VESPER SOFTWARE LTD

BuildComp

BuildComp offers a cloud-based compliance management solution, ensuring 24/7 accessibility and scalability. With modular flexibility, it integrates seamlessly with existing systems, automates document processing, and provides real-time reporting. From comprehensive risk management to mobile accessibility, BuildComp streamlines compliance for diverse regulatory environments.

Features

• Real-time Compliance Dashboards
• Document Processing Automation
• Comprehensive Integration
• Mobile Working Support
• Automated Action Management
• API Integration
• Advanced Search Functionality

Benefits

• Real-time compliance monitoring for proactive decision-making.
• Automated document processing reduces manual effort and minimizes errors.
• Seamless integration fosters smooth data sharing among teams.
• Mobile access boosts efficiency for working from anywhere.
• Automated workflows ensure timely completion of tasks and actions.
• API integration expands functionality and enhances connectivity.
• Advanced search capabilities optimize decision-making with quick data retrieval.

£1 a user a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at kirim@vesper.limited. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

616358936654093

Contact

Ahmet Kirimgeray Kirimli
+44 7534 567864
kirim@vesper.limited

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: Constant maintenance and system updates are provided regularly. During those times system users will be notified in advance and maintenance hours will be selected from using non-peak hours.
• System requirements: Internet connection

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 24 to 48 hours or less depending on ticket status.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: No
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Recruitment of Assistive Technology Users; Accessibility Evaluation; Functional Testing; Compatibility Testing; Usability Testing; Feedback Collection; Iterative Improvement; Regression Testing
• Onsite support: Yes, at extra cost
• Support levels: We offer email support and knowledge base for support purposes.; Depending on the customer we also offer everything in develop plan and also provide a dedicated support specialist.; We don't charge anything extra for our support services they are part of our cost structure. ; For large organizations and valued customers we also provide an account manager. This is a custom priced service and pricing depends on the our customer's needs and the size of their organization.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We deliver holistic online onboarding solutions and customized documentation to optimize your onboarding process.; ; Our platform offers user-friendly documentation and seamless procedures for a hassle-free transition for new team members. From digital forms to interactive training modules, we cater to every aspect.; ; Our dedicated account and success managers actively provide online training sessions and support partners throughout the entire onboarding journey.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: With our platform, users have the flexibility to extract their data in various formats, such as Excel, once their contract ends, provided they are on the appropriate plan that allows data extraction. Alternatively, if users are not on such a plan, they can still access their data through our portal but won't have the option to extract it.; ; Furthermore, users have the choice to either have their data deleted immediately upon contract termination or retained for future use upon their return, based on their preference. Rest assured, any personal data will be promptly deleted if the user chooses this option, ensuring compliance with privacy regulations and maintaining data security.
• End-of-contract process: At the conclusion of the contract, there will be no additional costs incurred beyond the fees that have already been agreed upon. This means that users can expect transparency and clarity regarding their financial obligations, with no unexpected charges upon termination.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: There aren't any outstanding differences; our system works perfectly fine on both mobile and desktop devices
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Our interface prioritizes ease of use, sporting a sleek, contemporary layout with minimalistic charm to minimize visual noise. A streamlined navigation bar facilitates swift access to key sections such as Home, Profile, Settings, and Help, each accompanied by recognizable icons and descriptive labels. The primary content section is structured with clear visual hierarchy employing cards, grids, or lists. Interactive features are intuitively designed for seamless interaction, featuring generous spacing and unmistakable cues. Ensuring inclusivity, we adhere to accessibility standards, enabling keyboard navigation and utilizing semantic HTML. Through ongoing enhancements, we maintain a responsive interface catering to diverse user needs.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: User Recruitment: We actively reached out to individuals using assistive technologies like screen readers, magnifiers, and voice recognition software. We ensured diversity by including participants with various disabilities and assistive tech setups.; Accessibility Evaluation: We rigorously assessed the service interface against standards such as WCAG. We checked for keyboard accessibility, semantic HTML, color contrast, and screen reader compatibility.; Functional Testing: We thoroughly tested core functionalities using assistive technologies, ensuring accessibility and intuitive usage, including navigation, form filling, and interacting with dynamic elements.; Compatibility Testing: We verified interface functionality across different assistive tech setups, browsers, and OSs commonly used by individuals with disabilities.; Usability Testing: We conducted sessions with assistive tech users to gather feedback on their experience. We observed ease of task completion, navigation, and content understanding.; Feedback Collection: We actively encouraged users to provide insights on accessibility barriers, usability issues, and suggestions for improvements.; Iterative Improvement: We continuously used collected feedback to enhance accessibility and usability.; Documentation and Training: We documented findings and integrated them into design guidelines and training materials, ensuring accessibility considerations were ingrained in the development process.
• API: No
• Customisation available: Yes
• Description of customisation: Users can customize our service to tailor it to their specific preferences and needs. Here’s how:; What can be customized: Users can personalize various aspects of their experience, including:; Dashboard layout and widgets; Theme or color scheme; Notification preferences; Language settings; Privacy and security settings; How users can customize: Customization options are easily accessible within the user settings or preferences section of the service. Users can navigate to these settings and make adjustments using intuitive controls and menus. For example, they can drag and drop fields on the dashboard to rearrange them, select their preferred theme , or toggle notification settings on or off.; Who can customize: Any registered user under applicable plan of our service can customize their experience according to their preferences. Whether they’re accessing the service on a desktop computer, tablet, or mobile device, customization options are available to all users to enhance their usability and personalization.

