Kausal Ltd

Kausal Watch

Kausal Watch is a SaaS platform for managing and monitoring the implementation of action plans (climate action plans, biodiversity, mobility plans, etc). It enables real-time communication of progress to stakeholders, ensures accountability, and facilitates data-driven decision-making. It enables the collaborative workflows for data management and reporting in the administration.

Features

• Climate Action Plan Management: Platform for managing, monitoring, sustainability plans
• Action management: monitor, update, and track progress of climate actions
• KPI monitoring: Track, analyze, and manage key performance indicators
• Dashboards: Overview of actions progress, key performance indicators, and trends
• Organisational management: Assign actions and indicators to departments and individuals
• Data and Process Governance: Manage data integrity, processes, and workflows
• Notifications: Inform and request stakeholders about updates, deadlines, and events
• Public site: Communicate to the public about climate action progress
• Customizable reporting: Tailor reports to specific requirements, frameworks and needs
• Integration tools: APIs for integration with other tools and platforms

Benefits

• Streamline sustainability planning, tracking, and reporting with a centralized management.
• Achieve effective sustainability results through cross-departmental coordination and collaboration.
• Gain clear visibility into sustainability progress, performance, and metrics.
• Make informed decisions using real-time sustainability data and insights.
• Ensure accountability by assigning sustainability actions to staff and departments.
• Engage stakeholders effectively by communicating sustainability progress and actions.
• Save time and resources by automating sustainability processes and workflows.
• Enhance collaboration through a single, unified sustainability management platform.
• Maximize impact by strategically allocating sustainability resources and efforts.
• Maintain compliance with sustainability regulations, standards, and reporting requirements.

£700 a licence a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at joonas.pekkanen@kausal.tech. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

622762436398328

Contact

Joonas Pekkanen
+358505846800
joonas.pekkanen@kausal.tech

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements: Versions of browsers released within the previous two years supported

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Critical technical support tickets are answered without delay, within max 4 hours, during service hours (9am to 5pm weekdays) and within 8 hours on week-end and public holidays. Non-critical questions are responded to latest on the following weekday.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: We offer all support levels in-house and included in the price. In addition the account manager we can provide a separate technical account manager without extra cost if required.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Kausal provides an enhanced customer onboarding program, featuring customized online training sessions for Service Administrators and Service Staff users. Tailored to their respective roles, these sessions ensure users understand their responsibilities within the service. Additionally, Kausal offers ongoing customer support and access to digital support materials such product guides.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • Other
• Other documentation formats: Walkthrough videos
• End-of-contract data extraction: JSON, CSV and PDF exports are provided at the end of the contract
• End-of-contract process: The data export is provided without extra cost upon request from the Buyer.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: No significant difference. The user interface does handle a lot of data and content so browsing the dashboards on mobile does involve much more scrolling than on the desktop.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: There is an administrative user interface where admin users of the customer log in and update their data through their web browser.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Users can navigate the user interface with different device types and using just the keyboard. Admin users can perform the main editing functions using only keyboard navigation and screen reader. Content in the public user interface is following the best practices in content hierarchy and tabular data is provided as an alternative for data visualisations.
• API: Yes
• What users can and can't do using the API: For read operations: a GraphQL API with interactive documentation is provided.; ; For write operations: a REST API is provided, which requires per-case manual setup for authentication+authorization.; The API has an OpenAPI specification and further documentation. Usually this API is used for data integrations and it is customary; to have a separate integration project to make sure the API is used optimally.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The public site can be customized to align with the customer's institutional identity, incorporating elements such as the logo, colors, and overall design aesthetic to convey its identity and values to the public. Additionally, other elements can also be personalized such as report templates, and data fields to meet specific customer requirements, providing flexibility and adaptability. This customizations are provided by Kausal personnel during the service set-up and included in the Onbaording and Set-up costs as defined in the Pricing Document.

Scaling

• Independence of resources: We use a hybrid scaling approach so that customers are distributed across several datacenters and computing instances, but also the performance characteristics of individual computing instances can be scaled if required. Our service demand is very predictable, and we can plan any scaling requirements when onboarding new customers. Also a robust caching mechanism as well as performance testing is in place.

