to production systems to ensure there is no adverse impact on operations or security. Prior to conducting operating platform changes, systems are taken offline before customer-critical servers are updated. Once done, the required systems are brought back online. If there were issues these would be found at this point.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We have measures to detect/prevent malware being introduced into our systems, using endpoint-security-protection and system-monitoring tools to create alerts which are promptly investigated. ; ; The schedule/scope of these scans are detailed/maintained by our IT department. Full antivirus/malware scans are run weekly on all devices. All downloaded files/software will be scanned by endpoint-security-protection software. ; ; The email system scans incoming email for malware and quarantines if necessary. ; ; Axiom has business-continuity plans to follow to contain a virus outbreak. Security patches are applied within 14-days of updates release. Microsoft updates are handled via Windows update. Third-Party Updates are handled via dedicated patch management software.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Axiom has several methods to ensure it obtains and reacts to technical vulnerabilities:; ; Subscription to a Cloud-based Vulnerability Management Platform;; ; Antivirus Solution is pushed out - weekly scheduled scans take place;; ; Windows updates are pushed out to information assets;; ; Monitoring of assets to ensure latest version updates and patches installed;; ; Notifications from Special Interest Groups;; ; Annual Penetration Testing;; ; Monitoring of media - television/radio/internet/social media.; ; Incidents are raised, triaged and remediated as soon as we are aware. We have a dedicated incident-response team responsible for investigating and managing the incident through to resolution, including communicating with the company, customers and stakeholders.
• Incident management type: Undisclosed
• Incident management approach: We have an internal process for raising and managing incidents. Users would report incidents by raising a ticket in the customer case management system. For every incident we conduct a root cause analysis and if this warrants that a report be provided to the customer it will be after resolution, corrective action and closure of the incident, however most customer issues are resolved whilst in dialogue via the case management system.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Axioms cloud service provides collation of all your organisations utility consumption and associated carbon emissions data providing concise tracking of cost, consumption and carbon. Our cloud software provides notification of periods of over consumption, waste and enables progress to be tracked in reducing consumption and emissions against your targets. Our service also checks the validity of all your invoices and their associated charges, ensuring that your organisation pays only what it should and ensuring that your budget can be optimised for use in investing in energy management initiatives, replacing inefficient products or simply spending time making sure people turn things off.
• Covid-19 recovery:

  Covid-19 recovery

  Axioms cloud service provides access to end users via their web browser, tablet or smartphone, supporting working from home and flexible working. The portal also enables analysis of energy consumption during lock down and provides users the ability to identify excess consumption during unoccupied periods, enabling users to rectify building controls and timers for the future.

Pricing

• Price: £1.95 to £9.95 a unit
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jonathan@axiomutilities.com. Tell them what format you need. It will help if you say what assistive technology you use.