Scaling

• Independence of resources: To ensure users aren't impacted by demand fluctuations, we maintain a scalable infrastructure with load balancing and resource allocation. Real-time performance monitoring and proactive optimization mitigate bottlenecks. Capacity planning anticipates growth, while failover and redundancy ensure uninterrupted service. Isolating resources prevents individual users from affecting others. Transparent communication keeps users informed of system status and potential impacts. These strategies, combined, guarantee a consistent and reliable user experience, irrespective of demand variations.

Analytics

• Service usage metrics: Yes
• Metrics types: Response Time; Resolution Time; First Contact Resolution (FCR) Rate:; Average Handling Time; Service Uptime and Reliability; Average Use Time

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Users navigate to the related section within the system.; Upon selecting the export data option, users are presented with data export options.; Users can choose the specific data they want to export, such as performance reviews, goals, metrics, etc.; Users are provided with multiple export format options, such as XLSX, CSV, PDF, and file formats.; They select the desired format.; After specifying the data to export and the desired format, users initiate the export process.; The system then generates the requested data in the chosen format.; Once the process is complete, users can then access the exported data.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • XLSX
  • PDF
• Data import formats:
  • CSV
  • ODF
  • Other

Data-in-transit protection

• Data protection between buyer and supplier networks: Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network: Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: We guarantee a high level of availability for our service, striving for uptime that exceeds industry standards. Our service level agreements (SLAs) typically outline a minimum guaranteed level of availability, often expressed as a percentage of uptime over a specified period, such as monthly or annually.; ; Along with the support of our partner, we guarantee 99% uptime, meaning our service should be available and operational 99% of the time within a given month. If we fail to meet this guaranteed level of availability, users may be eligible for refunds or service credits.
• Approach to resilience: The service we use prioritizes resilience, featuring redundant infrastructure and failover mechanisms to uphold high availability. Within the datacenters we utilize -along with the support from our partners- we deploy redundant power supplies, network connections, and hardware components to mitigate single points of failure. Automated backup and disaster recovery processes further safeguard data integrity, ensuring uninterrupted service continuity. Routine testing and audits to validate the effectiveness of our resilience measures frequently take place, continuously refining resilience approachs to meet evolving demands.
• Outage reporting: Our service is committed to keeping users informed about any outages promptly and effectively. We achieve this through email alerts, ensuring that users receive timely notifications regarding the status of our service. These email alerts provide comprehensive details about the nature of the outage, including expected resolution times and any relevant updates. By prioritizing transparent communication via email alerts, we empower users to stay informed and take necessary actions in response to disruptions in service availability. This proactive approach to reporting outages underscores our dedication to providing a reliable and transparent service experience for our users.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Access to management interfaces and support channels is restricted using role-based access control (RBAC), which limits access to authorized personnel based on their roles. Privileged access management (PAM) controls and monitors access to critical systems. Access logging and monitoring track user activities, and regular access reviews ensure permissions align with security policies. These measures collectively safeguard sensitive data and maintain the security of our systems.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials +
• Information security policies and processes: Our information security policies and processes are designed to safeguard sensitive data and mitigate risks effectively. We adhere to industry best practices and standards, such as Cyber Essentials +, to establish a robust framework for information security management. Our policies cover areas such as data confidentiality, integrity, and availability, as well as access control, incident response, and compliance.; ; We enforce these policies through a comprehensive reporting structure that includes designated security officers and a dedicated security team. Regular security audits, vulnerability assessments, and penetration testing are conducted to identify and address potential security vulnerabilities proactively.; ; To ensure compliance with our security policies, we employ a combination of technical controls, such as access controls and encryption, as well as ongoing training and awareness programs for employees. Regular monitoring and auditing of system logs and user activities help detect and mitigate any deviations from established policies. Additionally, incident response procedures are in place to address security incidents promptly and effectively, with post-incident reviews conducted to identify areas for improvement and reinforce adherence to policies.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our configuration and change management processes entail meticulous tracking of service components via a centralized database. Proposed changes undergo rigorous assessment for potential security impacts, employing a risk-based approach. Risks are analyzed, and mitigation measures are implemented to address vulnerabilities. Thorough testing and validation precede production implementation. Clear documentation and communication channels ensure stakeholders are informed. Continuous monitoring post-implementation detects any security issues, enabling prompt remediation. This approach ensures the integrity and security of our services while facilitating agile adaptation to evolving business requirements.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our vulnerability management process involves continuous assessment of potential threats to our services. We employ automated scanning tools and manual analysis to identify vulnerabilities. Upon detection, patches are swiftly deployed following a risk-based prioritization strategy. We source threat intelligence from reputable sources such as security advisories, industry reports, and security forums, enabling proactive mitigation of emerging threats. This proactive approach ensures timely identification and remediation of vulnerabilities, enhancing the security posture of our services.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our protective monitoring processes swiftly identify potential compromises through real-time monitoring of system logs, network traffic, and anomalous behavior patterns. Upon detection of a potential compromise, our incident response team initiates immediate investigation and containment measures to mitigate the impact. Response times are prioritized based on the severity of the incident, with critical incidents addressed within minutes. Our proactive approach ensures rapid detection and response to security threats, minimizing the risk of data breaches or service disruptions. Continuous monitoring and analysis further enhance our ability to safeguard against evolving threats.
• Incident management type: Supplier-defined controls
• Incident management approach: Our incident management processes are structured to ensure swift and effective resolution of all types of incidents. Pre-defined processes for common events streamline response efforts, enabling quick containment and resolution. Users report incidents through multiple channels, including email, a dedicated support portal, or phone. Upon receipt of an incident report, our incident response team initiates immediate investigation and response actions. Incident reports are provided to users through email notifications or accessible through our support portal, detailing the incident's nature, impact, and resolution steps taken. Regular updates are communicated until full resolution, ensuring transparency and accountability throughout the incident lifecycle.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our cloud-based service significantly contributes to the fight against climate change by reducing the environmental impact associated with traditional on-premises software solutions. By leveraging cloud infrastructure, we eliminate the need for physical servers and data centers, which consume vast amounts of energy and contribute to carbon emissions.; ; Furthermore, our platform promotes sustainability by enabling organizations to operate more efficiently. Through automation and optimization of compliance management processes, we help minimize resource consumption and waste generation, leading to a lower overall environmental footprint.; ; Additionally, by facilitating remote work and collaboration, our platform reduces the need for travel and commuting, further decreasing carbon emissions associated with transportation. This is especially pertinent in the context of climate change mitigation, as remote work has emerged as a key strategy to reduce greenhouse gas emissions and combat climate change.; ; In summary, our service offers a sustainable alternative to traditional software solutions, contributing to the fight against climate change by reducing energy consumption, minimizing waste generation, and promoting remote work practices that mitigate carbon emissions.