Analytics

• Service usage metrics: Yes
• Metrics types: Matomo Analytics for web visitor analytics is provided but also incorporating Buyer's own analytics is possible at an extra cost.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: Less than once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Other
• Other data at rest protection approach: The physical access control processes are provided by our cloud server infrastructure provider. Additionally, all company computers have encryption-at-rest set up.
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: There is an spreadsheet export of user data, and also a reporting feature which can produce spreadsheet files.
• Data export formats:
  • CSV
  • Other
• Other data export formats: Excel
• Data import formats: Other
• Other data import formats: Copy-paste ranges of data from CSV or other spreadsheets

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We provide 99,9% SLA during service hours. The Buyer is refunded for extended un-expected downtime as described in more detail in the Suppliers Terms and Conditions.
• Approach to resilience: Our infrastructure is geographically distributed to multiple datacenters. The provisioning of services to the datacenters is fully automatic and reproducible, based on reproducible infrastructure-as-code. All of the data in any datacenter is automatically backed up to another datacenter and its restoration is periodically and automatically tested. Therefore, even a catastrophic, datacenter-wide incident can be handled by provisioning the service infrastrcture and deploying the services in another datacenter if needed. Of course the basic resilience mechanisms of our 3rd party server infrastructure provider apply on top of this service-specific setup (ie. datacenter resilience and recovery).
• Outage reporting: Email alerts to a mailing list where customers can add their relevant addresses

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Other
• Other user authentication: A user with an email address is pre-created by customer admin user in our service. Next, the user logs in with identity federation (most often Microsoft Entra) and the logged-in user with the same email address is associated with the user in the service.
• Access restrictions in management interfaces and support channels: User rights for authorization is managed within the service, restricting access to only required parts of service. IP fencing can be done without extra cost if required.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Other
• Description of management access authentication: 2-factor authentication is required as part of the identity federation authentication. Management access permissions are configured in the service.

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Kausal is using risk-based approach. Risks are systematically assessed and managed, with most emphasis on the highest risks. In addition, the data centers have ISO 27001 certification.
• Information security policies and processes: Kausal is using STRIDE method for information risk identification and mitigation. Identified risks are raised in the regular technology team meetings and solutions are sought in collaboration to ensure that the security culture remains strong. In addition, information security policies are reviewed annually.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Both our application-level and infrastructure-level code and configuration is managed in a version-control system, with a review process for changes, and all changes being easily reversible and stored for audit purposes.; ; For application code, we use github automated security review https://github.com/features/security to support manual review.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Both our application-level and infrastructure-level code and configuration is managed in a version-control system, with a review process for changes, and all changes being easily reversible and stored for audit purposes.; ; For application code, we use github automated security review https://github.com/features/security to support manual review.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We use CrowdSec as an IDS and monitor the logs, along with our error logs, system logs, server metrics, automated end-to-end monitoring, and basic availability monitoring. Staff assigned to on-duty gets automated alerts from these systems.; ; An initial analysis of the anomaly by on-duty staff, based on cross-checking available logs is followed by a detailed analysis along with potential immediate mitigating steps for real threats. Afterwards, the root cause of the incident is analyzed and fixed.; ; Incident response is according to severity in accordance with our incident management processes. Reports are sent to affected parties.
• Incident management type: Supplier-defined controls
• Incident management approach: We follow incident reports from our users to our support email address, along with technical security vulnerabilities reported in accordance with our open source projects' reporting policy, as well as all the monitoring inputs mentioned in "protective monitoring processes".; ; We have an internal knowledge base containing predefined process for commonly recurring events.; We provide incident reports to all affected parties, including customers, after detailed analysis of the incident, when we have started to work on the incident and after the work is completed. These are provided by email to customers.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  The Kausal SaaS offering is specifically used for fighting climate change. It helps local and regional governments reduce their carbon footprint by optimizing resource allocation and minimizing waste through data-driven insights and predictive analytics.

  Equal opportunity

  The Kausal Platform is designed for collaborative approach, where user access can be given to onyone who is a relevant contributor even outside the organisation of the customer.

  Wellbeing

  Kausal has adopted methods to measure staff physical and mental health and wellbeing engagement over time and adapt to any changes in the results.

Pricing

• Price: £700 a licence a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at joonas.pekkanen@kausal.tech. Tell them what format you need. It will help if you say what assistive technology you use.