  Covid-19 recovery

  Our cloud-based compliance management platform plays a crucial role in supporting Covid-19 recovery efforts for organizations. By providing remote accessibility and digital infrastructure, our platform enables seamless continuity of compliance management operations even amidst lockdowns or remote work setups mandated by pandemic-related restrictions.; ; With our platform, organizations can ensure the safety and compliance of their premises and operations. This capability is essential for maintaining regulatory compliance and safety standards during times when on-site visits may be restricted or limited.; ; Additionally, our platform facilitates remote collaboration and communication among compliance teams, contractors, and stakeholders. This ensures that compliance tasks and actions can be managed efficiently and effectively, regardless of physical location or remote working arrangements.; ; Furthermore, our platform's automation capabilities streamline compliance processes, allowing organizations to adapt and respond quickly to changing regulatory requirements or guidelines related to Covid-19. This agility is crucial for businesses seeking to navigate the evolving compliance landscape in the wake of the pandemic.; ; In summary, our compliance management platform supports Covid-19 recovery efforts by enabling remote compliance operations, facilitating collaboration, and providing agility in adapting to changing regulatory requirements, all of which are essential for organizations striving to recover and thrive in the post-pandemic landscape.

  Tackling economic inequality

  Our compliance management platform contributes to tackling economic inequality by providing affordable access to advanced compliance management tools for organizations of all sizes. By offering a cost-effective solution that eliminates the need for expensive infrastructure and software licenses, we empower small and medium-sized enterprises (SMEs) and organizations with limited resources to meet regulatory requirements and compete on an equal footing with larger counterparts.; ; Additionally, our platform's user-friendly interface and intuitive design ensure that compliance management tasks can be easily managed by personnel with varying levels of technical expertise. This levels the playing field and reduces barriers to entry for organizations with limited IT resources or specialized compliance knowledge.; ; Furthermore, our platform's automation capabilities streamline compliance processes, reducing the need for manual intervention and specialized training. This not only increases efficiency but also enables organizations to allocate resources more effectively, thereby maximizing productivity and competitiveness.; ; In summary, our compliance management platform contributes to tackling economic inequality by providing affordable access to advanced compliance tools, leveling the playing field for organizations of all sizes, and empowering them to compete and thrive in the marketplace.

  Equal opportunity

  Our compliance management platform promotes equal opportunity by ensuring accessibility and inclusivity for all users, regardless of their abilities or backgrounds. Through adherence to accessibility standards and user-centered design principles, we ensure that our platform can be easily navigated and used by individuals with diverse needs and disabilities.; ; Additionally, our platform's intuitive interface and comprehensive documentation make it accessible to users with varying levels of technical expertise, eliminating barriers to entry and ensuring equal opportunity for participation and engagement.; ; Furthermore, our commitment to equal opportunity extends beyond accessibility to encompass diversity and inclusion in our workforce and partnerships. By fostering a culture of diversity and inclusion within our organization and collaborating with diverse stakeholders, we strive to create an environment where everyone feels valued, respected, and empowered to contribute their unique perspectives and talents.; ; In summary, our compliance management platform promotes equal opportunity by prioritizing accessibility, inclusivity, and diversity in both its design and implementation. By ensuring that our platform is accessible to all users and fostering a culture of diversity and inclusion, we create opportunities for everyone to participate and succeed.

  Wellbeing

  Our compliance management platform contributes to wellbeing by streamlining processes and reducing administrative burdens, thereby promoting a healthier work environment for employees. Through automation and optimization of compliance management tasks, our platform minimizes repetitive and time-consuming activities, allowing employees to focus on more meaningful and fulfilling aspects of their work.; ; Additionally, our platform's user-friendly interface and intuitive design enhance user experience, reducing frustration and stress associated with complex software systems. By providing clear navigation and easily accessible information, our platform empowers users to accomplish tasks efficiently and effectively, enhancing job satisfaction and overall wellbeing.; ; Furthermore, by facilitating remote work and collaboration, our platform supports flexible working arrangements that promote work-life balance and reduce commuting-related stress. This flexibility allows employees to manage their time more effectively, leading to improved mental health and wellbeing.; ; In summary, our compliance management platform promotes wellbeing by reducing administrative burdens, enhancing user experience, and supporting flexible working arrangements that contribute to a healthier and more balanced work environment. By prioritizing employee wellbeing, we help organizations create a culture of wellness and resilience that benefits both individuals and the organization as a whole.

Pricing

• Price: £1 a user a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at kirim@vesper.limited. Tell them what format you need. It will help if you say what assistive technology you use.